Securing the Git push pipeline: Responding to a critical remote code execution10ssamtrack2019 about 5 hours ago 1 commentsRead Article on github.blog
Discussion (1 Comments)Read Original on HackerNews
But what about allowing user inputs in trusted fields,
Or allowing switching environments per request, on inputs from users
Or allowing requests in a user context to access storage from another
Or storing everything in plaintext on a node that everything can access
Or not validating user inputs
Or...
Its not a success story.