A_A

@timea-solid I've created a document with basic security recommendations here: https://github.com/Otto-AA/solid-security-basics If you think it is helpful for you all, I could also join the meeting and talk about this...

> I would enjoy virtually meeting you but there is no need for you to fight with your schedule. But, please, do join some times :) Yes, for the next...

> Weren't we able to sanitize the users input? I didn't know if this issue was fixed or not. The markdown XSS has moved to a separate issue and has...

Related issue for NSS: https://github.com/nodeSolidServer/node-solid-server/issues/1356

I agree with @damooo . Allowing folders to have arbitrary `contain` statements means that applications can't trust this. Currently, most applications I've checked implicitly trust the contain statements, leading to...

[Here](https://forum.solidproject.org/t/solid-app-no-able-to-find-public-resources-in-our-repository/2733) is the discussion in the solid forum and [this](https://forum.solidproject.org/t/solid-app-no-able-to-find-public-resources-in-our-repository/2733/13) comment describes how to (hopefully) fix it. The general problem was that currently the app is expected to be hosted...

Thanks for the update! I can confirm, that this error does not occur when using `npm ci` for the community solid server.

Hi, I'd be curious to hear in which cases this detector reports false positives. For a different use case*, I thought about implementing nearly the same logic. Hearing that it's...