self-hostable encrypted env cloud
Love the idea… however, I must admit that it doesn’t look very secure to me 
Have you done any kind of security testing or compliance on it, out of curiosity?
2 Likes
Good question. Security is very important for a project like this.
@r2hu1 I would also like to know more about what you’ve done to ensure variables are kept safe 
2 Likes
I had a few particular concerns. For example, why is your Gmail password passed as the “from” field for emails? Shouldn’t that be your Gmail username?
And just in general, it doesn’t really look like RBAC is implemented properly, I think it wouldn’t be very hard to exploit 
But otherwise it looks awesome!
2 Likes
hey 
, yes there’s still a lot of work pending. it’s a side project, so i usually commit whenever i get free from my main work.
1 Like
its better-auth under the hood, i have some plans and a cli in progress it will be production grade in-future