Lemmy maintainer

  • 9 Posts
  • 21 Comments
Joined 5 years ago
cake
Cake day: January 17th, 2020

help-circle








  • Im a former contributor to F-Droid with various merged pull requests. Looking at the indicated pull request I really doubt that it was an intentional attack. First of all its easy to forget for a new developer to escape SQL parameters, and the docs dont even mention a risk of SQL injection attacks. And of the users pushing for the PR to be merged, one is a long-time F-Droid contributor, and the other also looks like a real human with many contributions in other repos, so no sockpuppets in sight.

    It simply looks like standard open source behaviour, for better or for worse. A new user makes a contribution for a highly demanded feature, and users want it to get merged as soon as possible. Maintainers are discussing the big picture of the change and want to avoid breaking changes, without getting into code review yet. The new contributor seems unwilling to make any design changes to his PR, and gets frustrated that it doesnt get merged as is. The potential vulnerability is only noticed half a year after the PR was opened, at which point it was already de facto abandoned. So not an attack, but simply a developer who is new to open source and doesnt understand how the process works.













  • https://boards.4channel.org/g/thread/83691438

    We bring to you today an extremely poggers leak:

    Twitch is an American video live streaming service that focuses on video game live streaming, including broadcasts of esports competitions, operated by Twitch Interactive, a subsidiary of Amazon.com, Inc.

    Their community is also a disgusting toxic cesspool, so to foster more disruption and competition in the online video streaming space, we have completely pwned them, and in part one, are releasing the source code from almost 6,000 internal Git repositories, including:

    Entirety of twitch.tv, with commit history going back to its early beginnings Mobile, desktop and video game console Twitch clients Various proprietary SDKs and internal AWS services used by Twitch Every other property that Twitch owns including IGDB and CurseForge An unreleased Steam competitor from Amazon Game Studios Twitch SOC internal red teaming tools (lol)

    AND: Creator payout reports from 2019 until now. Find out how much your favorite streamer is really making!

    Torrent (128GB): magnet:?xt=urn:btih:N5BLZ6XECNEHHARHJOVQAS4W7TWRXCSI&dn=twitch-leaks-part-one&tr=udp%3A%2F%2Fopen.stealth.si%3A80%2Fannounce Repository listing: https://dpaste.org/MvoM

    Jeff Bezos paid $970 million for this, we’re giving it away FOR FREE.

    #DoBetterTwitch


  • Sorry I didnt notice before that he edited the comment, and unfortunately we dont have any edit history stored in Lemmy. Anyway, when you see a rule violation (eg racism), then you should report it to the admins/mods and have them take care of it. Attacking another user is also a rule violation (rule 2), and is just gonna lead to more trouble.

    Edit: also I suggest that both of you stop arguing, because it is not going anywhere. Just accept that you disagree, and ignore each other. @Helix@feddit.de @TheAnonymouseJoker@lemmy.ml