Security Contact: If you believe you have found a security vulnerability in the Bureau of Minor Sufferings, please report it immediately.
Policy Scope
The Bureau is a stateless application. We do not maintain user accounts, databases, or long-term session data. However, the integrity of our API endpoints, Turnstile integration, and Gumroad payment flows are of critical importance.
Vulnerability Reporting
We welcome reports from security researchers. Please provide detailed reproduction steps. Issues that demonstrate a tangible impact on the security of the application or the payment flow will be addressed promptly.
Security.txt Specification
The Bureau publishes a machine-readable security policy in accordance with RFC 9116.
Contact: mailto:security@bureauofminorsufferings.com
Expires: 2027-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://bureauofminorsufferings.com/.well-known/security.txt