| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by __jal 2288 days ago

For starters, that "just" is swallowing:

- Identify the relevant tokens you want to scan for, and create regular expressions to capture them.

- Create a token alert service which accepts webhooks from GitHub that contain the token scanning message payload.

- Implement signature verification in your token alert service.

- Implement token revocation and user notification in your token alert service.

And that would replace one piece of what this does.

1 comments

stevenpetryk 2288 days ago

It always warms my heart to see someone fighting the "why not just..." comments on here. Everyone underestimates how much goes into a project.

link

dang 2288 days ago

Jerry Weinberg used to say that whenever you hear the word "just" on a software project, replace it with "have trouble". Similarly, replace "should" with "isn't". "That should be easy" -> "that isn't easy"; "we should just use git" -> "we'll have trouble using git".

https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

link