Code-Inc/WatchLink
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
c1ac6e41424a7adcf0bc83daa14f0d4dd1f4700f
WatchLink/docs/security-review.md
MrSphay d3e84feedd
Some checks failed
Build / build (push) Failing after 1m29s
Details
Release Dry Run / release-dry-run (push) Successful in 1m24s
Details
Template Compliance / compliance (push) Failing after 5s
Details
Initial WatchLink scaffold
2026-05-15 03:11:41 +02:00

18 lines
590 B
Markdown
Raw Blame History

# Security Review
## Scope
WatchLink handles user accounts, password hashes, friendship data, room access rules, media URLs, and realtime playback events.
## Current Controls
- Passwords are hashed with bcrypt.
- Sessions use HTTP-only signed cookies.
- Prisma models enforce uniqueness for users, friendships, and room slugs.
- `.env` files are ignored except `.env.example`.
- Container publishing expects Gitea `REGISTRY_TOKEN` as a secret.
## Release Review Notes
Fill this section during release readiness work with commands run, CI links, audit results, and any accepted risks.
Reference in New Issue View Git Blame Copy Permalink