Do not open public GitHub issues for security vulnerabilities. Report to:

hey@codemeapixel.dev with subject "Security Vulnerability Report"

Include description, reproduction steps, impact, and suggested fix if available.

• Keep Cloudflare credentials secure
• Use environment variables for sensitive data
• Regularly update dependencies: bun update

• Never commit secrets or API keys
• Use .env files for sensitive data (added to .gitignore)
• Check for XSS and injection vulnerabilities in PRs

Key dependencies are regularly updated:

• @tanstack/react-start
• tailwindcss
• lucide-react
• @cloudflare/vite-plugin

bun audit           # Check for vulnerabilities
bun audit --fix     # Fix vulnerabilities

Do not expose:

• Cloudflare API tokens
• Service credentials
• Database connection strings

Use Cloudflare Workers Secrets:

wrangler secret put SECRET_NAME

• Authenticate: wrangler login
• Review changes before deploying
• Enable Cloudflare DDoS protection
• Enforce HTTPS

• Monitor GitHub security advisories
• Enable Dependabot alerts
• Test dependency updates before committing

1. Allow reasonable time for fixes before public disclosure
2. Don't access other users' data
3. Avoid destructive testing
4. Act in good faith

• Email: hey@codemeapixel.dev
• GitHub: CodeMeAPixel/cfxstat.us

Last Updated: February 2026