Why so many open pull requests?
It seems that the Pull Request page has some important fixes, including an XSS vulnerability fix, that have been ignored. Why is that? Was the vulnerability fixed elsewhere? (If so, someone should close the request.) I thought anyone would be able to contribute to AskBot, and it seems that fixes like that ought to be merged in quickly. This is an actual concern I have over adopting AskBot.
Your work has been excellent so far, I just think some more transparency would make it a killer project.
Comments