|
|
|
|
|
|
by kepano
21 days ago
|
|
|
As far as I can tell, every issue you flagged in this article is now automatically caught in the new plugin review system launched last week. The new system prevents plugin updates from being released/downloaded if any of these issues are present. The team is also working on adding permissions and more controls, see the recent announcement and HN discussion: https://obsidian.md/blog/future-of-plugins/ https://news.ycombinator.com/item?id=48109970 Since last week hundreds of plugins have been updated to patch vulnerabilities. That said there is a lot more to do and we're actively working on it. It's a very high priority. If there are any other checks you think we should add to the automated review system I'd be happy to look into those. Since the review system is mostly open source you can also contribute to it directly, though perhaps that would be in conflict with the purpose of your company since our approach doesn't use AI for now? |
|
|