|
|
|
|
|
|
by nickpsecurity
3620 days ago
|
|
|
I'll partly agree with that. Mostly even. I draw the line at expecting a security-critical library intending widespread adoption at least follow secure coding guidelines if nothing else. It really doesnt take much effort vs what was already done. Tiny fraction of it. That plus the larger trend of developers ignoring basic, good practices is why I critique the project a bit. Plus, LibreSSL team illustrated my point nicely by doing 10x what I expected in a very short time with no pay. |
|
|