Full stack shortner app

A web service that takes long URLs and shortens them, secured with CI/CD tooling.

Demonstration available at: cubel.ink

Project Aims:

  • Hosted as a docker container to the internet
  • URL reputation checking, QR code generation & link collison detection
  • Built with Python3 & CSS/HTML reactive page elements
  • Use a distroless runtime, ensuring limited security risk during execution
  • Development pipeline has security tooling built-in

Features

What Linkshort has so far:

Sanitisation of input from user for both URLs and extensions on requests

Checks on user shared URLs, to ensure they begin with HTTPS

Uses distroless containers for runtime security

Checks submitted URLs against spam lists, rejects known spam domains

Generates QR codes for users to download and share

A frontend with reactive CSS & HTML

400 and 500 HTTP error handling with pages

...with more features in development:

Have a look at the enhancements on GitHub and upvote what you like the sound of.

Create a feature request yourself on the issues page if you have a good idea.

CI/CD

Using security in the pipeline:

This project uses GitHub actions for code and docker image security scanning

This is done alongside deployment, patching & linting tools for high quality code

Findings are shown in PR comments or documented on the repository security page

Fixable vulnerabilities are surfaced first through configurations in the actions pipelines

Tooling used:

Super Linter

CodeQL

Snyk

Grype

Renovate

Docker Push

Hosting

Code: GitHub

Platform: GCP

Database: Turso

Image: Docker Hub