Closed chadwhitacre closed 8 years ago
Payday on Thursday!
Color code:
@clone1018 :-)
Seems that we are getting more HackerOne traffic now that we offer bounties (#369).
Most of the reports are low-quality and feel like a waste of time. :-(
@hurlothrumbo has discovered the illustrator of the cover of The Internet (#462, #472).
"Security"
An article for Computer Publishing Group discussed the different ways to keep the data on computers secure.
Inbox 2, GitHub 2, L2 Support 1, Vendors, etc. 0.
Gosh, now we're getting low-quality security reports on security@gratipay.com, which we haven't seen since starting HackerOne (#255). Sup with that?
Spent some time on grtp.co this morning (https://github.com/gratipay/grtp.co/pull/115, https://github.com/gratipay/grtp.co/pull/116). First French lesson in 20 minutes. Things on my mind after that:
Just handed out our first "Not Applicable" on HackerOne (-5 reputation). Not sure how else to discourage junk reports.
Aaaaaaand now we're looking at splitting Aspen out into a separate org: https://github.com/gratipay/aspen.py/issues/547. :eyes:
L1 Support 0.
Inbox 2, GitHub 3, L2 Support 0, Vendors, etc. 0.
Security 16.
Merge commits are definitely easier under GitHub.
And they're what we use otherwise.
PR for merge commits for security
: https://github.com/gratipay/inside.gratipay.com/pull/505.
Security 14.
Inbox 3, GitHub 2, L2 Support 0, Vendors, etc. 0.
Security 18!
@whit537 is this all just automated hackerone spam?
No, it's not automated spam. HackerOne doesn't seem to have a listing of our publicly disclosed tickets, but all the ones so far are linked at https://github.com/gratipay/inside.gratipay.com/issues/506#issuecomment-185535229. This is kind of annoying but ultimately I think it's really healthy for us. Most of this stuff is like shaving and brushing your teeth, but we've seen a couple more serious issues so far, and staying on top of the little stuff is good practice to prevent bigger stuff from cropping up.
The email will be sent to the customer and will be logged as a ticket without triggering any notifications. Learn more.
Yesssssss! I've wanted this feature. !m @Freshdesk
cc: @mattbk
What are you working on this week and why?
last week