Anton Nesterov

For now it's check only HTML files. Parsing JS will be probably supported in future, PHP is very unlikely, but you can use `ignore` or `ignoreRegexp` options. So with your...

I tried to confine AppImages with AppArmor, and here is abstraction I came up with https://github.com/komachi/apparmor-even-more-profiles/blob/master/profiles/abstractions/appimage This is not perfect due how AppImage works (well, it loads files from /tmp...

Without application-specific profiles nothing gonna work, as AppArmor is MAC (whitelist-based model) and enforced profile means app wouldn't get access to anything that is not allowed in profile. So that...

Limiting internet access is generally possible by AppArmor, although it doesn't work on Debian for now. As man page says: ``` Some features are not supported on Debian yet: Network...

That not because AppArmor doesn't want to support it, userspace utils support network rules, but it require kernel patches (available [here](https://gitlab.com/apparmor/apparmor/-/tree/master/kernel-patches)) to work. It was available as out-of-tree patches on...

React context is hard to use on server as it require to render app twice. So enhancers on store makes everything much simpler and faster. I wanted to preload data...

https://caniuse.com/#feat=css-clip-path

AppArmor profiles better to be provided by upstream. apparmor-profiles meant to fill the gap until every package get upsteam profile/until profile is mature enough to be included at least in...

Setting proxy in Firefox settings breaks Convergence too, but everything works if I disable proxy for .bit.

@RSF-RWB Nice idea will be browser extension that works like Tor's [meek pluggable transport](https://trac.torproject.org/projects/tor/wiki/doc/meek). For example, you can send google.com as SNI and Host: header encrypted by TLS pointing to...