| ▲ | sophacles 6 days ago | |
Both articles were published today. It seems to me that the researchers and coderabbit agreed to publish on the same day. This is a common practice when the company decides to disclose at all (disclosure is not required unless customer data was leaked and there's evidence of that, they are choosing to disclose unnecessarily here). When the security researchers praise the response, it's a good sign tbh. | ||
| ▲ | cube00 5 days ago | parent [-] | |
They weren't published together. The early version of the researcher's article didn't have the whole first section where they "appreciate CodeRabbit’s swift action after we reported this security vulnerability" and the subsequent CodeRabbit talking points. Refer to the blue paragraphs on the right hand site at https://web.archive.org/web/diff/20250819165333/202508192240... | ||