Received: from mx1.mailbun.net (mx1.mailbun.net [170.39.20.100]) by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 96FA9781048 for <~alpine/devel@lists.alpinelinux.org>; Thu, 20 Jan 2022 22:33:15 +0000 (UTC) Received: from [2607:fb90:d983:1d8:e070:381b:a0bf:3b01] (unknown [172.58.111.221]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: ariadne@dereferenced.org) by mx1.mailbun.net (Postfix) with ESMTPSA id CB86511AEF1; Thu, 20 Jan 2022 22:33:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dereferenced.org; s=mailbun; t=1642717993; bh=SOukakI65omJs+hHzdXvn3NSCDFyVBIN3UG92Q4eYaA=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=OWkrFuFeIOXGHtjd+t3btS9Jhnn2CM5cKrVpksE+Fjzynds2jb/KSySGna9Tdu1PY VEU68zsXFC9apesIhle8vEjxotbaHw959Sf/BP9c5Oy4Za8pM2jmMFeu5j7mo/kd1p w30jeaUZXA1fuIi9iv2ku0x6kB/VMIGFxNbLlb9y1bX/RqOd32qI+R+zXepZcoM85k SGFFWp4x0IhbkLkD9iR2gcKSoQJrsyt0rLbIrJBiUMCRfkK79lYg/lG2z1fTSS+iy5 uxxZzynld1eXtnI09CJKcZ5gxB/p4ARpRvkly0kn9gCKUocTlHnjscR4tLpdY0pBVi xdt9UGAZGgDkg== Date: Thu, 20 Jan 2022 16:33:08 -0600 (CST) From: Ariadne Conill To: Nico Schottelius cc: Ariadne Conill , Nulo , ~alpine/devel@lists.alpinelinux.org Subject: Re: Experiencing harmful behavior in Alpine In-Reply-To: <871r12oy48.fsf@ungleich.ch> Message-ID: References: <20220120180617.rvboyscx2oz5r3wu@x69> <87ee522q7x.fsf@ungleich.ch> <20220120204412.6ormplwhusy32enq@x69> <5ea29d77-220-e420-c619-3faf72b786d@dereferenced.org> <875yqeozlk.fsf@ungleich.ch> <871r12oy48.fsf@ungleich.ch> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Hi, On Thu, 20 Jan 2022, Nico Schottelius wrote: > > Ariadne Conill writes: >> Gitlab allows opening "private" bugs. > > Is there a day one does not learn something new? > > Thanks a lot for the pointer, much appreciated. Gitlab refers to them as "sensitive issues." In this case, because the complaint was originally posted on alpine-devel list, it is a public issue. I am aware of this feature primarily because the security team makes heavy use of them. Ariadne