By default, we have included the following precautions:<ul><li>Supabase (DB) is never accessed on the client and is only accessible throught the API</li><li>The API requires an user's session token which is periodically refreshed</li><li>The API also handles CORS to deny unknown hosts</li><li>Tables have an RLS policy to only allow Anon and Authenticated roles to access data</li><li>Assests are loaded using signed-URLS and expire after a given time</li><li>We only allow 1 email to sign-up to stop abuse from random people</li><li>The Vercel Firewall (if hosting on Vercel) should also handle malicious traffic and DDOS protection</li><li>We gather absolutely no telemetry</li><li>NextJS security headers are also setup</li><li>We've disabled search indexing so the platform won't be visible on search</li></ul>However, there are still some things to understand:<ul><li>We do not encrypt the journal entries. The main reason to allow full-text search to work.</li><li>We do not handle rate-limiting</li><li>We are not responsible for anything that happens (since the whole point of this is that you handle everything)</li></ul>

Security

Feedback

Roadmap

Changelog

Website

Jadebook App

Introduction

Privacy and Security

Types of journaling, use cases and features

Journals

Journal Entries

Prompted Journal

Guided Journal

Platform features like insights, auth and more

Platform

Theming

Goals

Insights

Authentication and Passcode

Assets

Memory

Chat

Prompts

Additional Context

Reflective Agents

Summaries

Billing

AI Credits

Subscription

Open Source Version

Jadebook vs Jadebook OSS

Hosting

Development

How can we help you?

Help Center

Quick Update

Monthly Update

jadebook

In Review

Planned

In Progress

Completed

Rejected

High Priority

Low Priority

Open-source

Backlog

Next up

Done

Main Roadmap

Hey {name|there}! 👋

How helpful was this article?

Is there anything we could do to make this article better for you?

What can be improved?

5072091 article survey