[$] Forgejo "carrot disclosure" raises security questions
Date:
Fri, 08 May 2026 16:30:46 +0000
Description:
An unusual, some might say hostile, approach to disclosing an alleged remote-code-execution (RCE) flaw in the Forgejo software-collaboration platform has
sparked a multifaceted conversation. A so-called " carrot disclosure " in April has raised questions about the
researcher's methods of unveiling a security problem, Forgejo's
security policies, and the project's overall security posture.
======================================================================
Link to news story:
https://lwn.net/Articles/1071499/
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)