Mergify
  • Home
  • Customers
  • Blog
  • Documentation
  • About

Security

A collection of 3 posts
On API Keys Best Practices
Security

On API Keys Best Practices

APIs are everywhere. They became ubiquitous over the last years and every startup building a product is now ordered to offer them. They became a major selling point for any SaaS business. Engineering and product teams focus on the design of their API, from top to bottom, making sure they
Jul 18, 2022 — 7 min read
How to Deal with the Abuse of your Service?
Security

How to Deal with the Abuse of your Service?

As Mergify keeps growing, we keep encountering new issues. A few weeks ago, we explained how we had to adapt to our traffic increase [https://blog.mergify.io/handling-780k-github-events-per-day/] and handling close to 1M events per day. With growth comes its share of abusive accounts. In the same fashion that
Nov 8, 2021 — 4 min read
(Un)signed commits: how we found a (non) security bug in GitHub
GitHub

(Un)signed commits: how we found a (non) security bug in GitHub

When you build an entire software around someone else API, you tend to know everything about it. We made Mergify [https://mergify.io] on top of GitHub API, and it's hard to describe how well we understand its API. From its fabulous and beloved features to its most horrible defects,
Mar 29, 2021 — 4 min read
Mergify © 2023