This fork implements secure defaults based on a number of sources. We’ve created and open-sourced a fork of the TypeScript Quick Start that our application is based on.Some of the concrete steps that we’ve taken: This way, if new issues are found in the future, it’s less likely to impact us. In addition, when possible, we work to eliminate entire classes of vulnerability instead of blocking specific vulnerabilities. We’ve done our due diligence to ensure that we are following all best practices, and reviewed issues found in other applications to ensure that we wouldn’t face the same problems. We’ve worked hard to take the proper steps to do it right. It’s true that Electron is quite complex, as it’s built on Chromium - this creates a number of challenges for developers to use it securely. It’s possible to disagree without being rude or resorting to personal attacks. Treat them how you would want to be treated. Please remember that when you’re talking to someone on social media, there’s a real person on the other side. While some disagree with the path taken, they are still humans, with feelings, and being disrespectful, rude, and attacking them simply isn’t appropriate. They care about users, and want to build the best software possible. They’ve built a culture where everyone is welcome just as they are. They are deeply passionate about privacy and security (to a degree I’ve not seen anywhere else). While there may be disagreements around decisions that have been made - what tech stack is used, what the app looks like, what features are or aren’t present - that doesn’t provide an excuse to be disrespectful to the people that worked hard to build this application. Before I continue, I would like to take a moment to comment on something I find both disappointing and disturbing.
0 Comments
Leave a Reply. |