Tieg Zaharia

> I'm glad you mentioned replay attacks, though. Can you talk a bit more about that? An attacker intercepts the single_access_token? Scenario: a user's single access token is accidentally leaked....

> @tiegz @jaredbeck I agree that this should not be enabled by default. This makes perfect sense to me because my intent was not to make a change that would...

Also, wanted to mention an experience I've had in the past: I was using something very similar to single_access_token for authentication in the url. We discovered that the url was...

And another experience I just remembered 😆 : Got hit by a credential-stuffing attack where the attacker was using Basic Auth to attempt mass logins. Luckily we had disabled Authlogic's...

Looks really close to me, but I can see 2 blockers: * we need to access `controller.request.headers` instead of `controllers.headers` (which is for response headers) * to comply with CGI,...

👋 Thanks for all the new Go tools like pkg.go.dev, they're super useful. Some input on this topic from the perspective of [Libraries.io](https://libraries.io/): * +1 to a `/search/` endpoint, or...

> Another consideration could be remove entirely the notion of namespace and merge ns and name in a name component where you can have as many segments as you like...

Methinks I could pick this one up -- I'll start looking into it now 👀

(got pulled away, but still cranking away at this! PR shortly)

The best way at the moment is probably to use the "Repository" link for each project and scrape from there.