-
### Background
Brakeman version: 5.0.0
Rails version: 6.1.3.1
Ruby version: 3.0.0
Link to Rails application code: Private Commercial Project
### Issue
Brakeman does not detect that the …
-
Since all issues I am aware of about getting a static telephone PIN in greenlight are closed now, but someone mentioned an idea of how to achieve this without problems with the load balancer, I (re)op…
-
-
## Expected behavior
I expect the `Bundler/GemVersion` to respect tags on private repositories as "correct", since they lock the version.
This was working fine in the previous versions
## Actua…
-
Saluton TAG!
I'm requesting a TAG review of Secure Payment Confirmation.
Secure Payment Confirmation is a proposal to allow FIDO-based authentication to be used to securely confirm payments init…
-
### Description
Bugsnag, by default, should not report the params of HTTP POST requests. Basic convention is that GET params are nonsensitive (there are exceptions such as tokens in password reset li…
-
Currently our dropdown of delegates presents delegate names, with a value of their email -- which is a privacy issue:
```html
Agripina Spencer
```
Instead we should use a different value (the user…
-
# Automatically Delete Images from Datastore
**Note:** This was originally an RFC created by Andy Zhao. I am adding it as an issue in our public repo so that the MLH Fellows can work on it 😄
## Su…
-
**Describe the bug**
`sanitize_fields` has been removed, but there is no description of how to use the data scrubbing features https://docs.sentry.io/platforms/ruby/data-management/sensitive-data/#…
-
(Originally posted in #2145)
Now with OAuth 2.0 in production, I wanted to revisit the [token introspection](https://datatracker.ietf.org/doc/html/rfc7662) topic, which is handled by the `/oauth2/i…