Server Security #
Homechart’s Cloud and Self-Hosted server is developed using Go. Here are some of the methods we use to help keep Homechart’s server code free of vulnerabilities:
- Argon2 Password Hashing: We hash user passwords with Argon2.
- Auth Test Suite: We use an extensive authentication and authorization test suite for every pull request and build.
- Limit Third-Party Libraries: We try and use as few third-party libraries as possible, and when we do select a third-party library, we review the codebase to ensure it’s something we are comfortable maintaining.
- Parameterized Queries: We use parameterized queries to help prevent SQL injection attacks.
- Secure Software Supply Chain: We require a clean
govulncheckfor every pull request and build.