Cover Image

Lutra Security


1-10 employees

Lutra Security
Lutra Securityposted an update7 July 2023
📢 Manifest confusion: Why npm cannot be trusted The architecture of npm has a problem known as manifest confusion, as recently highlighted in an article by Darcy Clarke. The manifest, which contains the metadata of the package, is published independently of the package's tarball and is never fully validated. We have looked into this problem and describe in our new article - how npm's package normalization process exacerbates the problem - how npm itself gets confused by this (we show how to b...

Manifest confusion – Lutra Security

Manifest confusion is a problem in the architecture of npm, pointed out by Darcy Clarke: An npm package’s manifest is independently published from its tarball and never fully
 Manifest confusion – Lutra Security
Lutra Security
Lutra Securityposted an update26 May 2023
Sometimes all it takes is a little copy and paste. That's why in this article we won't focus on password policies in general, but rather give you a reasonable default for Django with all the explanations you need to customize it for your project.

Password Validation in Django – Lutra Security

Since NIST updated its password recommendations in 2017, a lot has changed. Although there are still plenty of applications that rely on the old-fashioned complexity-based rules (lower case, upper case, numbers, special characters… you know the drill), a lot has
 Password Validation in Django – Lutra Security

Similar companies

About us

Lutra Security


Show more


Looking for a job?

Then check out our recommendations and explore new job opportunities.


Open map


Ludwigstraße 8, 80539 München, Germany