You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The README states that "Berglas is not an officially supported Google product" but could it be clarified whether Berglas is still subject to Google's usual internal security measures (e.g. secure builds, code security, reviews, etc)?
Thanks!
The text was updated successfully, but these errors were encountered:
Thanks for the query. Berglas uses GCP for builds (specifically Cloud Build), and that's completely audit-able as the scripts are here in this repo. The design and implementation went through Google's rigorous security and privacy review process. All code is reviewed. A detailed threat model is also available in this repo.
The README states that "Berglas is not an officially supported Google product" but could it be clarified whether Berglas is still subject to Google's usual internal security measures (e.g. secure builds, code security, reviews, etc)?
Thanks!
The text was updated successfully, but these errors were encountered: