Einhugur JWT Plugin - policy

Einhugur Plugins and components for Xojo are building blocks for other developers who develop with the Xojo programming environment.

Einhugur Plugins and components are solely elements intended to be integrated as components into other products.

All Einhugur products are made available without known exploitable vulnerabilities.

If vulnerabilities are discovered then once solution is developed updates will be shared on our web page, and notifications will be posted through our various of notification channels, Xojo Forum, Discord, Bsky, X, and Mastodon.

If Einhugur component uses third party libraries then it will be listed in the documentation for the relevant component. It will then note which components are used or partially used.

Development of the Einhugur plugins and components uses version tracked development process.

Where it is possible we try to limit use of older less secure API's if newer more secure API's exist and are viable to use for the versions of operating systems we support.

Bill of materials for the Einhugur JWT Plugin for Xojo:
l8w8jwt library from https://github.com/GlitchedPolygons/l8w8jwt
MbedTLS from https://github.com/ARMmbed/mbedtls
Checknu from https://github.com/GlitchedPolygons/checknum
Chillbuff from https://github.com/GlitchedPolygons/chillbuff
JSMN from https://github.com/zserge/jsmn
Acutest from https://github.com/mity/acutest
Base64 implementation from https://github.com/gaspardpetit/base64
Ed25519 implementation from https://github.com/GlitchedPolygons/GlitchEd25519