|
Actions:
|
2018-04-06 10:37 AEST by Arthur Barrett - I though I already had a bug for this enhancement, but I can't find it, so here is a new one.
There are lots of cases where we'd like to track changes to things that are not a file on your local PC. So this
is an enhancement request for radd and rcommit for objects that are not on the local PC:
- email
- web page/javascript
- facebook posts
- chats
- database schemas
- database tables (contents/rows)
We could (and maybe should) create plugins for the individual tools, e.g.: a plugin for outlook to 'version this
email' - and subsequent versions could maybe 'follow' the thread.
But this bug is for something different - for tracking changes to objects that our software relies on, but which
we don't physically have possession of.
There was a recent security issue were Delta airlines and Sears had customer credit card data 'stolen' from
their web sites, because a chat 'bot' (javascript) that their web pages referenced had some malware. It's not
yet clear - but that malware may not have even been in their own code - it could have been in a javascript
library from a 3rd party.
see:
https://www.theregister.co.uk/2018/04/05/sears_delta_customer_payment_cards_hacked/
and:
https://www.theregister.co.uk/2018/04/03/magento_brute_force_attack/
So this is not about 3rd party javascript libraries that you host on your own site, like Ember - but 3rd party
javascript that you link to directly on a 3rd party site from your web page. |