Skip to content

Security: NextWeb4/deepseek-translation-studio

Security

SECURITY.md

Security / 安全说明

中文

本仓库只提交源码、测试、文档和默认资源,不提交个人运行数据。

禁止提交:

  • API Key、Token、Authorization header、Cookie
  • .env、私钥、证书
  • SQLite 数据库
  • 日志
  • Playwright / DeepSeek Web 浏览器 profile
  • build/dist/.build_tools/ 中的构建产物或下载工具

发布用 exe、MSI、portable zip 只通过 GitHub Release 上传,不进入 git 源码历史。

官方署名信息固定为:

这些信息写入窗口、README、exe version info、ABOUT.html、portable 包和 MSI 属性。修改前必须同步更新测试并经过人工确认。

English

This repository commits source code, tests, documentation, and default resources only. Personal runtime data must not be committed.

Never commit:

  • API keys, tokens, Authorization headers, cookies
  • .env files, private keys, certificates
  • SQLite databases
  • Logs
  • Playwright / DeepSeek Web browser profiles
  • Build outputs or downloaded build tools under build/, dist/, or .build_tools/

Release exe, MSI, and portable zip files are uploaded only as GitHub Release assets and are not committed to git history.

Official identity is fixed as:

The identity is embedded in the windows, README, exe version info, ABOUT.html, portable packages, and MSI metadata. Any change must update tests and be explicitly reviewed.

There aren't any published security advisories