-
-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
jshttp/security.md #55
Comments
sure. i was actually thinking about having a security.md file in all our repos today, haha. what did you have in mind? the reason i was thinking about it was that i can make an email account that can just forward to a bunch of us as a contact line or something for non-public communication |
all our repos? i was thinkign about a single repo with all the security issues in one place. it'll be a guide to using jshttp modules basically. i don't think disclosure will be much of an issue - there are a lot of ways people can contact us privately. |
ah, gotcha. when you said security.md, i was thinking of the file from that node.js security project, lol. so you mean like an "example use of modules in a secure way" kind of repo |
and a "what a lot of frameworks do wrong and how to do it correctly, probably with jshttp/pillarjs modules" |
give us street cred, yo |
i'd like to make a repo for common jshttp security issues, examples/tests, and fixes. @dougwilson you interested in helping?
The text was updated successfully, but these errors were encountered: