-
Notifications
You must be signed in to change notification settings - Fork 4
Privacy and Security
aidamir edited this page May 13, 2026
·
1 revision
Cultiva is designed offline-first. This page summarizes how data stays on your machine and how the app reduces exposure from plugins and updates.
| Area | Notes |
|---|---|
| Habits & settings | Stored in IndexedDB (and related local storage keys) for the Electron profile |
| Custom background | Optional photo stored as a data URL in local storage (size-capped) — see ambient-bg.js / theme config keys |
| Plugins | Downloaded plugin files under Electron userData — not from your developer plugins/ folder in the git repo |
There is no mandatory cloud account required for core habit tracking.
Where the app stores session-style credentials, Electron safeStorage may be used when available so secrets are not kept as plain text on disk. Availability depends on the OS and user profile.
- Plugin JavaScript runs in a sandboxed iframe (no
window.electron, no direct access to Cultiva’s DOM). - Cross-boundary calls go through a narrow RPC (e.g. storage,
ui.showNotification) and structured postMessage channels. - Cultiva 0.4.0+ adds a reviewed bridge for main-window HTML (sheets, header updates, garden). Treat injected markup like any UI: encode user-controlled strings.
Always install plugins from sources you trust (official registry or your own fork).
The packaged app can check GitHub Releases for updates (electron-updater). You can disable checks for development or CI via documented environment flags (see source: updater wiring in Electron main/preload).
- App bugs / features: Cultiva issues
- Store plugins: CultivaPlugins issues