← Back to context

Comment by coryrc

6 days ago

I went looking around, but I couldn't find why you're making tinycld, and whether I could expect it to keep going as a project in the future.

I expect I could find whether you're using hardened server implementations or reimplementing, but if it's the former, you should advertise that, or if the latter, you shouldn't.

It's pretty simple: I have a small company and we're using it internally. my hope by releasing it is that the ecosystem will grow and it'll become the best way to publish web apps (ambitious I know).

I do not know what you expect by "hardened server implementations", it's open-source and people will probably host it a lot of different ways? If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries which I hope are secure but I have not performed a security audit or anything like that.

  • Thanks, I think you should put that up if it isn't, or at least link from About page if it is.

    "If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries"

    That's exactly what I'd hope to see said somewhere as a naive person. Maybe security people would say "that's only 50% of the attack surface!!!" but I'm not one so it sounds good to me.