• 1 Post
  • 27 Comments
Joined 4 months ago
cake
Cake day: March 7th, 2026

help-circle
  • I had the same choosing problem some years ago, but with VPS. Some of them are really private, hosting in e.g. Moldova, but you cannot really trust them, others will never ask your ID, but you have to pay with your credit card and somehow put a real name and address. The same applucable for domain sellers. You decide where you balance: you trust them completely and they don’t care who you are or you choose where to give up complete privacy. I use Namecheap and Spaceship (basically the same, but cheaper).







  • Thanks, this is really useful feedback.

    The reminder part is already on the roadmap, and I’ve now added two more issues based on your note about irregular cycles:

    • #17 Add irregularity factor tags for cycle tracking
    • #18 Use recorded cycle factors to improve prediction context

    The direction I’d want for Ovumcy is less “the app predicts the why” and more:

    • users can log things like stress, illness, travel, sleep disruption, etc.
    • the app can use that to give better context and reliability hints for irregular cycles
    • without pretending to make hard medical claims

    The anonymous scrubbed-submission idea is interesting too, but I’d treat that as much later, because it changes the privacy/trust model a lot.

    Happy to keep talking about it, and future PRs would definitely be welcome.







  • Thanks for the suggestions, those are good points.

    CSP is something I plan to tighten over time, but enabling a strict policy right now would require refactoring some inline JS patterns used in the templates. It’s definitely on the roadmap as part of security hardening.

    Regarding CORS, the application currently runs as a same-origin server-rendered app rather than a cross-origin API, so CORS headers aren’t enabled by default. If external clients or integrations are added in the future, I’d likely introduce a restricted allowlist for specific API routes.