← Back to context

Comment by nathanstitt

6 days ago

It's pretty simple: I have a small company and we're using it internally. my hope by releasing it is that the ecosystem will grow and it'll become the best way to publish web apps (ambitious I know).

I do not know what you expect by "hardened server implementations", it's open-source and people will probably host it a lot of different ways? If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries which I hope are secure but I have not performed a security audit or anything like that.

Thanks, I think you should put that up if it isn't, or at least link from About page if it is.

"If you're talking about the various services it offers like imap/webdav, I'm using well established golang libraries"

That's exactly what I'd hope to see said somewhere as a naive person. Maybe security people would say "that's only 50% of the attack surface!!!" but I'm not one so it sounds good to me.