[csdvrx]

> proceed to do nothing for 10 days

That would be fraud. No, start grep on the source code and a few things like that, then provide the results: "a detailed audit found no reference to log4js, so another audit was started which found no reference to any java code in the C source; it was repeated 5 times to confirm these promising results. Another audit followed the Boltzman brain hypothesis to check if the affected log4js binary code could not be spontaneously generated during compilation, by following a Monte Carlo simulation to check for various length of binary data that would match the log4j binary code. (...)

Finally, to avoid this extremely remote risk, the code changed to switch to reproducible builts, which can guarantee this will not happen"

[perihelions]

>"No, start grep on the source code"

Or print it out on hard copy, make interns read it line by line, then charge 400% of their labor as your management fee.

What's the purpose of using regexps here? You're optimizing away your own revenue!

[tremon]

There's no need to have actual interns read it, that would be unnecessarily cruel. Service fees don't need to be based on actual billable hours. You can charge 400% of the time it would take interns to read it without actually doing that, as long as your grep one-liner delivers the same value.

[lowercased]

Also charge $1/page for the printing. Then ship it to them, in triplicate, and charge for the overnight shipping (it's an urgent bug after all).

[y4mi]

Add a note that the lines at risk have been marked!

[gitfan86]

First you start with some project planning sprints. Later on you will begin the implementation of the command line module exercises.

[EvRev]

Yes, but does the other company pay for the retrospective? Or is the retro when we start to spend all the money that was billed?