> Re. The security: If you were providing a web site with sensitive information > stored in BaseX, not CC type stuff wherein a token could be used, would you > trust the security inherit in BaseX? Sorry to ask, this just isn't my area > of expertise.
What kind of confidential/sensitive information do you want to store in BaseX? Do you want to encode anything that’s stored in a database or only user credentials? You could have a look at our Cryptographic Module [1]. It allows you to partially or fully encode any data before storing it in a database. [1] https://docs.basex.org/wiki/Cryptographic_Module