Skip to content

Security: cajdata/TapBlok

Security

SECURITY.md

Security Policy

Supported Versions

Only the latest release is supported. TapBlok runs entirely on-device with no server component, so updating to the newest APK is always the fix path.

Reporting a Vulnerability

If you find a security issue — for example a way to bypass blocking that crosses the app's stated guarantees, or a problem in the NFC/QR token handling — please email tapblokdev@gmail.com instead of opening a public issue. Include steps to reproduce and your Android version/device.

You can expect an initial reply within a week. Once a fix ships, credit is yours if you want it.

Deliberate-workaround reports (e.g., "I can uninstall the app to stop blocking") aren't vulnerabilities — TapBlok adds friction against impulse, not against a determined device owner.

There aren't any published security advisories