Vitor Pamplona on Nostr: I am starting to wonder if I can't get a PR into a codebase with lots of invisible ...
I am starting to wonder if I can't get a PR into a codebase with lots of invisible unicode characters that together create a backdoor. A simple typo-fixing PR could become a Trojan horse for a bunch of code the owner of the repo won't see. 🤔
Published at
2025-04-17 18:25:49Event JSON
{
"id": "6a97d9563e5f9085593cbab473548f7e00e9eb31d67af3a3a02458b61ccbdc52",
"pubkey": "460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c",
"created_at": 1744914349,
"kind": 1,
"tags": [
[
"client",
"Ditto",
"31990:15b68d319a088a9b0c6853d2232aff0d69c8c58f0dccceabfb9a82bd4fd19c58:ditto",
"wss://ditto.pub/relay"
]
],
"content": "I am starting to wonder if I can't get a PR into a codebase with lots of invisible unicode characters that together create a backdoor. A simple typo-fixing PR could become a Trojan horse for a bunch of code the owner of the repo won't see. 🤔 ",
"sig": "9a60bac72cf2effbd90237238f613f6e66ca89694bd6271a4f1854846171e5cec8ac9fa08b142fb1651a066b0d557de83e1f0b453540e72808d03484e45b3723"
}
