Secure Software Development Lifecycle (SDLC) Policy

Updated today

โ€ข

2 min read

Purpose

Ensure that security is built into every stage of designing, building, and operating the Perfect Wiki application.

Scope

All code, infrastructure-as-code, and customer-facing changes to the Perfect Wiki service.

Phases

1. Design

  • New features that handle sensitive data or expand the attack surface are threat-modeled informally: identify data flows, trust boundaries, authentication / authorization requirements, and abuse cases.
  • Privacy-by-design: minimize data collected, prefer references over copies, scope data to the tenant.

2. Build โ€” secure coding standards

  • TypeScript with strict types for all new backend code.
  • Input validation via Zod schemas on every endpoint.
  • Authentication and authorization enforced on every non-public endpoint via middleware (validateSessionId, validateUserHasAccessToOrganization, validateUserIsAdmin, role-specific variants).
  • Output encoding / HTML sanitization for any user content rendered in HTML (sanitize-html).
  • Parameterized queries via the Firestore SDK โ€” no string-built queries.
  • Secrets never committed to source control; loaded from environment variables.
  • Error handling: every endpoint is wrapped in try/catch and logs the error to Sentry; no stack traces or secrets are returned to clients.

3. Code review

  • Material changes go through code review before merge.
  • Reviewer specifically checks: authentication present, tenant scoping correct, input validated, output encoded, error handling complete, no secrets, no broken cryptography.

4. Test

  • Automated type checking (yarn typecheck) gates every build.
  • Manual functional testing on staging covering happy path, edge cases, and authorization boundaries.

5. Deploy

  • Versioned, immutable container images deployed to production via the change-management process.
  • Previous image retained for rapid rollback.

6. Operate

  • Monitored via Sentry; vulnerabilities tracked per the Vulnerability & Patch Management Policy; incidents handled per the Incident Response Plan.

Dependency management

  • Dependencies are pinned in package.json / yarn.lock.
  • Automated alerts for vulnerable dependencies (GitHub Dependabot / yarn audit).
  • Critical dependency updates expedited per vulnerability-management SLAs.

Roles & responsibilities

  • CEO/CTO: Owns SDLC standards; performs code review.

Review cadence

Reviewed annually.

Last reviewed: 2026-05-21. Next review: 2027-05-21. Approved by: Ilia Pirozhenko, CEO/CTO.

Related Articles

Was this page helpful?