|
|
|
|
|
|
by xanathar
809 days ago
|
|
|
"someone" is probably a dependency you include that, for one reason or another tries to revert the policy to a lower level of enforcement. Might be because the dependency needs the lower security policy to work, or because it's a framework that comes with an insecure default, or might be because it accepted a couple PRs from JiaT75. I think it's a sensible choice: try lowering the policy and everything blows up. Much better than the alternative of silently ignoring the call or, even worse, silently lowering the policy |
|
|