NativeLogi is an early public project and has not reached a stable 1.0 release. Security fixes are provided for the current public branch.
Please do not open a public issue for suspected vulnerabilities. Send a private report to the repository owner through GitHub until a dedicated security contact is published.
Useful reports include:
- A short description of the issue and impact.
- Steps to reproduce or proof-of-concept details.
- The NativeLogi commit, macOS version, device model, and connection type.
- Relevant logs with private data removed.
Security-sensitive areas include the event hook, IPC, update flow, packaging, configuration handling, and HID++ device communication.