[francislavoie]

It's the fact they bring it up again when we've made it clear our stance is the problem, not so much the actual words in today's post. It's also off-topic (not relating to project maintainership) and it's on a post I submitted myself to HN.

I know you've already made up your mind, but look at our track record of answering support questions on the forums and tickets on GitHub, and you'll see that the picture you've formed in your mind from this thread is not accurate.

Those comparisons are very straw-man and I won't entertain them. As I've already said, IMO there's more risk in introducing a new security bug in trying to fix this issue than there is leaving it as-is (failing fast and hard).

[JimDabell]

> It's the fact they bring it up again when we've made it clear our stance is the problem

You are still locked into this idea that the sole purpose of bringing it up is for your response. This is an open conversation, not a dialogue between only you and them. It doesn’t matter if you have made your stance clear, them bringing it up gives other people a chance to hear about it and discuss it.

> I know you've already made up your mind, but look at our track record of answering support questions on the forums and tickets on GitHub, and you'll see that the picture you've formed in your mind from this thread is not accurate.

To be clear: my mind was made up that Caddy was a good, reliable choice, and it was your behaviour in this thread that changed my mind, it wasn’t my imagination.

> IMO there's more risk in introducing a new security bug in trying to fix this issue than there is leaving it as-is (failing fast and hard).

I believe that, but I also believe your attitude is a bigger threat to security than either.

[francislavoie]

And you're still locked into this idea that you'll convince me that I shouldn't care, when I've expressed how it makes me feel due to the history. Can you respect that there are topics I'd just like not to be reminded of in a certain way? If it was brought up in a _constructive_ way, I would accept it (i.e. offering help or a solution via a PR with tests). If it was brought up by someone who I didn't specifically interact with negatively on this topic before, I would accept it.

> I believe that, but I also believe your attitude is a bigger threat to security than either.

I can't change your belief, nor do I care to, but I think that's absurd. Show me an actual security threat relating to this and I will address it. But this problem as stated is not one.

[JimDabell]

> I can't change your belief, nor do I care to

You keep saying that, but you did change my belief! My opinion is not immutable, I listen to what people say, and that is the reason we have ended up here. Because I listened to you and you convinced me to change my mind about Caddy.

> Show me an actual security threat relating to this and I will address it. But this problem as stated is not one.

“This problem” that I’m concerned with is your attitude not the FQDN bug, and I already gave the Signal example. When you start perceiving people reporting bugs as attacks and grudges, it makes it dangerously easy to dismiss real problems.

If that person found another problem with Caddy, I think they are less likely to report it to you because of this. If they did report it, I would think you are very likely to dismiss it because of who they are, not the contents of the bug report. This is a serious problem for my trust in Caddy.

[francislavoie]

I thought I was clear enough about this already, but clearly not: I encourage anyone who believes there's a bug with Caddy to report it to us on GitHub, where bug reports belong, where we can have focused discussion about it and see it to its natural conclusion. I do not discriminate bug reports based on who makes it.

An HN thread is not the place to report a bug. Nor do I think it's fair to form opinions about project maintenance (which doesn't happen on HN) based on comments in HN.

[e40]

I say this with some trepidation. I certainly don't want to inflame this.

First, never used Caddy. I have no dog in this fight. I do manage a (closed source) project (which is decades old).

After reading this entire thread and all replies in all branches (I didn't vote on any of the comments), I think it would have been better for you not to reply at all. It would have done less damage to you (the negative emotions it brought out, the perception of others) and no one would remember that top-level comment. It would have been at the bottom of the page, an insignificant utterance. You elevated it, by protesting too much (I won't quote that famous line, but you get the idea).

And I must say you reminded me of my younger self, in the way you wouldn't let go of the issue and wouldn't let others have the last word. I've learned that this behavior is definitely self destructive and unproductive. The trigger was something that lived in me. It was never, I learned, about them. We choose how we respond. I've found one thing to work for me:

When an online discussion makes me emotional, I write a response in a text editor (not in the place where the comment is) and I let it sit for a few hours. Then, I do something completely different. I almost never post that comment, when I return to it, but I sometimes post something much softer. Mostly, I remove all emotion from the comment. Emotions are triggers for others, after all.

Why did I write so many words on this seemingly trivial online dispute? I hope I can help in some way, because I saw myself in your comments. Take them for what they are, me trying to help.

[m_sahaf]

> If that person found another problem with Caddy, I think they are less likely to report it to you because of this.

Given they're aware of previous discussion and the stance on the feature request, I don't think they're deterred by the discussion here. Your addition of fuel to fire here is the very thing that's not helping.

> If they did report it, I would think you are very likely to dismiss it because of who they are, not the contents of the bug report.

That's a huge assumption on your behalf.