Andrey Andreev
Andrey Andreev
The "license" property in the composer schema is restrictive in that it only allows SPDX-listed identifiers. And while that encourages usage of popular open-source licenses, it does have downsides ......
Audit
I'm pretty confident in the code so far, but obviously, as a cryptographic library it needs more eyeballs. Two notable pieces of code that could be a concern: - [HKDF...
[V6.5 General Multi-factor authentication requirements (as of time of this issue)](https://github.com/OWASP/ASVS/blob/67100a95f382d7bae8058c6f63fe07680b21e34f/5.0/en/0x15-V6-Authentication.md#v65-general-multi-factor-authentication-requirements): | # | Description | Level | | :---: | :--- | :---: | | 6.5.7 | Verify that...
[V13.3 Secret Management (as of time of this issue)](https://github.com/OWASP/ASVS/blob/67100a95f382d7bae8058c6f63fe07680b21e34f/5.0/en/0x22-V13-Configuration.md#v133-secret-management): | # | Description | Level | | :---: | :--- | :---: | | 13.3.1 | Verify that a secrets...