Technical
Security
Why Stylebit is secure?
Stylebit runs on your codebase and only collects metadata.
CLI
- Stylebit do NOT expose your codebase. It just collects metadata regarding your design system.
You can always run analytics in
dry-runmode and check generated local json to see exactly what is collected. - Stylebit do NOT run
AIon your codebase. The logic behind Stylebit cli isstatic code analysisrunning on AST (abstract syntax tree) - Stylebit do NOT request neither write or read access. It’s your local codebase and your local machine.
- Stylebit CLI code is npm registry and you can always check it.
Connecting to the internet
Connecting to the internet
Stylebit cli connects to the internet only for the following cases
- On cli login to get
access token - On running analytics it pings to check access token validity
- On uploading report to stylebit web application
- You can get permanent token and not connect to the internet on login. For more details contact us at [email protected]
- You can run in
dry-runmode and get the report on your local machine without valid access token - You can check the report file and upload to app.stylebit.io manually through our web interface. Otherwise you can host the reports on your own, making sense from raw json report yourself and not use our web application.
Web application
- The web application is hosted in google cloud and basic security is provided by Google.
- We never ask for password on logging in and don’t ask or collect any sensitive during the session.