Security FAQ

Are the secret variables encrypted?

All variables whether secret or not are encrypted using AES-256 encryption before storing in the SQLite database.

The encryption key is stored in /data/key file.

Are the GitHub access tokens stored in Credentials encrypted?

Yes, same encryption method is used as for variables.