Terms of Service
Last updated: February 19, 2026
Build & Ship is a deployment tool. Your code runs on your hardware. We provide the routing, secure connections, and CI/CD glue. You're responsible for what you deploy.
What this is
These terms cover your use of Build & Ship — the bs CLI tool, the buildandship.it proxy service, and this website. By installing or using any of them, you're agreeing to these terms.
If something here doesn't sit right, don't use the tool. No hard feelings.
What you get
CLI Tool
A CLI tool (bs) that runs on your machine and deploys to your own hardware.
Reverse Proxy
A reverse proxy through *.buildandship.it subdomains that routes traffic via a secure connection to your machine.
CI/CD Integration
GitHub Actions integration for auto-deploy on push. Wire it up once, deploy on every commit.
Custom Domains
Custom domain support with automatic TLS. Point your DNS and you're live.
What we don't do
We don't host your code. Your code stays on your machine and your GitHub repo. We never see it.
We don't store your data. The proxy routes traffic. It doesn't log, cache, or inspect your app's content.
We don't sell your info. No analytics dashboards monetizing your usage patterns. No third-party data sharing.
We don't scan your traffic content. Traffic passes through the proxy layer and is forwarded as-is. We have zero interest in what your app serves.
Your responsibilities
Your hardware
You provide the machine. If it's offline, your app is offline. We deploy to it — we can't fix your WiFi.
Keep it legal
Don't deploy malware, phishing pages, or anything that violates the law in your jurisdiction.
Secure your machine
We encrypt secrets at rest and use sealed-box encryption for GitHub Actions, but your server security is on you.
Don't abuse the proxy
The *.buildandship.it subdomains are a shared resource. Don't use them for spam, phishing, DDoS, or anything that degrades service for others.
GitHub OAuth
bs login authenticates through GitHub OAuth. We request the minimum scopes needed to create workflow files and store deploy secrets. Your OAuth token is stored locally on your machine in ~/.buildandship/. We don't send it anywhere else.
You can revoke access anytime from your GitHub settings.
Subdomains & domains
When you deploy, you get a *.buildandship.it subdomain (named after a bird — because why not). This subdomain is yours as long as your project exists.
Custom domains are managed through your own DNS by pointing a CNAME record. We don't own or control your custom domains. Automatic TLS is provisioned for all custom domains.
We reserve the right to reclaim subdomains used for abuse, or inactive subdomains (no traffic for 90+ days) to keep the namespace clean.
Open source & licensing
The bs CLI is MIT licensed. The controller and worker infrastructure are proprietary. See the LICENSE file in the GitHub repo for details.
Contributions are welcome. By contributing, you agree that your contributions can be used under the same license.
Service Changes
We may change features, deprecate commands, or sunset services as the product evolves. We'll try to give notice, but can't guarantee it. We won't retroactively change terms to screw you over. We'll try not to break things, but no promises on API stability during early releases.
Termination
We can terminate access to the proxy service if you violate these terms. We'll try to give a heads up first, unless you're doing something obviously harmful. You can stop using Build & Ship anytime. Run bs uninstall and it's gone. Your local data stays yours — always.
Limitation of Liability
Build & Ship is provided "as is" without warranty of any kind. We're not liable for any damages arising from your use of the tool or service, including lost data, lost revenue, or your production server catching fire because you deployed on a Friday. Small team shipping fast — things might break.
Indemnification
You agree to not hold us responsible for what you deploy. Your app, your responsibility.