System Status

Live system status.

Checking system status…

Auto-refreshes every 20s · Last checked

Components

Real-time checks against the running production system.

Application checking…
Database checking…

Uptime history is not yet published — these are live checks, not a 90-day average. We show what we can actually measure right now.

Security & reliability

Recent hardening

A summary of the security work we've shipped and verified in production. Each change went through the same gate: type-checked, tested, built, and confirmed live.

Dependencies

Zero known dependency vulnerabilities

The full production dependency tree passes a clean security audit. Authentication (Clerk), the web framework (Fastify), the database layer (Drizzle ORM), spreadsheet parsing (SheetJS) and the AI SDK were all upgraded to patched releases.

Access control

Hardened admin access + role integrity

Administrative access moved to session-based authentication with a rotated, environment-held secret for automation (constant-time verified). Team-role changes are bounded so no member can escalate their own privileges.

Application

Output escaping + upload hardening

User-supplied content is HTML-escaped by default across shared page components. The document importer runs with a strict size cap and the risky parser paths disabled. Inbound webhooks are cryptographically signature-verified.

Delivery

Every change gated by automated checks

Nothing reaches production without passing type-checking, a 560+ test suite (including security regression tests), and a full build. Branch protection enforces this on every merge.

The full picture

How we handle your data — the privacy boundary, encryption, access controls, subprocessors, and incident response — is documented on our Trust & Security page.