Add the ability for the validator to detect URL shortening service URL's and reject a package that uses them.
URL shortened links are a potential security vulnerability as they can be changed outside of the package. While changing the installer download file would be detected by the checksum changing, links inside the .nuspec file do not have that protection.
URL shortening services would be (not exhaustive):
Add the ability for the validator to detect URL shortening service URL's and reject a package that uses them.
URL shortened links are a potential security vulnerability as they can be changed outside of the package. While changing the installer download file would be detected by the checksum changing, links inside the .nuspec file do not have that protection.
URL shortening services would be (not exhaustive):