

The core of the problem trickles down to weak CI/CD configurations that grant pull requests (PRs) more permissions than they should have.
How exactly do their competitors like codeberg do better in preventing that?


The core of the problem trickles down to weak CI/CD configurations that grant pull requests (PRs) more permissions than they should have.
How exactly do their competitors like codeberg do better in preventing that?


Yeah, if you avoid money sinks up front, you also don’t get sucked into money sinks later on.
I have a 200" projector screen and anything below 4K Blu-ray is very noticable. 😅


Oooh. Can you give some more details about how you did that? I have a Japanese friend coming to visit for about 2 months and she might want to watch TV during the day.
Does it have to be an SBC? I’ve had great success with a second hand Lenovo Thinkpad


Yes, but the question is why the hell do you have access to a production database in the first place?!
And if so, how is it on the same machine you can run Claude code on?!
By default pull requests my new contributors require approval from someone with write-access to the repo before running actions.
These repos have specifically decided to change a setting to make them not require approval for anyone. The UI to change that setting explicitly warns you about exactly this attack, so this “article” feels like a non-item trying to farm engagement.