Replying to Avatar Evan Prodromou

Fediverse developer, when someone reports a security issue with your software, there is one and only one correct course of action.

Say thank you. Prioritize an immediate fix. Publish a hot patch version for all applicable major versions within hours or days. Publicly acknowledge the report.

Avoid minimisation, whataboutism, personal attacks, and complaining about the work involved.
Avatar
Tassoman 2y ago

If something like this is happening, you're in the wrong community.

Their software should be fastly forked and driven by savvy people.

But you can do this only by having the right free license.

Reply to this note

Please Login to reply.

Discussion

No replies yet.