Skip to content
IP Inlay for FileMaker

Trust

Security and trust at Inlay

Verified builds

Every downloadable build is code-signed and notarized. macOS builds are Apple Developer ID signed and notarized by Apple. Windows builds are Authenticode signed. Every download on the download page lists a SHA-256 checksum so you can verify the file you received matches the file we published.

Verify on macOS

shasum -a 256 Inlay-*.zip
codesign -dv --verbose=4 /path/to/Inlay.fmplugin
spctl -a -vv /path/to/Inlay.fmplugin

The signing identity should report [Developer ID: TODO confirm].

Verify on Windows (PowerShell)

Get-FileHash -Algorithm SHA256 Inlay-*.zip
Get-AuthenticodeSignature Inlay.fmx64

The Authenticode signer should report [Authenticode CN: TODO confirm].

Your credentials stay local

Secrets the plugin uses, such as your S3 access keys, are stored on the client machine that runs FileMaker. They are not sent to Inlay servers as part of normal plugin operation.

Licensing

Inlay licensing uses Ed25519-signed license keys. When a seat is unlicensed or a subscription lapses, Inlay functions return a structured unlicensed JSON envelope. They stop performing work, but they do not crash your scripts.

Responsible disclosure

Found a security issue? We want to hear about it. Email solutions@pinethree.dev with the details so we can investigate and respond. Our machine-readable contact details are published at /.well-known/security.txt.

Telemetry

The plugin sends usage telemetry. Our privacy policy describes what is collected and how it is handled.