You sure it’s secure? How are you handling security? Sometimes AI can neglect security
Comment on Meet Journiv! A Self-Hosted, Privacy-First Journaling App (Day One/Apple Journal Alternative)
rockstar1215@lemmy.world 3 days agoYes, as a software engineer, not using AI for tasks where it can significantly accelerate development would be unrealistic. Much of the boilerplate code such as database ORM models, serialization/deserialization logic, and documentation was written with AI assistance, as mentioned in the project’s README. There’s simply no way someone with a full-time job could build something like this in just two months without countless late nights. What you see now is the result of many iteration, refining the UI/UX, redesigning the database, and reworking the overall architecture, flighting with CORS configs make video player work on web in flutter etc etc… much of which isn’t visible from the outside.
Flax_vert@feddit.uk 3 days ago
rockstar1215@lemmy.world 3 days ago
Please read the documentation linked in the ReadMe and you can try out all the security features of the app by spinning it up and configuring with env.template.
If you will read the docs and the code you will read the the auth model, the code around it, the limitation, the clear documentation around token handling, the code to support CORS, trusted host middleware, CSP, HSTS, rate limiting. You can read the env.template and configure and try it out. Please show me vibe coded, ai-assisted or even non vibe coded self hosted existing apps which have these security feature in v0.1 or even later.
Like mentioned in comment and ReadMe the project is written with AI assistance not vibe coded or AI driven development. If you will read the code, look at design and db model you will find the answers you are seeking.
CTDummy@piefed.social 3 days ago
Not sure I agree with some of the assertion made there but regardless thanks for the reply. I look forward to checking it out.
rockstar1215@lemmy.world 3 days ago
Thank you.