Mirage is in early open-source/private-alpha development. Security fixes are applied on the default branch and in the most recent tagged release when releases exist.
Do not open public GitHub issues for security vulnerabilities.
Instead, report them privately to:
YosefShammout123@gmail.com
Please include:
- a description of the vulnerability
- affected files, endpoints, or commands
- steps to reproduce
- impact assessment if known
- any suggested remediation
You should receive an acknowledgment within 5 business days. If the report is accepted, the goal is to ship a fix as quickly as practical and coordinate any public disclosure after a patch is available.