I looked at the issues for the github project, and it's a cesspool of "doesn't work". I can't imagine being the maintainer and having to wade through that.
Care to elaborate on both counts? I’ve been using it for years and have had no auth issues in my use case at least. I mainly use it inside lan only though I do have a firewalled instance for a couple public services I host, but I haven’t heard of any security issues, I sort of assumed it had a similar attack surface as regular Nginx as that’s basically all it is.
- User auth bugs.
- Security issues.
The developer do not care about fixing those.