* Add warnings about password security
* Warn about weak steam passwords even if they are encrypted
* Apply feedback
* Apply feedback
* Simplify code
* Move return criteria up a bit for increased performance
* Choose more fitting strings for localization
* Extract const value
* Fix incorrect null reference warning
* Switch prefix operator for postfix one
Co-authored-by: Łukasz Domeradzki <JustArchi@JustArchi.net>
* Add tests
* Disable CA1724
The type name Utilities conflicts in whole or in part with the namespace name 'Microsoft.VisualStudio.TestPlatform.Common.ExtensionFramework.Utilities'.
* Tell users why their password is considered weak
* Apply feedback
* Merge resource comments
* Misc.
* Use library for password testing and Run testing in background
* Clean up
* OncSeparate forbidden phrases forfor IPC passwords (once again)
* Additionally check encryption key
* Add comment about {0}
Co-authored-by: Łukasz Domeradzki <JustArchi@JustArchi.net>
Previously we've used one semaphore per all ongoing authentication attempts, which is suboptimal given the existence of a lot of consumers, including ongoing (D)DoS or distributed bruteforce attack. ASF should be as resistant to that as possible, therefore it makes sense to replace the global semaphore with per-IP semaphore (actually task), that can control the access just as well, without stopping other consumers from accessing the same authentication process concurrently.
It failed because it couldn't find immutable collections, ASF doesn't have it either, it doesn't look like it's needed to satisfy the compiler anymore (SK2 includes it through protobuf-net)
This actually does two things: client caching and server caching
Client caching considers only static files, for which we instruct the web browser to revalidate each cache usage with our server to ensure that it's up-to-date.
Server caching with those settings actually doesn't work (nothing to do), but may in the future as lack of no-store means that server is technically allowed to cache I/O read files for as long as it can guarantee they didn't change on the disk.
Closes#2316
The issue we're facing right now comes from the fact of desynchronization of packages between different projects. Since I didn't find any way to "fix" the package versions of our plugins to the main ASF project, we'll instead use centralized Directory.packages.props which specifies appropriate versions
