Trust & Security
Security is a design choice here, not a bolt-on. The whole architecture minimizes what could ever go wrong with your data.
Privacy by architecture
- Local-first. There is no central database of user résumés, applications, or job history — so there is no honeypot to breach. Your data lives on your machine.
- No telemetry or tracking. The app phones nobody home; the website sets no analytics or advertising cookies.
- You own deletion. Every record is deletable in-app, or by removing the local database / config files.
Secrets handling
- API keys and credentials live only in your local
.env. - Secret fields are configured to never appear in logs or object reprs, and are masked in the UI.
- API responses never echo raw keys, and never leak exception or stack-trace detail to clients.
Supply-chain & code security
Every change runs through automated gates in CI before it can merge:
- CodeQL static analysis (SAST) — currently 0 open alerts.
- gitleaks secret scanning.
- pip-audit dependency vulnerability scanning.
- License compliance check (strong-copyleft dependencies blocked).
- OpenSSF Scorecard and the OpenSSF Best Practices badge.
- Pinned dependencies (Docker base + tools by digest) and reproducible
uv.lockbuilds. - Strict typing (
mypy --strict) and 450+ automated tests.
Responsible disclosure
Found a vulnerability? Please report it privately via our GitHub Security page or by emailing harshitwandhare45@gmail.com — see SECURITY.md. Please don’t open public issues for security reports.
Open source = auditable
You don’t have to take our word for any of this. The entire codebase is public and MIT-licensed — read it, run it, and verify the privacy claims yourself at github.com/harshitwandhare/job-sentinel. For our regulatory posture, see the Compliance page.