Clément Delafargue
Clément Delafargue
IMO, In any case, interactive behaviour has to be explicitely asked, to keep a predictable behaviour when scripting.
Have a look at https://github.com/k33g/mandrake
You are right, this is confusing. Long story short, there is a gap between the actual version number present in tokens (current: `4`) and which is used in the specification,...
Indeed, biscuit-go does not support v4 blocks for now: https://github.com/biscuit-auth/biscuit-go/blob/main/samples/samples_test.go#L144 all the samples containing v4 features are disabled in the test suite. Adding support for bitwise operators and check all...
I'm not sure how I feel about releasing a version with partial support (I really don't know, it could perfectly well be okay). I think that could be part of...
`biscuit` is the spec, it does not contain any implementation. `biscuit-rust` is up-to-date to the spec, and `biscuit-cli` exposes `biscuit-rust` features, so is typically up-to-date as well.
I think i have found a way to have closures in the stack machine. Laziness is trivially implemented through closures, so this PR might be closed soon.
Following discussions in #211, i think the best would be to always use `URL_SAFE_NO_PAD` and not add an option.
I am working on a fix for missing facts and rules in `Authorizer.to_string()`
I need to check if these semantics make sense for every command but that could be useful.