-
There needs to be done a deep review of cryptography usage. Even though you're saying you're using scure/bip39 for mnemonics, it is not the case for every other feature.
1. why is crypto-browserify…
-
# Lines of code
https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/tokens/TapOFT.sol#L140-L148
https://github.com/Tapioca-DAO/tap-token-audit/blob/…
-
https://www.welivesecurity.com/2018/10/18/new-linux-chachaddos-malware-distributed-servers-vestacp-installed/
-
> Most package pages on the npm registry have a link to a source repository, but this information isn’t verified and doesn’t point at any specific commit. With the [code explorer](https://github.blog/…
-
hello,
github runner images team here.
we are looking into improving supply chain security.
are there checksums available (or maybe other integrity validation) ?
cheers
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0xe5a9b42a2793537a95cd2b51884dd64816b2eb94a7ec90beea86d0a93611761d
**Severity:** medium
**Description:**
**Descriptio…
-
# Background
There is currently on ongoing discussion about how to incorporate a new form of user account in Orion, and then later Atlas, which does not require the user to have an external signer …
-
### Type
Suggestions for Improvement
### What would you like to report?
**Context**
One of the parts of the supply chain in modern ML systems is MLOps software - like i.e. MLFlow, Prefect et…
mik0w updated
4 months ago
-
Okay now that we have SLSA compliance [on the PirvateBin (PHP) project itself](https://github.com/PrivateBin/PrivateBin/issues/1169#issuecomment-1857375199), we can continue here.
## Steps needed
…
rugk updated
8 months ago
-
### Bug description:
Please provide a clear and concise description of what the bug is.
https://cartographer.sh/live-editor/index.html doesnt render supply chain steps
### Steps to reproduce:
…