| ▲ | zero_k 6 hours ago | |||||||
Nobody at GitHub expected this? Their feature develoment&release processes must be garbage/non-existent/not followed. This potential security issue should have been flagged when the new feature was thought up, security should have been part of the process of implementing the feature giving continuous feedback, and it should have been tested for before release of the feature. That's how modern security teams work in large, well-functioning organisations. What is going on over there? No process, no oversight, just YOLO? Super-scary, because it means other stuff that we don't see is likely to be done in a similar manner. | ||||||||
| ▲ | dainiusse 6 hours ago | parent [-] | |||||||
You know how it works. There probably were people who didn't want that, but then there is push from business, deadlines, etc. | ||||||||
| ||||||||