Untitled attachment

Notices where this attachment appears

1. Embed this notice
   rmehner (rmehner@chaos.social)'s status on Friday, 16-Feb-2024 17:12:20 JST rmehner

   Decided to give Copilot a try and asked it to fix a problem with my code.

   It deleted my code.

   Well fucking played, Copilot.

2. Embed this notice
   Kirino Kousaka (kirino@seal.cafe)'s status on Sunday, 03-Sep-2023 22:17:23 JST Kirino Kousaka

   Be sure to update Pleroma, it fixes a pretty major potential exploit.

   To give context:

   I found a huuuuuge exploit in Pleroma which (in my opinion) had the capacity to surpass the recent one in terms of damage to the userbase.

   The reason for this simply being it did not require token hijacking and was able to be exploited by any user on any instance with around 30-40 lines of code.

   It would have been super scary (scarier than spooky Kirino!!) But I sent it to the right people and an update has gone through that fixes it

   You can all thank and give me praise later ^^

   Also big ups to @cassidyclown for helping me run some tests when I first discovered the exploit and @mint for actually digging through the dumpster fire of a backend and submitting a merge request.

3. Embed this notice
   danjac (danjac@masto.ai)'s status on Friday, 01-Sep-2023 15:26:48 JST danjac

   Fixing an issue with a React component whose job it is to handle the cookie consent banner. It's 3rd party so I'm looking at the implementation source code.

   It's like dozens - I'm not joking - dozens of modules in package after package, including storybooks and test suites and whatnot.

   I implemented a cookie consent banner in my side project in about 10 lines of Python code using HTMX, not including the HTML snippet.

   This industry has become a joke.

   #webdev