Wojtek Mach
Wojtek Mach
GitHub has a [secret scanning feature](https://docs.github.com/en/code-security/secret-security/about-secret-scanning) that can alert users when they accidentally commit secrets like API tokens. GitHub partners with service providers (which maintain these API tokens) to detect...
We need some kind of overview of security features that we can point people to (e.g. in https://stackoverflow.com/questions/48559599/is-there-a-way-of-end-to-end-authentication-of-hex-packages) Some of the things we may want to mention are: - registry...
First of all, thank you for this library. And apologies if something like this was already discussed, I couldn't easily find it. In the very first example in README we...
We cannot depend on `is_packaged_app()` check because it is not a perfect way of checking if app is bundled. It would return true when the app is bundled with a...
Ref: https://github.com/erlang/otp/issues/6070#issuecomment-1168676066
**Describe the bug** When packaging up a Erlang in an .app bundle on macOS, the system runtime incorrectly reports the bundle location and cannot retrieve any of the bundle keys....
I wanted to do some tests on Elixir v1.0.x and noticed this: ``` $ docker run --rm -it hexpm/elixir:1.0.5-erlang-17.3.4-ubuntu-groovy-20201022.1 bash root@225bca8ec9e7:/# mix new foo {"init terminating in do_boot",{{badmatch,{error,{crypto,{"no such file...
A brand new Mix project would trigger these warnings when executing `mix hex.build`: ``` ** (Mix) Stopping package build due to errors. Missing metadata fields: description, licenses, links ``` It...
We're already using hex_core in a few places, this is what is left: - [ ] Replace [Hex.API.*](https://github.com/hexpm/hex/tree/v0.20.1/lib/hex/api) with `:hex_api_*`. - [ ] Add [progress tracking](https://github.com/hexpm/hex/blob/v0.20.1/lib/hex/api.ex#L27) to hex_core - [x]...
### Elixir and Erlang/OTP versions main ### Operating system macOS ### Current behavior Currently `@behaviour` adds a compile-time dependency. It doesn't change code being compiled it just emits a warning....