Mike McDonald

Two potential issues: First, the need for a debug version (which is included with every release, just append `-debug` to the file before downloading). Second is that v0 is long...

Yep, no problem. I basically just try to get people to upgrade from v0 since we've implemented a ton of new features, performance improvements, and bug fixes since then. No...

The near term recommendation that I offer is: have your function [mint a custom auth token](https://firebase.google.com/docs/auth/admin/create-custom-tokens) and then use the client libs instead of the admin ones. In the future,...

@degroote22 this is still a topic in active discussion, but unfortunately we don't have a great answer at the moment, as it's technically surprisingly tricky. We'll make sure to reach...

Unfortunately it requires some changes to underlying infrastructure that I don't see coming anytime soon, so I'd rely on also performing server-side validation when using those clients.

> So I guess, who is the intended user / audience of this command? Is it even limited to a certain type of user? > > 1. Package authors >...

> > What would be most ideal, combined with this, is a way for maintainers to get disclosures that these advisories impact their packages before muggles do, so that there’s...

> > 1 is the group best able to set the impactful flag (e.g. they will know best if the vulnerability is going to impact everyone, only appears in their...

(Product Manager for Rules here) First off, thanks for all the feedback. As @rockwotj said, please keep it coming--it's how we improve the product. To summarize the above, it sounds...

**Better support for resource/schema definition, type validation** I've spent a long time thinking about this, and the short answer is that I think we need to more clearly separate resource...