securedrop
securedrop copied to clipboard
GitHub repository for the SecureDrop whistleblower platform. Do not submit tips here!
## Status Ready for review ## Description of Changes Fixes #6904. Changes proposed in this pull request: - The journalist Scripting has changed to disable buttons above the source rows...
## Status Ready for review ## Description of Changes Unfortunately `podman volume` and `docker volume` are not identical, podman will (sensibly) error if you try to create a volume that...
## Description I have a securedrop 2.6 on tails 5.14 I reinstalled a new tails key on 6.3 with the same Persistence I tried to upgrade to 2.8 as follow...
## Description For the collection `C(S, t)` for a source `S` at time `t`, collection-level numbering can collide (and effectively lock) if a smaller collection `C(S, 1)` is restored from...
[OSS-fuzz](https://github.com/google/oss-fuzz) looks like a lightweight avenue for adding some fuzzing into our automated testing. We're going to focus on Redwood as a source of test cases. We will be creating...
## Description brotli is a (relatively) newer compression algorithm originally developed by Google that broadly provides better compression than gzip. ## How will this impact [SecureDrop users](https://github.com/freedomofpress/securedrop-ux/wiki/Users)? Better compression will...
## Description [Thanks @legoktm for investigation] GPG creates temporary files in `/var/lib/securedrop/keys/` of the format `/var/lib/securedrop/keys/.#xxxx.app.yyyy`. This results in false positive ossec alerts, as below. We mostly don't encounter this...
## Description V2 authenticated hidden services (AHSs) originally used a simple access token mechanism - in SecureDrop, the access token was shared by all users of the Journalist Interface. When...