-
Would it be possible to implement a password reset process for users that are locked out of their 2FA with recovery codes lost? Right now the manual recovery process takes several months which can be…
-
Some providers like imgix (https://docs.imgix.com/setup/securing-images) or Cloudinary (https://cloudinary.com/documentation/control_access_to_media) support signing URLs to disallow an attacker gener…
-
A lot of the reading I do has inbuilt citations/links, and Squirt puts the whole link up in front of me, chunk by chunk. An option to ignore any phrase starting with "http" would be great, as well as …
-
Updating stand-alone Spyder in Windows leaves a lot to be improved. Having just updated from 5.2.1 to 5.2.2 I have the following bug report and suggestions.
**Suggestion 1:** Updates should be hand…
nc011 updated
2 years ago
-
## What is missing or needs to be updated?
The current Mobile Application Security Cheat Sheet lacks specific guidance on securing app functionality that could be accessed when an iOS/iPadOS device i…
-
Currently there's no authentication on rpc calls. This issue tracks using macaroons for securing rpc calls. We'll need to generate macaroons on startup if none exist.
The most mature macaroons impl…
-
PyPI supports uploading GPG signatures along with packages. Example: https://pypi.io/packages/source/p/pycalphad/pycalphad-0.4.1.tar.gz.asc
It would be nice to be able to lock down a feedstock so tha…
-
### Proposed change
I believe the integration with OAuth2/OIDC should have an improved documentation.
I've read the callout doc (https://docs.nats.io/running-a-nats-service/configuration/securing_…
-
Currently, there are no docs on how to enable auth for SigNoz otel collector
-
### Background
As part of our windows testing, it was not clear what is Yara, why/when to use it, and how. We could do a blog post about it.
Relevant blog post featuring YARA but only for log4j: …