Code-Inc/WatchLink
2
1
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
da7847e79e8094fbb410f951004fc0efc1365ec5
WatchLink/docs/security-review.md
MrSphay d3e84feedd
Some checks failed
Build / build (push) Failing after 1m29s
Details
Release Dry Run / release-dry-run (push) Successful in 1m24s
Details
Template Compliance / compliance (push) Failing after 5s
Details
Initial WatchLink scaffold
2026-05-15 03:11:41 +02:00

590 B
Raw Blame History

Security Review

Scope

WatchLink handles user accounts, password hashes, friendship data, room access rules, media URLs, and realtime playback events.

Current Controls

  • Passwords are hashed with bcrypt.
  • Sessions use HTTP-only signed cookies.
  • Prisma models enforce uniqueness for users, friendships, and room slugs.
  • .env files are ignored except .env.example.
  • Container publishing expects Gitea REGISTRY_TOKEN as a secret.

Release Review Notes

Fill this section during release readiness work with commands run, CI links, audit results, and any accepted risks.

Reference in New Issue View Git Blame Copy Permalink