Devin Rhode

I'll put a bounty on it with BountySource. Will $50 make it happen? On Oct 14, 2013 1:21 AM, "Sebastien P." [email protected] wrote: > @devinrhode2 https://github.com/devinrhode2 not yet, but I'll...

Yeah I think best bet here is to not be sending anything to a remote server, and instead implement the caching stuff locally.... At least ask the person running this...

This rule has a lot of obvious false positives. A for loop with an int that is being incremented - no injection risk. For in loops should be converted to...

In addition to converting loops to use Object.keys we can also use Object.values and Object.entries. Object.entries is a little ugly unless you use destructuring ``` Object.entries(obj).forEach(([key, val]) => { return...

Working on a bullet proof way to make all use of square brackets safe: https://stackoverflow.com/questions/57960770/securely-set-unknown-property-mitigate-square-bracket-object-injection-attacks/58204173#58204173 Please help!

yeah it's a pretty noisy rule. Probably there are better ways to spend time improving security: use CSP.. review security vulnerabilities.. try to hack your own application.. turn on "Enhanced"...

Very useful - authentication could allow someone to securely share their website modifications with others

@behboud How are you doing this currently? Any pointers?

In my several years of experience with the chrome extension api, I'm sure the chrome team would love to have a promise style api available. It would probably be easier...

You may need to place your extensions original manifest.json into the public folder, so this addon uses that instead of generating it's own manifest.json