Skip to content

Commit

Permalink
Merge pull request #28 from trevor-polidore/update-workspaces-security
Browse files Browse the repository at this point in the history 
Update Workspaces and Launchpad security for GKD
  • Loading branch information
@vicenter-gitkraken
vicenter-gitkraken authored Feb 21, 2025
2 parents af43124 + ff56349 commit dfeec86
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions gitkraken-desktop/GKC-Security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@ Below is a chart outlining some basic security information regarding the type of

| Service | What information are we collecting | How is this information secured in the transfer| Where is this information stored | How is this information secured in storage |
| --- | --- | --- | --- | --- |
| Workspaces/Insights | Repo meta-data issues/PR’s | Encrypted with TLS | MongoDB Atlas | Encrypted at rest (AES-256) |
| Workspaces/Insights | Repository info: URL, org name, repo name, and issue count.<br>Pull request info: URL, author, title, description, comment count, and PR state. | Encrypted with TLS | MongoDB Atlas | Encrypted at rest (AES-256) |
| Teams & Users | Repo-relative file paths, number of lines changed, name of branch currently checked out, first commit SHA of the repository | Encrypted with TLS | MongoDB Atlas | Encrypted at rest (AES-256) |
| Subscriptions | Billing info: lastFour, name, type (credit card, paypal, ach...), zip, country, creditCard type (mastercard, visa...) | Encrypted with TLS | MongoDB Atlas | Encrypted at rest (AES-256) |
| Launchpad | Storing meta-data for issues/pull-requests/URLs | Encrypted with TLS | Postgres (RDS) | Encrypted at rest (AES-256) |
| Subscriptions | Billing info: name, payment type (credit card, paypal, ACH, etc.), last four digits of payment method, zip code, country, credit card type (mastercard, visa, etc.) | Encrypted with TLS | MongoDB Atlas | Encrypted at rest (AES-256) |
| Launchpad | URLs of issues and pull requests, issue tracker and Git provider filters for saved views | Encrypted with TLS | Postgres (RDS) | Encrypted at rest (AES-256) |
| Cloud Patches | Info related to the patch (repo name/URL/provider/base branch name/etc.) + the patch content itself. | Encrypted with TLS | Patch info is stored in a Postgres database, patch content is stored in AWS S3. | SSE-S3, which uses 256-bit Advanced Encryption Standard (AES-256) |
| Proactive Conflict Detection | Repo-relative file paths, name and commit SHA of relevant branches, names of files changed, line numbers with changes, and first commit SHA of the repository | Encrypted with TLS | Redis (max TTL of 108 hours) | Encrypted at rest (AES-256)

0 comments on commit dfeec86

Please sign in to comment.