Because of people like you thinking they fucked up and spreading FUD?
If you knew anything about software development and the internet you would understand that there was no issue here. It’s all client side code. It’s not hiding any secrets, it’s not stuff that is any use to anyone.
Not about client-side vs server-side. It’s unminified source code containing comments, links to internal tickets and private repositories. That’s the exact reason it’s meant to be stripped at build time, not because of FUD but because it’s a legitimate risk.
You know you can un-minify code, don’t you? Minifying it doesn’t encrypt it. The links to internal tickets and private repositories would still be there even if they minify it.
Links to internal tickets and repos aren’t a security issue btw.
Minifying is a one way process and once it’s done, you lose the names of all variables and functions. And no, they wouldn’t be present because comments are stripped.
Because of people like you thinking they fucked up and spreading FUD?
If you knew anything about software development and the internet you would understand that there was no issue here. It’s all client side code. It’s not hiding any secrets, it’s not stuff that is any use to anyone.
Not about client-side vs server-side. It’s unminified source code containing comments, links to internal tickets and private repositories. That’s the exact reason it’s meant to be stripped at build time, not because of FUD but because it’s a legitimate risk.
You know you can un-minify code, don’t you? Minifying it doesn’t encrypt it. The links to internal tickets and private repositories would still be there even if they minify it.
Links to internal tickets and repos aren’t a security issue btw.
Minifying is a one way process and once it’s done, you lose the names of all variables and functions. And no, they wouldn’t be present because comments are stripped.
No, this is food for exploit-searching AI. Private comments and tickets, etc is what they use to leverage targeted attacks.