-
# High Priority
- [x] Separate Recipe post body into two sections steps and instructions
- [x] Add additional attributes to recipe like rating
- [x] Add average rating to home page
- [x] Add searc…
-
**Describe the bug**
Since we moved to sonar 10 and dependency check plugin 5, critical CVEs don't seem to be taken as "high impact on security", but only "medium impact". On the previous version, ha…
-
Hello! I’d like to propose the addition of a SECURITY.md file to this repository. This would make it easier for users/developers to report security vulnerabilities responsibly improving the project’s …
-
We appear to be down to a "D" rating on docker image security. Perhaps we could switch to a more recent base image, and look at signing, which appears a bit wonky atm
-
project_id is accessible which means its open to attack. Users using a command line would be able to assign ratings to an incorrect project or falsify records. Similarly with user_id. However the tuto…
ade89 updated
12 years ago
-
Suggested by Sarah during our 4/18/22 software-dev meeting
Election security is a spectrum, one side it "most secure, least accessible" and the other is "least secure, most accessible", and differe…
-
In order to simplify the user interface, I've been thinking about whether we can in a simple way communicate how secure/safe/private the current conversation is. My proposal is that we calculate a num…
-
Hello!
Oak Security doesn´t use the same severity scale as others do, which outputs misrepresented results IMO.
Instead of `Crit-High-Med-Low-Info` we use `Crit-Major-Minor-Info`. This resulted …
-
Currently the JWTAuth security scheme assumes the token from the HTTP header only
With the latest release of adding cookie in the design, the The JWTAuth security scheme should be able to read the …
-
We are unable to set the hardened_site criteria to "Met" for our project in https://www.bestpractices.dev/en/projects/1614/ Each of the URLs listed there have a A rating from securityheaders.com, but …