Consai is in pre-release (v0.x). Only the latest tagged release receives security updates.
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
Please don't file a public issue for security vulnerabilities.
Use GitHub Security Advisories to report privately. You'll get a private thread with the maintainer and a CVE can be coordinated through GitHub if the issue warrants it.
Include in your report:
- A clear description of the issue and its impact
- Reproduction steps (a container name, a CLI command, a UI path)
- The Consai version, macOS version, and
container/container-composeversions involved - Whether the issue is exploitable remotely, locally, or only with
specific access (e.g.
containerservice access)
- Acknowledgement within 72 hours
- Triage and severity assessment within 7 days
- Fix or mitigation timeline depends on severity:
- Critical (RCE, container escape, privilege escalation): as fast as possible, usually within days
- High (data loss, broad denial of service): within 2 weeks
- Medium/Low: bundled into the next release
Consai runs as an LSUIElement agent (no Dock icon), talks to:
- The local
containersystem service over XPC (Apple's official Swift SDK, pinned to match the daemon — see R1) container-composeoverProcessspawn, if installedProcessfor log streaming and shell entry (R6 mitigates leaks)
Out of scope: the container daemon itself, container-compose, and
the host OS. Report those upstream.
- Always match the SDK pin in
Package.swiftto your installed daemon version. A skew causes XPC wire-decoding errors at runtime — and may silently mask or corrupt responses. See R1. - Empty entitlements (
App/Consai.entitlements) are intentional. Consai is distributed outside the Mac App Store (R9) so it can reach XPC and spawn processes. - Don't run Consai from a Downloads-folder copy you didn't build
yourself.
swift run bundlesigns ad-hoc by default; for a notarized release useswift run signwith your Developer ID.