Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blog post about the mitigated misconfig bug #13386

Closed
wants to merge 1 commit into from
Closed

Blog post about the mitigated misconfig bug #13386

wants to merge 1 commit into from

Conversation

hx235
Copy link
Contributor

@hx235 hx235 commented Feb 7, 2025
edited
Loading

Context/Summary: as title

Test:
Run the webpage locally according to https://github.com/facebook/rocksdb/tree/main/docs and check everything is fine

@hx235 hx235 requested a review from jaykorean February 7, 2025 23:13
@facebook-github-bot
Copy link
Contributor

@hx235 has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

jaykorean
jaykorean approved these changes Feb 10, 2025
View reviewed changes
Copy link
Contributor

@jaykorean jaykorean left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

docs/_posts/2025-02-07-mitigated-bug-update.markdown Outdated
- It was confirmed that the GITHUB_TOKEN expired and is no longer in use.
- The binary tagged for public release was examined to confirm that it was not compromised.
- Action logs were cross-checked to ensure no other actions were taken with the compromised token, other than the release note title change and the failed attempts to merge self-approved pull requests to the main branch.
- We have scoped down the access level of tokens generated for workflows to prevent similar issues. Additionally, we are developing better guidelines for bug bounty researchers to minimize disruptions during their research.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: in case we want to link the PR for this change - #12973

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure

@facebook-github-bot
Copy link
Contributor

@hx235 has updated the pull request. You must reimport the pull request before landing.

@facebook-github-bot
Copy link
Contributor

@hx235 has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

@facebook-github-bot
Copy link
Contributor

@hx235 merged this pull request in 1f36399.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaykorean jaykorean jaykorean approved these changes

Assignees
No one assigned
Labels
CLA Signed Merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hx235 @facebook-github-bot @jaykorean