Security

This is a static-first site. There are no user accounts, no logins, and no server-side forms.

What we do

• Serve static pages and public JSON files used by the UI.
• Generate the Daily entry with a separate job and publish the result as static data.
• Keep “Complaint” and “Hall Editor” tools local to your browser (download-only).
• Keep basic server access logs for operational review (paths, timestamps, IPs).

What we do not do

• No accounts.
• No payment processing.
• No collection of private information.
• No tracking pixels or analytics beacons from this codebase.

Security posture: minimal surface area