Skip to content

Security Policy

victornpb edited this page Apr 30, 2022 · 6 revisions

Security Policy

Using third-party scripts means you trust that the script’s developer hasn’t inserted malicious functionality into the code and has secured it against attackers trying to do the same. You should never run code you don't trust.

What I'm doing to ensure this is safe for users:

  1. This is an open-source project, it can be audited by anyone.
  2. It is officially distributed via GreasyFork and OpenUserJS, so it can be independently audited, and reviewed.
    • I cannot edit or remove reviews there.
    • You can see here [they actively moderate][greasyfork_moderation] and remove mallicious scripts.
    • You can see all previous versions there.
  3. Undiscord will NOT use external dependencies or dynamically download scripts or make external requests other than calling discord's API necessary for the core functionality.
  4. Undiscord will NEVER collect or transmit any personal data.
  5. No code obfuscation.
  6. Inform users of the potential risks involved.
  7. I will make sure I have good security habits regarding this GitHub account.
  8. Lastly, I @victornpb will never accept or add malicious commits into [THIS][undiscord_repo] repository.
    (Be aware I have no control over forks from other users)

That said you still have the final responsibility of what you run on your computer. Disclaimer

Forks

This project being open source, means anyone can make a copy of this project, and make their own changes (called forks).
While I have full control over what goes into this repository, I DON'T have any control over forks of this project.

This means none of the conditions above applies if you're not using the original.
So make sure you check their code, and you trust the fork's author.