Fucory
@fucory
Did a PR to gnosis safe UI to add missing SRI protection https://github.com/safe-global/safe-wallet-monorepo/pull/5186/files For those not in loop SRI tells the browser to not load javascript files that don't match an integrity hash https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity All bundlers support this with plugins
2 replies
1 recast
17 reactions
Fucory
@fucory
I'll be committing these sri hashes onchain
1 reply
0 recast
6 reactions
polymutex
@polymutex.eth
NPM packages, Python packages, GitHub releases, Linux packages, etc. should all have onchain hashes. Disappointed no one has built this yet.
2 replies
1 recast
6 reactions
scottrepreneur
@scottrepreneur.eth
What is holding this back?
1 reply
0 recast
2 reactions
polymutex
@polymutex.eth
You can't make money from it.
1 reply
0 recast
0 reaction
Fucory
@fucory
At Tevm Co we disagree with the statement but are pushing for it to be a public good
1 reply
0 recast
1 reaction
