[tithe]

Regarding the post on X, it looks like you've also posted the last 4 digits of the customer's card number and card type.

https://x.com/craciun_07/status/1820204407780164044

And is there any risk with exposing the Stripe payment intent ID like that?

Is the screenshot even necessary? The message body says everything just fine.

[dcraciun]

I perhaps shouldn't of exposed the card type and 4 numbers, that was me not being careful, however I don't believe it's a major risk since you can't really do mich with this, especially since the identity of the customer is hidden.

As for exposing the payment intent, there are no problems with this unless someone manages to get my stripe API keys and can then query by payment intent id.