Comment by nathanstitt
6 days ago
It's pretty simple: I have a small company and we're using it internally. my hope by releasing it is that the ecosystem will grow and it'll become the best way to publish web apps (ambitious I know).
I do not know what you expect by "hardened server implementations", it's open-source and people will probably host it a lot of different ways? If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries which I hope are secure but I have not performed a security audit or anything like that.
Thanks, I think you should put that up if it isn't, or at least link from About page if it is.
"If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries"
That's exactly what I'd hope to see said somewhere as a naive person. Maybe security people would say "that's only 50% of the attack surface!!!" but I'm not one so it sounds good to me.
Great feedback, that makes complete sense. I've just added https://tinycld.org/story which expounds on this a bit more and also links to the credits page that lists all the (many) libraries it uses.