Note about security

We take security seriously, and if the data we're managing are log sensible per-se, some users emails can be stored in the database if they create a contributor token.

We take all the necessary security measures to avoid security incidents:

• Hardened Docker images

  • Thanks to Go which is a compiled language, we create statically compiled binaries in the CI that are deployed in hardened Docker images (FROM scratch), reducing the attack surface a lot.

• Passwords with high entropy

  • The generated database password is around 350 bits of entropy, which is more than enough to resists to brute-force attacks.

• Secured network access

  • Only ports 80, 443, and the port used for SSH are publicly exposed to the Internet.

• Etc.

Despite all measures in place to secure the service and ensure that everything is working well, vulnerabilities still remain. If you found one and want to report, do not hesitate to open an issue in our GitHub repository. Thanks!