-
Notifications
You must be signed in to change notification settings - Fork 0
All issues
Issue creation is restricted in this repository
Issues
is:issue state:open
is:issue state:open
Search results
- Status: Open.#174 In widgrensit/asobi;
- Status: Open.#172 In widgrensit/asobi;
Explicit TLS options / cert pinning on outbound httpc calls (M6)
securitySecurity hardening / audit follow-upSecurity hardening / audit follow-upStatus: Open.#171 In widgrensit/asobi;Cap body size on cloud-save / generic-storage writes (M5)
securitySecurity hardening / audit follow-upSecurity hardening / audit follow-upStatus: Open.#170 In widgrensit/asobi;Cap player metadata blob size (M3: unbounded jsonb persisted)
securitySecurity hardening / audit follow-upSecurity hardening / audit follow-upStatus: Open.#169 In widgrensit/asobi;Hash the auth-cache key (M1: raw session tokens as ETS keys in a public table)
securitySecurity hardening / audit follow-upSecurity hardening / audit follow-upStatus: Open.#168 In widgrensit/asobi;ws: /ws upgrade has no Origin check (cross-site WebSocket hijacking surface) — decide allowlist vs accept
enhancementNew feature or requestNew feature or requestquestionFurther information is requestedFurther information is requestedStatus: Open.#160 In widgrensit/asobi;auth: registration abuse controls —
registrationmode enum + pluggable pre-auth client-gate seamenhancementNew feature or requestNew feature or requestStatus: Open.#158 In widgrensit/asobi;auth: register/login share one 5/s limiter, 100k-iter pbkdf2 runs behind it — per-IP CPU amplification
bugSomething isn't workingSomething isn't workingenhancementNew feature or requestNew feature or requestStatus: Open.#157 In widgrensit/asobi;- Status: Open.#103 In widgrensit/asobi;