The current debate on Prism and the monitoring of the inernet does not leave Versionshelf entirely unaffected. The question arises is your source code safe at Versionshelf?
Fact is that Versionshelf hosts only on servers in Germany. That means that the data on the servers are subject to German data protection regulations and laws.
Furthermore, we do our utmost to ensure our service‘s security. Therefore, we only accept connections which are encrypted with HTTPS to the repositories and do backups regularly. An audit hosted by an external security company is scheduled as well. Concerning this audit we’d like to get your feedback first.
But what about the encryption of the repositories on the servers? This is where it gets a little bit iffy since it is only possible to run all Versionshelf services such as the code browser when the repositories are unencrypted; a problem we definitely take into consideration. There are ways to encrypt repositories such as git-encrypt, to name only one example. and we promise to think about it carefully.
The Versionshelf team will definitely run all servers in Germany only. Now and in the future as well.