Jonas Finnemann Jensen
Jonas Finnemann Jensen
I might have an extension in vscode I can't figure out, or vscode has formatting for scss files built-in. Is this something we should consider enabling? I'm not sure if...
See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Feature_Policy See security scan: https://securityheaders.com/?q=https%3A%2F%2Fpub.dartlang.org
I propose that we add the function to our configuration file. ```yaml testUsers: - [email protected] - [email protected] ``` Then we make a `test-user-sign-in` _admin action_ which will create and return...
We can point GCLB at a prefix within a GCS bucket, so ideally we should be able to export responses for everything matching: * `GET /api/packages/` * `GET /api/packages//advisories` *...
According to: https://developers.google.com/speed/pagespeed/insights/?url=http%3A%2F%2Fpub.dartlang.org%2Fpackages%2Fhttp We have work to: "Ensure text remains visible during webfont load". "Leverage the font-display CSS feature to ensure text is user-visible while webfonts are loading" See: https://developers.google.com/web/updates/2016/02/font-display
To mask `referrer` header, we should consider making external links go through a redirect. This also hardens a few other XSS vectors. See: https://en.wikipedia.org/w/index.php?title=URL_redirection&oldid=917753021#Referrer_masking Note: It is critical that such...
In our entities we are not good at documenting what the `Model.id` and `Model.parentKey` is. We should go through all entities and make sure this is documented for each `Kind`....
Proxying images from the `README.md` file displayed on the package page would mitigate user tracking by third-parties. I'm not sure we need to cache, maybe caching a few minutes would...
Once we've refactored the logic, let's review all the messages.. and maybe get Kathy to take quick look afterwards.
This is not fully though through. But github has a feature where it shows which language a repositories is written in.. It might be nice to have the analysis of...