Skip to content

Circle6Systems/SDLC-Journal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
.github
.github
 
 
assets
assets
 
 
css
css
 
 
docs
docs
 
 
electron
electron
 
 
js
js
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.nojekyll
.nojekyll
 
 
CLAUDE.md
CLAUDE.md
 
 
CNAME
CNAME
 
 
README.md
README.md
 
 
SBOM.md
SBOM.md
 
 
SDLC-2.md
SDLC-2.md
 
 
index.html
index.html
 
 

Repository files navigation

title PeopleSafe SDLC Journal
scope Project overview, features, getting started, and architecture summary
last_updated 2026-03-27

PeopleSafe SDLC Journal

A client-side encrypted journaling app for IT and cybersecurity professionals. Built on the SDLC framework — Success, Delight, Learning, Compliment — adapted from Donald Altman's G.L.A.D. Technique.

Live at: https://sdlc.circle6systems.com

Features

  • Daily SDLC Journaling — Four focused reflections: Success, Delight, Learning, Compliment
  • Client-Side Encryption — AES-256-GCM with PBKDF2 key derivation (600,000 iterations). Data never leaves your browser.
  • Rollup Summaries — Weekly, monthly, quarterly, and yearly aggregations with editable reflections
  • Browse & Search — Full-text search across all encrypted entries (decrypt-then-search, entirely local)
  • Export/Import — JSON backup and restore for data portability
  • Zero Network Requests — After initial page load, the app makes no network requests whatsoever
  • Mobile Responsive — Full functionality on mobile with bottom navigation
  • Auto-Lock — Session automatically locks after 5 minutes of tab inactivity
  • Desktop App — Standalone Electron app for macOS, Windows, and Linux with system tray, native menu bar, keyboard shortcuts (Cmd+S/L/E), daily journaling reminders, and auto-updates

Architecture

The app runs entirely in the browser with no backend. User data is encrypted before storage and decrypted only in memory during an active session.

graph LR
    A["Browser"] -->|"HTTPS :443"| B["GitHub Pages\n(static files)"]
    A -->|"encrypt/decrypt"| C["Web Crypto API\nAES-256-GCM"]
    A -->|"read/write"| D[("IndexedDB\n(encrypted blobs)")]

    E["Electron Shell"] -->|"app:// protocol"| F["Same HTML/CSS/JS"]
    F -->|"encrypt/decrypt"| C
    F -->|"read/write"| D
Loading

For the full system design, data flow diagrams, and storage schema, see docs/ARCHITECTURE.md.

Privacy Commitment

  • All encryption/decryption happens in your browser using the Web Crypto API
  • Your passphrase is never stored — only a verification hash (PBKDF2, separate salt)
  • No cookies, no analytics, no telemetry, no server-side processing
  • IndexedDB stores only encrypted blobs
  • The master encryption key exists only in JavaScript memory and is cleared on page unload
  • Content Security Policy restricts all external connections

For the full threat model and security controls, see docs/SECURITY.md.

Technology

  • Alpine.js 3.x (vendored, no CDN) — Reactive UI without build tools
  • Web Crypto API — AES-256-GCM encryption, PBKDF2 key derivation
  • IndexedDB — Persistent encrypted storage (50MB+)
  • GitHub Pages — Static hosting, no server required
  • Electron 33.x — Desktop app with native OS integration (same codebase, no fork)
  • Zero web dependencies — No build step, no npm, no bundler for the web version

For the complete component inventory, see SBOM.md.

Getting Started

Web App

  1. Open sdlc.circle6systems.com in a modern browser
  2. Create a passphrase (minimum 12 characters) — this derives your encryption key
  3. Write your daily SDLC entry
  4. Review rollup summaries to spot patterns over time
  5. Export backups regularly from Settings

Desktop App

Download the latest release for your platform from GitHub Releases:

Platform File
macOS .dmg (installer) or .zip (portable)
Windows .exe (NSIS installer)
Linux .AppImage (portable) or .deb (Debian/Ubuntu)

The desktop app includes system tray integration, keyboard shortcuts (Cmd/Ctrl+S to save, Cmd/Ctrl+L to lock, Cmd/Ctrl+E to export), daily journaling reminders at 5 PM, and automatic updates.

Important: If you forget your passphrase, your data cannot be recovered. There is no reset mechanism by design.

Local Development

Web app — no build tools required. Serve the repository root with any static HTTP server:

cd SDLC-Journal
python3 -m http.server 8000
# Open http://localhost:8000

Electron app — requires Node.js 20+:

cd SDLC-Journal/electron
npm install
npm start

For coding conventions and how to extend the app, see docs/DEVELOPER_GUIDE.md. For build and release details, see docs/DEPLOYMENT.md.

Documentation

Document Description
docs/ARCHITECTURE.md System design, data flow, crypto architecture, storage schema
docs/SECURITY.md Threat model, encryption controls, CSP, incident response
docs/DEPLOYMENT.md GitHub Pages, CI/CD pipeline, custom domain, troubleshooting
docs/DEVELOPER_GUIDE.md Coding conventions, module patterns, extending the app
docs/FRONTEND.md Alpine.js architecture, view states, CSS design system
SBOM.md Software Bill of Materials
SDLC-2.md The SDLC journaling technique — methodology and practice

About

The SDLC technique is a mental health resource for IT professionals, adapting positive psychology practices to the unique challenges of technology and cybersecurity work. See SDLC-2.md for the full technique description.

A Circle 6 Systems initiative for psychological safety in IT.

About

A collector for my formalized cybersecurity mental health resources and links to more information on mental health support for IT and CyberSecurity

Topics

privacy cybersecurity journaling mental-health

Resources

Readme

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

PeopleSafe SDLC Journal v1.1.0 Latest
Mar 2, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages