| ▲ | akerl_ a day ago | |||||||
That’s basically no validation at all. Python doesn’t even have that kind of namespacing to need to validate. The kind of validation being discussed here would take way more than “a staffer”. | ||||||||
| ▲ | nzeid a day ago | parent [-] | |||||||
I mean... don't let perfect be the enemy of good? I'm insisting that even the barest minimum of human/manual involvement solely on account signup would be a major security improvement. It would be exhausting to have to audit your entire dependency tree like your life depended on it just to do the most mundane of things. | ||||||||
| ||||||||