There is no other reason to do it like this in a Lemmy post other than you want to publicly discredit the devs somehow. This is quite obviously a mistake and not a way to harvest admin passwords. Just fixing it and not trying to stir up shit would have been the right thing to do.
I think it should be more public knowledge than just people who peruse the github issues. Also, it’s so trivial to fix that it will save them some time if they don’t have to close the issue after they spend literally 10-15 seconds fixing it.
Azzu@lemmy.dbzer0.com 1 day ago
eugenevdebs@lemmy.dbzer0.com 1 day ago
“Why would I get the notice through the proper means where they can fix it, when I can make a public post that doesn’t actually solve the issue at hand?”
The same thing as people who think reddit threads are bug reports.
PhilipTheBucket@ponder.cat 21 hours ago
I frequently make bug reports and contributions to all kinds of software. If this wasn’t something that impacted people’s security and trust evaluation, that’s exactly what I would have done.
Put it this way: If Android, or Outlook or whatever, was sending your admin password home to Google or Microsoft, and then people showed up to say it was probably an innocent mistake and why are you even making a big deal about it, just report it and let them fix it instead of creating drama, that would be absurd. That’s how I feel about the people here telling me the same thing.
limer@lemmy.dbzer0.com 2 days ago
I think you should also make a GitHub issue too
PhilipTheBucket@ponder.cat 2 days ago
It would literally take me longer to make the github issue than it would take them to fix it, by quite a big margin. You can make one for it, if you still feel super-strongly about it though.
limer@lemmy.dbzer0.com 2 days ago
I am a lazy unreliable person. But I find value in what you found and want it fixed.
If you don’t do it, it probably will not get fixed so fast
PhilipTheBucket@ponder.cat 2 days ago
I cannot imagine any responsible dev who would read this notification and say anything other than “Oh shit, yeah, that’s really bad,” and fix it on the spot before they continue with whatever they had visited Lemmy to do. Like I say, it’s relevant that it takes literally seconds to grasp the issue and fix it.
I don’t fully disagree with you, I get it, github issues is where issues with the software belong. But, also, I am sort of curious about what their reaction will be. Finding out that kind of thing is interesting to me.
If they are actively uninterested in fixing it, however they got made aware of it, then that’s really interesting.
dastanktal@lemmy.ml 2 days ago
It literally takes a minute to make a GitHub issue and you could have linked it here for your conversation. Probably would have helped the admins of ml change things. Especially considering that things like this get overlooked all the time in open source projects.
n3m37h@sh.itjust.works 2 days ago
And look at how much time you wasted defending your position to not post a github issue. Fucking unbelievable that you will publicly complain but NOT bring the issue up with the devs
Fuck people like you
ragingHungryPanda@lemmy.zip 2 days ago
I could have that PR up in like 5 minutes. And poop while I was doing it.
PhilipTheBucket@ponder.cat 2 days ago
tal@lemmy.today 2 days ago
looks skeptical
Bamboo is pretty fibrous.
gidostro@lemmy.cafe 2 days ago
So do it