WingNews logo WingNews
top | item 27724884

(no title)

jwiley | 4 years ago

Another question related to Budibase, how do you harden the container and handle security issues? A Google search leads me to githubs standard security overview which is empty, Sync suggests there may be some advisories associated with the container?

https://github.com/Budibase/budibase/security https://snyk.io/advisor/npm-package/@budibase/server?utm_med...

discuss

order

mmckeaveney|4 years ago

Great question - the Snyk report there actually contains some outdated packages that are no longer used and maintained in the latest versions of Budibase.

But for the main @budibase/server, security is something that is paramount to us. As part of the delivery of our cloud platform and production deploy targets over the coming weeks, we are working with external security consultants who are providing a full security audit, pen testing and working with us on the implementation of a comprehensive security policy for our software. We will be sure to update the community and GitHub as this progresses.