[wp-meta] [Making WordPress.org] #3962: Tracbot: Delete slack posts when the related trac ticket is deleted.
Making WordPress.org
noreply at wordpress.org
Wed Nov 28 22:13:13 UTC 2018
#3962: Tracbot: Delete slack posts when the related trac ticket is deleted.
---------------------------+---------------------
Reporter: peterwilsoncc | Owner: (none)
Type: defect | Status: new
Priority: low | Milestone:
Component: Slack & IRC | Resolution:
Keywords: |
---------------------------+---------------------
Comment (by chriscct7):
I have to ask others quite often to delete Slack messages for tickets that
were submitted as spam or security (instead of it going to hackerone).
Having this automated or some way to do it where I don't have to find
someone to do the Slack side of it would be really helpful, particularly
when people report security things.
> The push notifications to Slack actually occur through an Trac Email
which gets processed by a PHP script which then sends the data out.
That's insane but cool at the same time. It makes sense I guess.
Some thoughts on the options presented:
With option 2, we'd need to be careful that someone can't just start
hitting that endpoint directly or crafting inline HTML to trigger that
process.
With option 1, I'm not sure that assumption can be assumed. For example,
with ticket 45419 (whose number did not get reused), I only noticed it
after maybe 30 - 60 minutes of it being submitted, then posted in security
to see if anyone else concurred with my thought that it should be pulled,
and IanDunn deleted it about 20 minutes later, once a mini-consensus was
established. Particularly for busy trac days (in terms of gardening),
periods of the day (especially weekends) where most people are not
monitoring slack, and times when a lot of things are going on in Slack,
tickets might not be noticed right away.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/3962#comment:3>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list