-
Issues like https://github.com/OpenLiberty/open-liberty/issues/29809 could be avoided with some improvements to our docs.
- The `sslRef` metatype description says:
> Specifies an ID of the SSL …
ayoho updated
1 month ago
-
### Steps to reproduce
1. Enable Turbo Drive on your Rails 7.1.3.2 application, and enable request forgery protection on your controller.
2. Create a form with a submit button with `data-turbo="fa…
-
## Observations and references
Our findings indicate that the tokens (both the Firebase user token and the refresh token) are stored in shared preferences at app level (com.google.firebase.auth).
In…
-
### Details
Currently when generating User API tokens, they are signed using Jokens default signer, which is signed with a string of `secret`.
This means that tokens can be forged.
Fortunatel…
-
Today, device authn access tokens do not expire. They presumably should.
(creating this for these TODO-security comments:
https://github.com/oxidecomputer/omicron/blob/b062e95f5f917909b8c6d40200a4d…
-
## What
Remove the use of API tokens for PyPI publishing.
https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/
## Why
The API tokens introduce a security risk as they nee…
-
In order to not be sending security tokens over the air, which would enable anyone who intercepts them to impersonate the service they belong to, instead the security tokens will live locally with the…
-
**Related command**
az login
**Is your feature request related to a problem? Please describe.**
On Linux Azure CLI stores oauth tokens unencrypted on disk. This is understandable on headless…
-
Hi,
I tried to perform FFT, using the notebook ```Continued pretraining - Korean + Unsloth.ipynb```
However, with unsloth/Llama-3.2-1B-bnb-4bit after instruction finetune, the model hallucinates…
-
The Solidity `payable` modifier essentially puts function calls into their default state without extra security checks for rejecting `msg.value`. Saving a small amount of gas.
This Solady issue is …
z0r0z updated
3 months ago