Today we’re making public on GitHub the code that powers the SecureDrop.org website. SecureDrop has been open source since its inception. Starting today, its website is as well, under the same GNU Affero General Public License (AGPL).
The current website was launched in April of 2018, when it was rebuilt from the ground up with a content management system built on other open source software projects Django and Wagtail. It has been continuously maintained and updated since then, adding features to make it an asset to the SecureDrop community.
By open sourcing SecureDrop.org we’re making available technical solutions that may be of broader interest. Some examples include:
- A search application that uses Django and PostgreSQL to index, search, and rank between different structured documents with varying attributes.
- A scanner that periodically queries organizations’ SecureDrop landing pages to warn potential whistleblowers of security concerns.
- A detection script that determines whether a website visitor is likely using Tor Browser and what level their security settings are adjusted to.
Today’s announcement also marks the start of inviting contributions to SecureDrop.org from anyone who is interested in improving the user experience for whistleblowers, SecureDrop administrators, and journalists. If you are interested in contributing, please refer to our contribution guide.
Please don’t hesitate to contact us with any questions or suggestions: