2/ The culprit? A discrepancy in the hash of constants.js. Our Rails asset pipeline appends a hash to filenames based on content, and somehow, the content was different across some server instances.
7/ This incident reminded us that no dependency is trivial. Stay vigilant and prepare for the unexpected—because sometimes, a time zone can take down your platform. 💻🚨
1/ On March 1, 2024, users started reporting intermittent issues. Some pages failed to load, and we traced the problem to a critical JavaScript file, constants.js. But why was it missing? 🤔
🚨 A time zone change broke our platform! Here's how Kazakhstan's decision to unify its time zones led to an unexpected cascade of issues. A thread from some interesting debugging performed earlier this year🧵👇
Today, @Hacker0x01 is announcing Automations, a powerful feature that enables customers to automate the majority of their (often currently manual) processes. It is offered in two flavors: no-code for basic use cases and a full blown code sandbox for more advanced use cases. All hosted in HackerOne’s secure infrastructure.
Automations also integrates with Hai, HackerOne’s copilot assistant, to unlock AI agent-like behavior in the platform. For example, it is now possible to automatically evaluate reports on submission to assign it to the right owner, determine the criticality based on the risk profile of your company’s data, or even automatically add remediation advice with code examples tailored to your company — all directly in a HackerOne report.
Automations is a powerful tool and we can’t wait to see what you’ll build with it to further automate vulnerability intake and reduce time to triage and time to remediation.
Start using it today: https://t.co/94UvYLEtOM
Working on some query optimization with my colleague:
"It's about 1 million total requests per day so let's roughly 3x that. Our servers can take that 30 minutes and go hit the gym for a good workout. So much free time"
Be nice to your servers 🥰