Last revised on March 12, 2016
Bliss.AI Pty Ltd
32 Kennedy Tce
Paddington, Brisbane, Qld 4064
We respect your copyright and ownership in your code and have setup Bliss so that it is secured in a similar way to services you are probably already using.
Bliss.ai Pty Ltd (Bliss) regarding the use and provision of Bliss (blissai.com)
Security is a top concern as we are dealing with a primary asset of your company (your source code). At Bliss, we make sure our infrastructure is protected and secure so that your most valuable asset is safe and protected from unauthorized access.
Your code is never run or read by a human. It is only subject to static analysis on servers running at Digital Ocean in New York and Amazon Web Services directly and via Heroku on in the US East data centers. This is all secured behind 2 factor authentication and encryption secured access. We also limit access to these accounts to essential staff only.
We use the following services to run Bliss:
We store data related to Bliss, in anonymized form, with the following services:
Our use of the above services is bound to their respective security precautions and their availability.
Bliss claims no ownership or control over any of your source code. You retain copyright and any other rights you already hold in the source code.
Bliss does not store or receive any kind of credit card data other than a reference token that allows us to create payments with our payments provider Stripe, a PCI Level 1 certified payments provider. Please refer to their security policy for more details:https://stripe.com/help/security.
When you sign up for Bliss, we collect an OAuth token from GitHub and Bitbucket, which allows us to request data from the GitHub and Bitbucket API on your behalf. This OAuth token is stored securely in our database and is protected from unauthorized access. We also request you authorize our FounderBliss user on Bitbucket to give read access to your code.
The oAuth token is bound to permissions set on GitHub and Bitbucket, so please make sure you've read their documentation on access control and API access permissions.
We use this token in these situations, and under no other circumstances than described below.
To synchronize the repositories you have access to. We use this information to show you the available repositories on your profile page so you can enable or disable building them on Bliss.
Under no circumstances does Bliss write or modify source code or Git metadata in your hosted git repositories, source code from your repositories is accessed read-only for the sole purpose of automatically executing the tests or any other build commands requested.
We only manually access your code when requested by you and with your consent. This is to debug and help solve support related issues you have raised.
We run a series of static analysis scripts over your code to determine value and debt calculations, the code is not run or executed in anyway, the only time our systems access your repository directly is when checking out the source code on one of our analyzer machines (or as permitted by you for support needs). Any cache or temporary storage of your source code is cleaned within a day to ensure no premanent copy is kept.
Source code is only accessed via SSH, or HTTPS.
When you push code to GitHub for a repository that is set up to run on Bliss, we get a push notification. The same is true for pull requests that are sent to us.
These notifications don't include any sensitive information other than commit references, names of files changed, and who authored and committed the changes.
We store these build notifications for debugging purposes, and for debugging purposes only.
We have kudos based bounty programs to encourage testing of our site. We believe bug bounty programs are a great idea and we have already seen some positive results from this process.
Send us an email to [email protected]
To encrypt your communications with Bliss, or to verify signed messages you receive from us you can use the PGP key below.
Our PGP key:
-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFUB4o0BEAC2QchRApfxiLuL+VgYUsrYch/IF7fjjiNEKRaU5QQrbWBSxSEz dJYVBHdczPnouOYz+BQ0GWFYJsgSBsCuyjGOuzuCf4zavBBr+9fzi1zN+nW5Kebc PylN6X7wBEQlYsGSQFmo1fThE0JwjLvySlw/Pf2m/BNvGDcoW8bBz9sffkUFbH/U k/T8kHXGC1PQc79rqsoNaBInCXvjmYFOtpc30MCnEhmJPIiDEjN/Tpe1GO/f4nDA QabNPOExdTzaKT5TDZFkiRkPeAzo14KOoFQBorPgdvEkF/Ff+WrkhiXZSxuEx6if CoUR+EohWrZvQd8gmvdWHnxC5Lg+mlyWKCSxy1nLQe65NOdRirYsvCTNjXuFs2H+ CakNfoJ4841XOcvFrwoD3FWsaSb0ja2ooAoWIdx5HNrFmS5IxTKsuevw91MxTClk y3EYHllhJgRXm2h+WeWoJrtX1YwSUfKsKbBC3zN+2ZYylvsYDUC3FnPWHTWzmS88 puvhQ6jgN48K7C8YqTsL+9QhM4V1t2kw0y1nvJ7MPNEIpgSeYJ8PcFeaF1uTr6hq qe2nivM9cpVwCQCUvZi5MLuLXXTqjw7HVIw9pNFYsjbicgkuniEFiYtMEl1E/LI6 Z+oLZ62MP3DscrtJpNnTUPhO5jKROU9bQdxY5sEnjKpzfcN4Tbd5ehLBjQARAQAB tClGb3VuZGVyIEJsaXNzIDxzZWN1cml0eUBmb3VuZGVyYmxpc3MuY29tPokCPQQT AQoAJwUCVQHijQIbAwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBY HNpiUvP/mDeXD/44QFhm8pyqrrnE0v0+P8GpE3lgkBvEt4dNYqbRklRBQEHFWOzA iSenogSIhUFBXrHIrCBpq8Ep8i+VurNFzP/JzpA5DWmgyaZwgEhV+QzViHSL82Vw i9GdSbenj1GUg/6CgDFQbOguLnPnFVJjhySSXvAeB5NLdk39f6NymmU5VnXgUUus WXs1PXTzZEmDtMcNgjQXrs3xD5yBd9U6EhRpTdiiWLDSp2WUMz3/sWfpUOWaCWFt f/3weEwoKedRTYxs4/wpPx50jPFGGZXWCOKtpcn9Alq0i1JVVcpMpybwqufXPgjX 8pDsmNTY1BjTIHtmSdOR+ufw6obiXhKLU6CwUmgb6rP61aYLM9gSx50ekzmAG+Sb kmKIVTZ4z46JXOZM5QPOhrfyj3qRkshpyFmvM+oUxI/QWxVGj8r7BAUcpS/IJFkn L4kZWErCUO4c+pEbRTUk5COqWqOf+ZdKK+TU9u2va7uh9uQcllVEZnmQVTE913wZ BL8X+RtLXpE/sOjwW8WJsGBUdYq7P/T9PcXY+4nfXOJGZmPfOnTT9WCplkI0z4FR TgiMDpte/STddV6hQHyC5p0yQkc/oRnnVifBBfELMJ9IT+WG0wkUYlLM9V9X3xfY BFh9QGBn2TgAZWNRJm5OETej0FSC4xIZP0L1x5IbyfL/JXJsg+BRevX5iLkCDQRV AeKNARAAqcCDK4+csU2X4ZQfRCnGiLir3R0H7ojEkz00Ib1uTXgqQmhlMDVN107j 9DFORUb4iIphP8/EFqNWOVKOhtgpd0K8KONaxHv9YWgEh3wZ+KctC4yu5h9Ga9Ow BbPy9E+y9txhsgcYzsco0/kD96D7YGbjISkR1LA1rNYuAsUAwKelJo4Nj+UgBc6D 9UeX1FcEQ0i7sXl0I/nuUHgyRTVydCswzkOAnKo1It59wGqM7XmW+ZkeGeRBv0hF QeOK3GdKK/04G+gX9dVDXidPMv4rUpJ6qZQprDPb9dVld2UA8k4m/mvgDvMTirW6 /JX7J0Y1aFQvXYufuBRjtLPUR9ssCt2ymJ2O+JH223PHK5uWomhNRq4U3KM5yXN2 z9S85XizKtHI8bcdx+HOnAAuR4/9sVDBy4cPUM2zDA1zkf9TXcAjE9bjF2xutG75 cVQNwlHLTic4TBradK2bf57ZoxScyvFgswdEdn6PuptDly0AH4aVsAth5HOeNwvT 05DwOekf/+1+1knsaBslICBFx0RfNAe+a6PsKPpyEO8mNkZd3UV9Bpf9pulhlBE/ ef2CFQNKhwu46lgUCAurYK072f5Bxc0VQPzVxy4XquvgFx1Vygv11WqD0CGMTgy3 eif2j/MPXybBlXLMivnOxW6XwDcVvbE2eCAdd5kdUyf2eSuC2EMAEQEAAYkCJQQY AQoADwUCVQHijQIbDAUJB4YfgAAKCRBYHNpiUvP/mHG2D/9jWhCo8YiptZNihE9u eUnTtO6s2smn7Xh1rnzasRHMf6eDDtpgasf9/jI5agNMIxmTMR3mR4SOXZlc76YL rbS9zMQ0G6fcBNtmvnLYne+f63ZWkWVJ8qc+xykHwRnUE0QodKczdXeVPqLwgZTW wTB0I4+/DR/LMHdTHunTZ6MqLb1PFgkXFPbK4Eb7xweJMZF6AGtsoNvBxX5o0i59 DJLmqTOF35KwIG1E4BObz6DR3/wNxF+EbYXkeZzSkTmQk8/p6k5BQAs9VhI78T5S duSU/nifgCSrHtE/piuIdloeykqqR5Rdxm41N/OfXpR+KNr/r3awMc9ptEgN/2gc RvwEU51MLBR/XSCgvyPSnvZbW4dEWzquK84ISsT3A58tzNrR0gzW29VX75Ved61v OGF3dRZcdX8OFaVR2utT8aRnzRcmyxuDlWoMmDkW8fVkFqX6ntRFOM3C7VJslpM/ 0QzhogH+Sq8AFZVtWxgBxJrxUCjDHY8Wd7bPBOjQUAZuk3wppT5MTqzqljaWSo+U gbn6azI602AGXuxnenm3b/sXQEJEE+3QrH7KSsL/87mG55/Qal5HlFrpLPGRQMe4 E41jT5Mr5L5MKux66/N9ulJgwTVYts8hWcHk/dvbeK4qaSN5RWNQ/Ftoq51+on5N fqMv2q1EA0B9p2As153QrUYrYA== =38AP -----END PGP PUBLIC KEY BLOCK-----
It's time to analyse your code! To get started with our automated metrics, we'll need to be able to view your code.
If you have a GitHub or Bitbucket account simply sync your account below and we'll list your projects.
Via the Share settings add "founderbliss" to your repository.Click after shared
"Alone we can do so little, together we can do so much." --Helen Keller