Audited claim of not sending actual data to elsewhere #337
Replies: 1 comment 1 reply
-
|
Hi @vietnguyengit, Thank you for the suggestions. We will be enabling a vulnerability check for GitHub scanning shortly. In the meantime, all of our source code is open source, so it is fully transparent to the community. @wwwy3y3 will follow up with the vulnerability check enablement. In regards to third-party auditing, we plan to go through a SOC2 report this year and will follow up with related information with the community soon! |
Beta Was this translation helpful? Give feedback.
-
|
Hi @vietnguyengit we have enabled all the items on GitHub security, including code scanning & dependabot alerts. We'll keep an eye on the alerts.
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi, first of all, thank you for creating this project and make it open-source;
I read through this page:
https://docs.getwren.ai/concept/security
There is this claim:
To many it's gonna be like a random guy on Reddit saying
trust me bro; this againsttrust no oneprinciple.And I know some gonna says, it's open-source, you can inspect the code. True, but not true at the same time; it takes time and effort to look into every corners of the existing code, and being open-source doesn't automatically mean the app is safe. Remember the Dirty COW
My suggestions for you when dealing database connection nature are:
Beta Was this translation helpful? Give feedback.
All reactions