{"id":51111261,"url":"https://github.com/sE2EEnd/sE2EEnd","last_synced_at":"2026-06-26T17:00:41.671Z","repository":{"id":334788312,"uuid":"1142704583","full_name":"sE2EEnd/sE2EEnd","owner":"sE2EEnd","description":"File transfer solution with end-to-end encryption.","archived":false,"fork":false,"pushed_at":"2026-06-23T03:00:36.000Z","size":4877,"stargazers_count":1,"open_issues_count":8,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-06-23T05:01:59.722Z","etag":null,"topics":["e2e-encryption","e2ee","e2ee-encryption","encryption","file-transfer","filetransfer"],"latest_commit_sha":null,"homepage":"https://se2eend.github.io/sE2EEnd/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sE2EEnd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-01-26T18:50:17.000Z","updated_at":"2026-06-15T21:26:56.000Z","dependencies_parsed_at":"2026-01-27T08:10:38.034Z","dependency_job_id":"b8998f9b-a642-41d8-b9d9-907b74fb3a84","html_url":"https://github.com/sE2EEnd/sE2EEnd","commit_stats":null,"previous_names":["se2eend/se2eend"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/sE2EEnd/sE2EEnd","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sE2EEnd%2FsE2EEnd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sE2EEnd%2FsE2EEnd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sE2EEnd%2FsE2EEnd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sE2EEnd%2FsE2EEnd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sE2EEnd","download_url":"https://codeload.github.com/sE2EEnd/sE2EEnd/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sE2EEnd%2FsE2EEnd/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34825611,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-26T02:00:06.560Z","response_time":106,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["e2e-encryption","e2ee","e2ee-encryption","encryption","file-transfer","filetransfer"],"created_at":"2026-06-24T18:00:24.242Z","updated_at":"2026-06-26T17:00:41.664Z","avatar_url":"https://github.com/sE2EEnd.png","language":"TypeScript","funding_links":[],"categories":["Software"],"sub_categories":["File Transfer - Single-click \u0026 Drag-n-drop Upload"],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"docs/screenshots/title.svg\" alt=\"sE2EEnd\" height=\"90\" /\u003e\n\n**Encrypted file transfer, under your control.**\n\nSelf-hosted, end-to-end encrypted file sharing.  \nThe server never sees your files or encryption keys.  \nBuilt for teams who can't compromise on privacy.\n\n[**Website**](https://se2eend.github.io) · [**Documentation**](https://se2eend.github.io/sE2EEnd) · [**Releases**](https://github.com/sE2EEnd/sE2EEnd/releases) · [**Try the demo →**](https://se2eend.github.io/sE2EEnd/demo/)\n\n[![Live Demo](https://img.shields.io/badge/Live_Demo-try_it_now-blue?style=flat\u0026logo=googlechrome\u0026logoColor=white)](https://se2eend.github.io/sE2EEnd/demo/)\n[![GitHub Release](https://img.shields.io/github/v/release/sE2EEnd/sE2EEnd?style=flat)](https://github.com/sE2EEnd/sE2EEnd/releases/latest)\n[![AGPL-3.0 Licensed](https://img.shields.io/github/license/sE2EEnd/sE2EEnd?style=flat)](https://github.com/sE2EEnd/sE2EEnd/blob/main/LICENSE)\n[![GitHub last commit](https://img.shields.io/github/last-commit/sE2EEnd/sE2EEnd?style=flat)](https://github.com/sE2EEnd/sE2EEnd/commits/main)\n[![GitHub issues](https://img.shields.io/github/issues/sE2EEnd/sE2EEnd?style=flat)](https://github.com/sE2EEnd/sE2EEnd/issues)\n[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen?style=flat)](CONTRIBUTING.md)\n\n![React](https://img.shields.io/badge/React_19-61DAFB?style=flat\u0026logo=react\u0026logoColor=white\u0026labelColor=20232a)\n![TypeScript](https://img.shields.io/badge/TypeScript_6-3178C6?style=flat\u0026logo=typescript\u0026logoColor=white)\n![Java](https://img.shields.io/badge/Java_25-ED8B00?style=flat\u0026logo=openjdk\u0026logoColor=white)\n![Spring Boot](https://img.shields.io/badge/Spring_Boot_4-6DB33F?style=flat\u0026logo=springboot\u0026logoColor=white)\n![Keycloak](https://img.shields.io/badge/Keycloak_26-4D4D4D?style=flat\u0026logo=keycloak\u0026logoColor=white)\n![Docker](https://img.shields.io/badge/Docker-2496ED?style=flat\u0026logo=docker\u0026logoColor=white)\n\n\u003c/div\u003e\n\n---\n\n![Dashboard](docs/screenshots/dashboard.png)\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/screenshots/create_send.png\" width=\"49%\" alt=\"Create a send\" /\u003e\n  \u003cimg src=\"docs/screenshots/download.png\" width=\"49%\" alt=\"Download page\" /\u003e\n\u003c/p\u003e\n\n---\n\n## Table of contents\n\n- [How it works](#how-it-works)\n- [Features](#features)\n- [Tech stack](#tech-stack)\n- [Quick start](#quick-start)\n- [Project structure](#project-structure)\n- [Contributing](#contributing)\n- [Security](#security)\n- [License](#license)\n\n---\n\n## How it works\n\nEncryption and decryption happen entirely in the browser using the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API) (AES-256-GCM). The key never leaves the client — it lives in the URL fragment (`#key`) which browsers never include in HTTP requests.\n\n```\nBrowser (sender)\n  └─ AES-256-GCM encrypt(file, key)\n       └─ POST /api/sends  ──▶  Backend  ──▶  Storage (ciphertext only)\n                                    │\n                                    └─▶  PostgreSQL (metadata only)\n\nShare link:  https://your-domain/d/{id}#key\n                                        ↑\n                               Fragment — never sent to server\n\nBrowser (recipient)\n  └─ GET /api/sends/{id}  ──▶  fetch ciphertext\n       └─ AES-256-GCM decrypt(ciphertext, key from URL fragment)\n```\n\n\u003e Even with full access to the database and file storage, an attacker cannot decrypt any file without the URL fragment.\n\n---\n\n## Features\n\n**Privacy \u0026 encryption**\n- Zero-knowledge architecture — server stores only ciphertext, keys never leave the browser\n- AES-256-GCM encryption via the native Web Crypto API\n- Password-protected transfers (with built-in secure password generator)\n\n**Transfer controls**\n- Share files (single or multiple — auto-zipped) and secret notes/text snippets\n- Per-transfer download limits and expiration dates\n- Instant revocation from the dashboard at any time\n- QR code generation for cross-device sharing\n\n**Authentication \u0026 administration**\n- Enterprise-grade auth via [Keycloak](https://github.com/keycloak/keycloak) — OAuth2 / OIDC, SSO, LDAP / Active Directory, MFA\n- Admin dashboard: manage all transfers, monitor storage usage, view deletion audit logs\n- Configurable instance policies (require auth for download, enforce transfer passwords…)\n\n**Deployment \u0026 customisation**\n- Single `docker compose up` — images are pre-built and published to GHCR\n- S3-compatible storage support (AWS, MinIO, Scaleway, OVHcloud…) or local filesystem\n- Custom branding: primary colour, logo, app name — all via environment variables, no rebuild needed\n- Multi-language UI (English, French — easily extensible)\n- Dark mode with automatic system awareness\n\n---\n\n## Tech stack\n\n| Layer | Technology |\n|---|---|\n| Frontend | React 19 + TypeScript 6 + Vite 8 + ShadcnUI, served by nginx |\n| Backend | Spring Boot 4 (Java 25) |\n| Auth | Keycloak 26 (OAuth2 / OIDC) |\n| Database | PostgreSQL 18 |\n| Encryption | Web Crypto API — AES-256-GCM |\n| Storage | Local filesystem or any S3-compatible object store |\n| Infrastructure | Docker, Docker Compose |\n\n---\n\n## Quick start\n\n### Prerequisites\n\n- **Docker** ≥ 24\n- **Docker Compose** ≥ 2.20\n\nNo Java, Node.js, or Maven required — images are pulled from GHCR.\n\n### 1. Get the deployment files\n\nYou don't need the full source code. Pull only what's needed to run the stack:\n\n```bash\ngit clone --depth=1 --filter=blob:none --sparse https://github.com/sE2EEnd/sE2EEnd.git\ncd sE2EEnd\ngit sparse-checkout set --no-cone /docker-compose.yml /.env.example /init-databases.sql keycloak/\n```\n\n### 2. Configure\n\n```bash\ncp .env.example .env\n```\n\nFor a local test the defaults work as-is. For production, set at minimum:\n\n```dotenv\nPOSTGRES_PASSWORD='\u003crandom 32+ chars\u003e'\nKEYCLOAK_ADMIN_PASSWORD='\u003crandom 32+ chars\u003e'\nKEYCLOAK_EXTERNAL_URL=https://auth.your-domain.com   # must match what browsers use\nFRONTEND_URL=https://your-domain.com\n```\n\nSee the [Environment Variables reference](https://se2eend.github.io/sE2EEnd/docs/deployment/environment-variables) for all options (storage, theming, instance policies).\n\n### 3. Start\n\n```bash\ndocker compose up -d\n```\n\nDocker Compose pulls the images and starts PostgreSQL, then Keycloak (which imports the realm on first boot), then the backend and frontend.\n\n\u003e Wait ~30 seconds on first boot for Keycloak to complete the realm import, then open `http://localhost`.\n\n### Updating\n\n```bash\ndocker compose pull \u0026\u0026 docker compose up -d\n```\n\n### Service URLs (default)\n\n| Service | URL |\n|---|---|\n| Frontend | http://localhost |\n| Backend API | http://localhost:8081 |\n| Keycloak | http://localhost:8090 |\n\n---\n\n## Project structure\n\n```\nsE2EEnd/\n├── backend/                  # Spring Boot application\n│   └── src/main/java/fr/se2eend/backend/\n├── frontend/\n│   └── core/                 # React + Vite SPA\n│       ├── src/\n│       │   ├── components/\n│       │   ├── pages/\n│       │   ├── locales/      # i18n — en/ and fr/\n│       │   └── contexts/\n│       └── public/\n├── keycloak/\n│   ├── realm-config/         # Realm JSON (auto-imported on first boot)\n│   └── themes/se2eend/       # Custom login theme\n├── docs/\n│   └── site/                 # Docusaurus documentation site\n└── docker-compose.yml\n```\n\n---\n\n## Contributing\n\nContributions are welcome — bug fixes, features, docs, and translations.\n\n\u003e **Explore the codebase faster:** [DeepWiki](https://deepwiki.com/sE2EEnd/sE2EEnd) provides an AI-generated map of the repository, useful for understanding how components fit together before diving in.\n\n### Development setup\n\n**Prerequisites:** Docker \u0026 Docker Compose, Java 21 + Maven, Node.js 20+\n\n```bash\ngit clone https://github.com/sE2EEnd/sE2EEnd.git\ncd sE2EEnd\ncp .env.example .env\n\n# Start infrastructure (Keycloak + PostgreSQL)\ndocker compose up -d postgres keycloak\n# Wait ~30s for Keycloak first-run import\n\n# Backend (in a separate terminal)\ncd backend \u0026\u0026 mvn spring-boot:run\n\n# Frontend (in a separate terminal)\ncd frontend/core \u0026\u0026 npm install \u0026\u0026 npm run dev\n# → http://localhost:3001\n```\n\n### Tests \u0026 lint\n\n```bash\n# Backend tests\ncd backend \u0026\u0026 mvn clean test\n\n# Frontend lint + build\ncd frontend/core \u0026\u0026 npm run lint \u0026\u0026 npm run build\n```\n\n### Submitting changes\n\n1. Fork the repository\n2. Create a branch: `git checkout -b feature/your-improvement`\n3. Open a pull request against `main`\n\nFor larger changes, open an [issue](https://github.com/sE2EEnd/sE2EEnd/issues) first to discuss the approach. Please keep PRs focused — one feature or fix per PR.\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for the full guide.\n\n---\n\n## Security\n\nPlease do not report security vulnerabilities through public GitHub issues.  \nSee [SECURITY.md](SECURITY.md) for the responsible disclosure process.\n\n---\n\n## License\n\nLicensed under the [AGPL-3.0 License](LICENSE).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FsE2EEnd%2FsE2EEnd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FsE2EEnd%2FsE2EEnd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FsE2EEnd%2FsE2EEnd/lists"}