David A. Wheeler
David A. Wheeler
Add support for "Domain-based Message Authentication, Reporting & Conformance" (DMARC). This is an email authentication, policy, and reporting protocol - basically it provides stronger evidence to receivers that the sender...
Investigate adding support for meta values, especially description, keywords, and maybe author. Example from W3schools: ~~~~ ~~~~ The lack of a "description" for the root page, in particular, was noted...
I think this NVD claim is misleading: > All mistakes have the potential to have costly consequences, but in practice most appear to be an annoyance. One study found that...
Remove/rewrite this paragraph because it makes false claims: > A metric that assigns a value to individual functions (i.e., its value is calculated from the contents of single functions) cannot...
In 6.5.1: > A system is only as reliable as its least reliable critical subsystem That's clearly not true, since error-correction mechanisms and redundancy can dramatically increase the reliability of...
I'd like to be able to select a *subset* of gems based on the groups in the Gemfile. In my case, [rubyzip has an unresolved vulnerability](https://github.com/rubyzip/rubyzip/pull/371) but since I only...
Hi, welcome to the Linux Foundation! Would some folks from the Janssen project be willing to present & talk with the [Open Source Security Foundation (OpenSSF) Digital Identity Attestation Working...
Warn when PostgreSQL's PQExec is called with a non-constant, to warn about SQL injection. The PostgreSQL `libpq` C interface provides several functions, as explained in the [PostgreSQL (Command Execution Functions)...
It'd be great to have a GitHub Actions integration. Now that flawfinder has SARIF output, that should in theory be easy. More info here about creating such integrations: https://docs.github.com/en/code-security/secure-coding/integrating-with-code-scanning
"An svg icon file is required to show the flawfinder workflow in security tab." in GitHub actions per https://github.com/david-a-wheeler/flawfinder/issues/49 This isn't an .ico file. Do we have actual artistic capabilities?...