Michal Špaček

👍 So do you think the current behavior is fine, or would `disallowedImports` make it more useful? I think in most cases it would only duplicate the `disallowedClasses` config so...

I'm solving similar situation with different PHPStan config file with different rules. For example https://github.com/spaze/michalspacek.cz/blob/5f1606dc130823f0b717b14eea846a3e70452a65/site/composer.json#L80 and https://github.com/spaze/michalspacek.cz/blob/master/site/phpstan-vendor.neon It might make sense as there's already something similar for params (`allowExceptParams` et...

See also #45 and #50 :-(

Just for the record, this approach might kill some HTTP caches on the way, for the two guys out there still caring about them. Is also listed as a [second...

That's correct, length hiding makes the attack _just_ take longer: > While this measure does make the attack take longer, it does so only slightly. > The countermeasure requires the...

FWIW, the list in JSON can now be downloaded directly from cs.chromium.org: https://cs.chromium.org/codesearch/f/chromium/src/net/http/transport_security_state_static.json

I've worked around the issue by letting my GitHub Actions test workflow run also on pull request review events: ``` on: [push, pull_request_review] ``` Running `/rebase` will rebase the branch...

I've now created a PR with that workaround description because maybe more people might find it useful.

I hit the issue earlier today (missing `redirectPermanent` either on `Component` or `Presenter`), so I've created a PR in nette/application https://github.com/nette/application/pull/304

The nette/application PR has been merged, pending release.