@chain305/x-security 0.3.0 โ†’ 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/LICENSE CHANGED
@@ -186,7 +186,7 @@
186
186
  same "printed page" as the copyright notice for easier
187
187
  identification within third-party archives.
188
188
 
189
- Copyright 2026 Writ contributors
189
+ Copyright 2026 x-security contributors
190
190
 
191
191
  Licensed under the Apache License, Version 2.0 (the "License");
192
192
  you may not use this file except in compliance with the License.
package/README.md CHANGED
@@ -126,7 +126,7 @@ How much of each class a target can **enforce natively**. ๐ŸŸข full ยท ๐ŸŸก part
126
126
  | API9 ยท Improper Inventory Management | ๐Ÿ”ด | ๐Ÿ”ด | ๐ŸŸก |
127
127
  | API10 ยท Unsafe Consumption of APIs | ๐ŸŸก | ๐ŸŸก | ๐ŸŸก |
128
128
 
129
- Only these three targets are independently **measured** today; Kong, Coraza, NGINX, Envoy and OpenAppSec compile the same policy but aren't yet published with a per-class measurement (โšช). Cells like **๐Ÿ”ดโ†’๐ŸŸข** are the same control stateless vs. with a JWT identity wired โ€” ownership checks (BOLA/BFLA) need to know who the caller is, so a stateless WAF can't enforce them. A **๐ŸŸก** means the target enforces most of the class natively, not all. Full per-field matrix (incl. the Writ-native injection / prompt-injection / audit classes): **[usewaf.com/coverage](https://usewaf.com/coverage)**.
129
+ Only these three targets are independently **measured** today; Kong, Coraza, NGINX, Envoy and OpenAppSec compile the same policy but aren't yet published with a per-class measurement (โšช). Cells like **๐Ÿ”ดโ†’๐ŸŸข** are the same control stateless vs. with a JWT identity wired โ€” ownership checks (BOLA/BFLA) need to know who the caller is, so a stateless WAF can't enforce them. A **๐ŸŸก** means the target enforces most of the class natively, not all. Full per-field matrix (incl. the x-security-native injection / prompt-injection / audit classes): **[usewaf.com/coverage](https://usewaf.com/coverage)**.
130
130
 
131
131
  ## License
132
132