jyn

hmm. no, it's a little more complicated than that. my fix there only works if you pass the script the PID of the *tmux server*. but when restoring, resurrect needs...

FYI this is ready for review. Most of the discussion with petrochenkov is about future extensions; to my knowledge I have incorporated all the feedback about the docs into the...

there are two bugs here: 1. `unwrapProtectorKey` should have a limit on the number of passphrase attempts (maybe 3 is reasonable, to match sudo?): https://github.com/google/fscrypt/blob/5980fd92efebb449adf2b2826da9ac761b1c68b3/actions/callback.go#L83-L106 2. `passphraseReader.Read` should notice that...

I'm not sure this belongs in docs.rs. a) For files that are part of the tarball, I think filtering based on file size should happen on crates.io, if at all....

> it's purely for included files of an absurd size I think that should be handled by crates.io if at all. > Filtering input files somewhat is part of the...

Ok, if we're going to implement this it should be a restriction on the build, not on the uploads, and it should be per-crate, not per-file (or a malicious crate...

The reason I'm so adamant about limiting this during the build is because otherwise we could still have DOS attacks which cause the site to go down when the hard...

> For the default limit, we should actually analyze the S3 inventory and see how much storage crates actually use. Do you know a reasonably efficient way to do that?...

> If I understand correctly, removing support for empty passwords is actually unnecessary to fix the issue. Would you mind splitting that change into a separate commit, or even a...

:wave: i'd appreciate a review when you have a chance :)