search

ubiquity / ubiquibot-telegram

Your AI powered repository manager (on Telegram.)
1 stars 7 forks source link

OAuth to associate Telegram and GitHub handle #4

Closed 0x4007 closed 1 year ago

0x4007 commented 1 year ago
0x4007 commented 1 year ago

We need this for a marketing push as well. We're promoting at ethcon.kr hackathon (1 September) to try and get partners and more developers in the DevPool. We are giving out some bags and tee shirts with QR codes that will go to a landing page to onboard them into the DevPool. It could be very useful to capture their Telegram + GitHub in this flow as well.

seprintour commented 1 year ago

/query @seprintour

ubiquibot[bot] commented 1 year ago

Skipping /query because it is disabled on this repo

seprintour commented 1 year ago

/start

ubiquibot[bot] commented 1 year ago

Deadline Sun, 13 Aug 2023 08:14:03 UTC
Registered Wallet 0x3623338046b101ecEc741De9C3594CC2176f39E5

Tips:

ubiquibot[bot] commented 1 year ago

Do you have any updates @seprintour? If you would like to release the bounty back to the DevPool, please comment /stop Last activity time: Sat Aug 12 2023 08:14:01 GMT+0000 (Coordinated Universal Time)

seprintour commented 1 year ago

Do you have any updates @seprintour? If you would like to release the bounty back to the DevPool, please comment /stop Last activity time: Sat Aug 12 2023 08:14:01 GMT+0000 (Coordinated Universal Time)

soon

0x4007 commented 1 year ago

Do you have any updates @seprintour? If you would like to release the bounty back to the DevPool, please comment /stop Last activity time: Sat Aug 12 2023 08:14:01 GMT+0000 (Coordinated Universal Time)

soon

You should have a draft pull request opened as soon as you start working on issue.

seprintour commented 1 year ago

You should have a draft pull request opened as soon as you start working on issue

It depends on #15, I needed a clean working commit.. not something that'd show both commits in one PR.

That's the reason i tried to merge the database issue the last time

0x4007 commented 1 year ago

You should have a draft pull request opened as soon as you start working on issue

It depends on #15, I needed a clean working commit.. not something that'd show both commits in one PR.

That's the reason i tried to merge the database issue the last time

You can have two branches, with two pull requests, open simultaneously from your fork. I don't understand your point.

seprintour commented 1 year ago

You can have two branches, with two pull requests, open simultaneously from your fork. I don't understand your point.

Mu point is, if i create a new branch from another branch that is still under review.. changes i'd make in the branch it is created from would not automatically reflect and it shows commit from that branch as well.

I usually like it clean and no merge conflicts when i am done, but i created a draft already.. working on it

0x4007 commented 1 year ago

changes i'd make in the branch it is created from would not automatically reflect and it shows commit from that branch as well.

There's git rebase for this. This is very simple to do with git graph extension in vscode

I think git has been around long enough to have features for most of these common issues.

ubiquibot[bot] commented 1 year ago

Do you have any updates @seprintour? If you would like to release the bounty back to the DevPool, please comment /stop Last activity time: Sat Aug 26 2023 18:43:46 GMT+0000 (Coordinated Universal Time)

ubiquibot[bot] commented 1 year ago

@seprintour - Releasing the bounty back to dev pool because the allocated duration already ended! Last activity time: Sat Aug 26 2023 18:43:46 GMT+0000 (Coordinated Universal Time)

seprintour commented 1 year ago

/start

ubiquibot[bot] commented 1 year ago

Deadline Tue, 05 Sep 2023 02:36:53 UTC
Registered Wallet 0x3623338046b101ecEc741De9C3594CC2176f39E5

Tips:

ubiquibot[bot] commented 1 year ago

Permit generation skipped since this issue didn't qualify as bounty

If you've enjoyed your experience in the DevPool, we'd appreciate your support. Follow Ubiquity on GitHub and star this repo. Your endorsement means the world to us and helps us grow!
We are excited to announce that the DevPool and UbiquiBot are now available to partners! Our ideal collaborators are globally distributed crypto-native organizations, who actively work on open source on GitHub, and excel in research & development. If you can introduce us to the repository maintainers in these types of companies, we have a special bonus in store for you!

ubiquibot[bot] commented 1 year ago

@seprintour, You are not allowed to remove Priority: 2 (High)

ubiquibot[bot] commented 1 year ago

@seprintour, You are not allowed to add Priority: 3 (High)

seprintour commented 1 year ago

@pavlovcik labels issue here

ubiquibot[bot] commented 1 year ago

Task Assignee Reward

[ CLAIM 300 WXDAI ]

0x36233380...2176f39E5

If you've enjoyed your experience in the DevPool, we'd appreciate your support. Follow Ubiquity on GitHub and star this repo. Your endorsement means the world to us and helps us grow!
We are excited to announce that the DevPool and UbiquiBot are now available to partners! Our ideal collaborators are globally distributed crypto-native organizations, who actively work on open source on GitHub, and excel in research & development. If you can introduce us to the repository maintainers in these types of companies, we have a special bonus in store for you!

ubiquibot[bot] commented 1 year ago

Task Creator Reward

pavlovcik: [ CLAIM 22.4 WXDAI ]

0x4007 commented 1 year ago

That's unexpected that without label access control you were still able to generate a payment permit.

seprintour commented 1 year ago

That's unexpected that without label access control you were still able to generate a payment permit.

Oh, I just had to delete the stale label and edit it.. I don't think it was really a vulnerability, just me having access to edit label name and color even though I can't alter them on issues

0x4007 commented 1 year ago

That's unexpected that without label access control you were still able to generate a payment permit.

Oh, I just had to delete the stale label and edit it.. I don't think it was really a vulnerability, just me having access to edit label name and color even though I can't alter them on issues

That's a really interesting attack vector! So you can get around access control on labels by editing other labels already on the issue?

seprintour commented 1 year ago

That's a really interesting attack vector! So you can get around access control on labels by editing other labels already on the issue?

Yea, deleting and updating labels should circumvent the access control blocking

0x4007 commented 1 year ago

This means that our approach could be flawed, unless we can detect this specific behavior and protect against it. For example, if anybody but an admin or billing_manager updates labels, then an admin or billing_manager must manually re-allow automatic payment permit generation.

seprintour commented 1 year ago

This means that our approach could be flawed, unless we can detect this specific behavior and protect against it.

I'd take up the issue and block edit label event too with access control

0x4007 commented 1 year ago

This means that our approach could be flawed, unless we can detect this specific behavior and protect against it.

I'd take up the issue and block edit label event too with access control

I'd prefer that you focus on re-enabling support for Telegram group topics for the bot, as that was not correctly implemented in your previous bounty. Normally I would re-open the issue but I assumed you were going to address that pretty soon.

https://github.com/ubiquity/telegram-ubiquibot/pull/17#issuecomment-1712892726

seprintour commented 1 year ago

as that was not correctly implemented in your previous bounty

I think it was gotten wrong from the database feature..

I'm trying to look for a way to list topics when editing group details.. If we can't list topics then it won't really work