Skip to content

Security: Mirukali/miruka-oidc

Security

.github/SECURITY.md

Security Policy

Reporting Security Vulnerabilities

Thank you for helping us keep Mirukali secure. We take security seriously and appreciate your efforts in responsibly disclosing any vulnerabilities you may find.

Since the main repository for Mirukali is private, the primary channel for reporting security vulnerabilities is directly through our development team.

How to Report:

Please do not publicly disclose security vulnerabilities. Instead, contact our development team directly via one of the following methods:

  • Direct Message to Project Administrators on Discord: If you are a member of our Mirukali Discord server, please send a direct message to one of the project administrators or designated security team members. You can usually identify administrators by their roles within the server.
  • Email: If you are not on our Discord server or prefer email, please send a detailed report to the following email address: [admin@alikuxac.xyz]

What Information to Include in Your Report:

To help us investigate and address the vulnerability effectively, please include the following information in your report:

  • Detailed Description of the Vulnerability: Explain the issue clearly and concisely.
  • Steps to Reproduce: Provide specific steps that we can follow to reproduce the vulnerability.
  • Potential Impact: Describe the potential impact of the vulnerability (e.g., data breach, unauthorized access, denial of service).
  • Affected Components: Identify the specific parts of Mirukali that are affected (if known).
  • Your Contact Information: Please provide a way for us to contact you if we need further information.
  • Any Supporting Evidence: Include any relevant screenshots, code snippets, or other information that can help us understand the vulnerability.

Our Commitment:

  • We will acknowledge receipt of your report within a reasonable timeframe.
  • We will investigate the reported vulnerability promptly and take appropriate steps to address it.
  • We will keep you informed of the progress of our investigation and remediation efforts, where appropriate.
  • We appreciate responsible disclosure and will consider public recognition for valid security reports, where appropriate and with your consent.

Important Considerations:

  • Do not publicly disclose the vulnerability before we have had a reasonable time to address it.
  • Do not attempt to exploit the vulnerability or access sensitive data.
  • Act in good faith and provide us with the necessary information to resolve the issue.

By following these guidelines, you help us maintain a secure environment for Mirukali and our community. Thank you for your cooperation.

For general support inquiries (bug reports, feature requests, technical issues), please refer to our SUPPORT.md file for the correct channels.

There aren’t any published security advisories