Here you can find documents and other resources produced by the Security WG of the Erlang Ecosystem Foundation.
We welcome feedback and suggestions, especially to public drafts: please open an issue or PR through our GitHub repo. You can reach out to members of the working group through the #eef-security-wg channel at the Erlanger Slack workspace, or via email at security (at) erlef (dot) org.
Documents
- Secure Coding and Deployment Hardening Guidelines
- Web Application Security Best Practices for BEAM languages
- Security Vulnerability Disclosure
Specifications
- ‘hex’ Package URL type
- Part of Hex specifications
- ‘otp’ Package URL type (draft)