chrome-tanuki-notifier icon indicating copy to clipboard operation
chrome-tanuki-notifier copied to clipboard
verified publisher icon sue445

Privacy & Security.

Open AmirKhalifehSoltani opened this issue 4 years ago • 2 comments

Is this extension secure? How can we ascertain about security of our repositories? Thanks!

AmirKhalifehSoltani avatar Aug 08 '21 17:08 AmirKhalifehSoltani

How can we ascertain about security of our repositories?

What are you specifically worried about?

This is a public repository, so you can to read all the code yourself.

sue445 avatar Aug 09 '21 10:08 sue445

@sue445 I think @AmirKhalifehSoltani 's question could be refined to

"What steps are you taking to ensure you've linted this repository for code security vulnerabilities?"

Are you using any source code analysis tools for linting code committed to this repository? Github offers some feature built into the pull request process as a form of CICD.

In case you're interested I found this CRXcavator scan for this extension

DonRichards avatar Sep 10 '21 12:09 DonRichards