Hello,
Thanks for the explanation. It is a bit more relaxing.
As for current concerns - upon a bit of thought i see it as concerning if
the current implementation doesn't warn the user when it is enabled.
This can present issue in auditing or false negative result in case of
supply chain attack/l
Hello,
Sorry to strom in for a disscusion that probably happened internally but
correct me if I am wrong the solution offered doesn't seems to fix the
original issue which appear to be due to lack of sanitization but rather
disable it by default
This seems a bit lacking if it is the case as if so
