Nova V1 is no longer supported following the technical overhaul introduced with V2. Only V2 releases receive security updates.
| Version | Supported |
|---|---|
| V2 (2.x.x.xxx) | ✅ |
| V2 (25.x.xxx) | ✅ |
| V1 (24.3.xx) | ❌ |
Please report security vulnerabilities through one of the following methods, listed in order of preference:
- Discord DM — @_simplykatt
- Security Form — nirmini.dev/forms/security (not yet live)
- Support Email — support@nirmini.dev (inbound only — responses will come from simplykatt@nirmini.dev or security@nirmini.dev)
- Personal Email — West701497@gmail.com
Discord and the form will generally have the shortest response queue.
When reporting, please include:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue
- Any relevant logs, screenshots, or proof of concept
- Whether you wish to remain anonymous
We follow a 90-day responsible disclosure window. Please do not publicly disclose the vulnerability before this period has passed or a fix has been deployed, whichever comes first. Full details are available at nirmini.dev/.well-known/disclosure.txt.
Due to our current budget, Nirmini offers recognition-based rewards rather than monetary compensation. Qualifying reporters may receive a role in our community server and/or development team. Anonymous reporters should not expect a reward as we have no way to contact them.