syncing-server-js icon indicating copy to clipboard operation
syncing-server-js copied to clipboard

Published 20 hours ago verified publisher icon standardnotes

Malicious code as attack vector in public repositories

Open mwmason opened this issue 3 years ago • 0 comments

Hi,

Fan of SN and I appreciate that the team has done independent audits with what seems like a focus on protection of data and encryption techniques. I just read this linked article on what now seems like an obvious threat vector for introducing malicious code into public repositories - seems it's nothing new and that there are methodologies to avoid/reduce this.

Just curious if there are practices in place in the SN development cycle to mitigate this?

Thanks!

mwmason avatar Dec 11 '21 05:12 mwmason

Hmm..looks like it might be escaping full screen mode. Possibly to do with a recent update, or this issue has existed since the beginning and you're the first to discover it :)

moughxyz avatar Aug 15 '19 13:08 moughxyz

Can confirm, this has existed for a long time.

christianhans avatar Aug 15 '19 17:08 christianhans

Instead of restarting the editor, you can press F11 to fix this.

sonjoonho avatar Jan 02 '22 01:01 sonjoonho