top | item 44959112 (no title) morgante | 6 months ago The exploit is there either way. discuss order hn newest KingOfCoders|6 months ago The exploit depends on changing the config to execute a .rb file. And the config was supplied by a PR. flexagoon|6 months ago Yes, but the exploit grants you access to ALL repos, not just the one the PR is in. You could just as well change the config in your own private repo and run coderabbit in it.
KingOfCoders|6 months ago The exploit depends on changing the config to execute a .rb file. And the config was supplied by a PR. flexagoon|6 months ago Yes, but the exploit grants you access to ALL repos, not just the one the PR is in. You could just as well change the config in your own private repo and run coderabbit in it.
flexagoon|6 months ago Yes, but the exploit grants you access to ALL repos, not just the one the PR is in. You could just as well change the config in your own private repo and run coderabbit in it.
KingOfCoders|6 months ago
flexagoon|6 months ago