Short answer
Nerve dogfoods its own alert path for release, deploy and smoke-test notifications. Jobs send short encrypted signals through a send-only sender DSN; the relay routes ciphertext; the phone decrypts locally. This page documents the pattern without exposing secrets, tokens, private logs or ciphertext.
What we send
- Deploy success or failure summaries.
- CI/CD run links and commit SHAs.
- Short smoke-test status.
- Release checkpoints where a human is waiting for confirmation.
What we do not publish or send as proof
- Sender DSNs, device tokens, private keys or APNs/FCM credentials.
- Full logs, raw database content or private customer data.
- Plaintext alert payloads for the relay to read.
- Agent tokens as part of the send-only notification path.
Example signal shape
backend deploy success
sha: b62b038
run: https://github.com/nerve-ink/nerve-ops/actions/runs/...Why this matters
For small developer infrastructure, alerting should start as a narrow signal path. Nerve's own workflow follows that boundary: send-only credentials create signals, optional agents are separate, and the relay is not treated as a plaintext inbox.