Smart contract security assessments are surprisingly readable: https://certificate.quantstamp.com/full/nomad
It's clear what's being audited, the issues identified are clearly categorised, and the maintainer responses are shown.
Related Posts
It feels like a mature software project is one where bugs require multiple commits to fix.
You've hammered out the basic issues, so the remaining issues are often weird interactions between components.
I find it odd that people recommend Docker for sandboxing agentic coding tools. Isn't it easier to just create a separate user account on the machine?
It's an established security boundary, and viewing output is easy (just make the user's home directory world readable).
Go has an elegant approach to defining example functions, which are shown in docs as `main()` with the output: https://go.dev/blog/examples