Hey guys (especially Typesafe people),
Maybe this discussion belongs in the tools mailing list, but I'm not sure:
My
company runs on a Lift platform and our customers are all enterprise, so we have the joy of being audited periodically. While we've got some decent stories to tell around security, we're getting mature enough (and scala is certainly mature enough), that it seems like it's time to formalize some secure coding standards for the language,
à la the Secure Coding Standard for Java, or similar to the style guide we've got, but targeted towards security.
I know my company is going to have to have a formal document in that vein that we reference regardless, but I suspect that other companies developing on scala for enterprise customers - such as Typesafe - will probably have to develop such a document eventually as well, so it seems like something that would be worthwhile for the community to have a baseline document for reference against.
--Ian