Code-Inc/WatchLink
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
da7847e79e8094fbb410f951004fc0efc1365ec5
WatchLink/docs/security-review.md
MrSphay d3e84feedd
Some checks failed
Build / build (push) Failing after 1m29s
Details
Release Dry Run / release-dry-run (push) Successful in 1m24s
Details
Template Compliance / compliance (push) Failing after 5s
Details
Initial WatchLink scaffold
2026-05-15 03:11:41 +02:00

18 lines
590 B
Markdown
Raw Blame History

# Security Review
## Scope
WatchLink handles user accounts, password hashes, friendship data, room access rules, media URLs, and realtime playback events.
## Current Controls
- Passwords are hashed with bcrypt.
- Sessions use HTTP-only signed cookies.
- Prisma models enforce uniqueness for users, friendships, and room slugs.
- `.env` files are ignored except `.env.example`.
- Container publishing expects Gitea `REGISTRY_TOKEN` as a secret.
## Release Review Notes
Fill this section during release readiness work with commands run, CI links, audit results, and any accepted risks.
Reference in New Issue View Git Blame Copy Permalink