reply on: What would you do, if you were in the team behind SN? \ stacker news

pull down to refresh

0 sats \ 15 replies \ @WeAreAllSatoshi 30 Apr 2025 \ parent \ on: What would you do, if you were in the team behind SN? meta

Bookmarks exist, does that count?
They have a github where you can report issues. And, when they are fixed, you’ll be paid as the issue reporter. Are you looking for something different?

0 sats \ 14 replies \ @noknees 30 Apr 2025

Bookmarks are ok but where’s SN special there. I made a tampermonkey script for myself that does do that though and I am willing to share it with others.
I didn’t know that, this should be made public, but this isn’t just about issues, I would like to report site vulnerabilities too.

0 sats \ 13 replies \ @WeAreAllSatoshi 30 Apr 2025

It's on the footer of every page. You can report vulnerability securely there, too: https://github.com/stackernews/stacker.news/security

100 sats \ 12 replies \ @noknees 30 Apr 2025

Thanks! I found some ettercap, HTTP mistakes and XSS vulnerabilities. I’ll report them right away! :)

0 sats \ 11 replies \ @WeAreAllSatoshi 30 Apr 2025

cc @ek fyi

100 sats \ 10 replies \ @ek 30 Apr 2025

Thank you.

All information regarding how to do a responsible disclosure should be in our README here, in the FAQ or here. I thought these are pretty common locations.

@holonite, where did you look? Where should we put it such that people can find it?

0 sats \ 9 replies \ @noknees 1 May 2025

I was initially planning to DM you with these but now I'll upload it via GitHub.
I think there should be another page link in the SN header as a pinned post for 7 days in suppose glowing neon saying "Beginners here!" for accounts that are not atleast 1 week old. I will include other ideas in the GitHub issue.

100 sats \ 8 replies \ @ek 1 May 2025

Is this your critical report? If so, that wasn't a responsible disclosure as described in the three links I sent you.