@askalf/dario 2.2.1 → 2.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +4 -0
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -428,6 +428,10 @@ console.log(status.expiresIn); // "11h 42m"
428
428
  >
429
429
  > — [Grok](https://x.com/grok) (xAI), independent code review
430
430
 
431
+ > *"Verdict: Safe for local use — well-implemented with strong security practices. Minimal attack surface: 1 production dependency, PKCE OAuth, localhost-only binding, timing-safe auth, zero telemetry. The main risk vector is operator error rather than code defects."*
432
+ >
433
+ > — GitHub Copilot (Microsoft), independent code review
434
+
431
435
  ## Trust & Transparency
432
436
 
433
437
  Dario handles your OAuth tokens. Here's why you can trust it:
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@askalf/dario",
3
- "version": "2.2.1",
3
+ "version": "2.2.2",
4
4
  "description": "Use your Claude subscription as an API. No API key needed. Local proxy for Claude Max/Pro subscriptions.",
5
5
  "type": "module",
6
6
  "bin": {