subforge — Acceptable Use Policy

Effective date: June 2026
Last updated: 16 June 2026

This Acceptable Use Policy ("AUP") forms part of the Terms of Service and applies to everyone who uses the subforge Service. It sets out what you may not do. If you are unsure whether a use is permitted, ask us at [email protected] before proceeding.

We host source code and binary assets for small teams. This policy exists so we can keep the Service safe and lawful for everyone, and so we can act quickly when something goes wrong.

1. You must not use the Service to

Unlawful and harmful content

• Store, host, or distribute content that is illegal, or that infringes the intellectual property, privacy, or other rights of anyone else (see the Copyright & Takedown Policy).
• Host child sexual abuse material (CSAM), content that sexualises minors, or any content that is unlawful to possess or distribute. We report CSAM to the relevant authorities.
• Host content that is defamatory, harassing, threatening, or that incites violence or hatred.
• Distribute pirated software, cracked assets, stolen credentials, or other material you have no right to share.

Malicious and abusive activity

• Upload or distribute malware, ransomware, or other malicious code intended to harm, or operate command-and-control infrastructure. (Storing security research, proof-of-concept, or defensive tooling for legitimate purposes is permitted — if in doubt, contact us.)
• Attempt to gain unauthorised access to any system, account, repository, or data, or to bypass authentication, access controls, or rate limits.
• Probe, scan, or test the vulnerability of the Service without authorisation (responsible security research is covered by our Security Policy).
• Interfere with or disrupt the Service or its infrastructure, including denial-of- service attacks, deliberately overloading resources, or evading usage limits.

Misuse of the platform

• Use the Service as a general-purpose file host, backup target, CDN, or data store unrelated to version-controlled projects, in a way that abuses storage or bandwidth.
• Mine cryptocurrency, or run unrelated compute workloads, on our CI/build infrastructure.
• Send spam, phishing, or unsolicited bulk messages, or harvest other users' data.
• Impersonate others, or misrepresent your affiliation with any person or organisation.
• Resell or sublicense the Service without our written permission.

2. Fair use of resources

Even for permitted uses, you must not place an unreasonable burden on the Service. We may set and enforce limits on storage, bandwidth, repository size, request rates, and CI/build usage, and may throttle, restrict, or move accounts to read-only where necessary to protect the Service and other users.

3. Your responsibility for collaborators

You are responsible for the actions of collaborators you grant access to your workspaces and repositories. Make sure they understand and follow this policy.

4. Reporting abuse

If you believe content or activity on subforge breaches this policy, report it to [email protected] with enough detail for us to investigate (e.g. the repository or URL, and what the issue is). For copyright specifically, follow the Copyright & Takedown Policy.

5. Enforcement

If we believe you have breached this policy, we may — with notice where practical, or immediately where necessary — take any action we consider appropriate, including:

• removing, disabling, or restricting access to content;
• making repositories read-only or private;
• suspending or terminating accounts or workspaces;
• preserving and disclosing information where required by law; and
• reporting to the relevant authorities.

We try to act proportionately, but protecting the Service, its users, and the public comes first. Repeat or serious breaches will result in termination. We are not liable for action taken in good faith under this policy.

6. Changes

We may update this policy from time to time; the current version always applies.