Securie for TanStack Start

TanStack Start is the rising full-stack React framework. Server functions are the security boundary; same patterns as Next.js Server Actions.

Start free — one repoRead the guides

Why it matters for TanStack Start

Securie reviews every TanStack Start PR; specialists cover server functions + loaders + actions.

  • Designed for TanStack Start beta+
  • Catches missing auth on server functions
  • Validates loader + action auth checks
  • Works with Vercel + Netlify

Common bugs we catch in TanStack Start

Server function without auth

createServerFn callbacks accept any caller unless auth is explicit.

Read the guide →

BOLA on dynamic file-routes

$id route handlers without ownership check.

Read the guide →

Env-var prefix confusion

TanStack Start uses Vite env-var conventions; VITE_-prefixed = client-shipped.

Read the guide →

Install in under a minute

  1. Install the Securie GitHub App
  2. Securie auto-detects via @tanstack/start
  3. Push any PR

TanStack is open-source. Securie is independent.