[preinheimer]

There’s an old cryptography story.

A cryptographer friend tells the story of an amateur who kept bothering him with the cipher he invented. The cryptographer would break the cipher, the amateur would make a change to “fix” it, and the cryptographer would break it again. This exchange went on a few times until the cryptographer became fed up. When the amateur visited him to hear what the cryptographer thought, the cryptographer put three envelopes face down on the table. “In each of these envelopes is an attack against your cipher. Take one and read it. Don’t come back until you’ve discovered the other two attacks.” The amateur was never heard from again.

https://www.schneier.com/crypto-gram/archives/1998/1015.html

[neilv]

And if you are a dishonest cryptographer, you only need to find one attack to pull this off.

[reverius42]

And who in the OP's post is the cryptographer, and who's the amateur, in this allegory?

[preinheimer]

I think the OP is presenting themselves as the cryptographer, and the authors behind Forgejo as the amateur. At this point they've only filled one envelope but believe there is many more to find, and are hoping that in the process of tracking down this one they'll find more.