Julien

I had increased it to 10MB because I wanted logrotation to be done by logrotate every day and it seems 0 is not the right way the way to disable...

I added report with both audispd and laurel output in my ansible role pipeline One example here https://github.com/juju4/ansible-auditd/runs/3847691965?check_suite_focus=true#step:12:1 number seems approaching from a type perspective, less when digging by keyword...

``` # audispd report *** sensitive_file CREATE+DELETE Total unique files: 9 Total unique apt .#lk0x files: 0 2 item=1 mode=0100600 rdev=00:00 1 name="/etc/systemd/system/snap-core-11743.mount.Xg4Jpb9hHSCL~" ouid=0 nametype=DELETE 1 name="/etc/systemd/system/snap-core-11743.mount.Xg4Jpb9hHSCL~" ouid=0 nametype=CREATE 1...

Sorry for delay, busy times. On github action side, I lost laurel report between build of Nov 29th and Dec 4th. just repaired it On my test server, for some...

no problem. same for many people :)

does both are really needed for all websites? can't have a smaller approved list? I believe `default-src 'none';` is the main one that would help to drop risk score, at...

but unspecified is the part where security is at play, ensure software does what it is designed to/specified and not anything else. happy to add other policies where needed but...

Can this be merged? It would fix retirejs vulnerability scan issues found as listed on https://crxcavator.io/report/%7Bc07d1a49-9894-49ff-a594-38960ede8fb9%7D?platform=Firefox&new_scan=true Thanks

Hello @Grungnie Thanks a lot for the detailed feedback! I'm reviewing that and hopefully do some kind of tests/poc and come back to you.

I'm fine with current remarks. can have it in tree with harden false and at next major release, set to true. few questions - if I differentiate those settings (eg...