We are seeing similar results -- most of our apps are down hard; seeing some mixed traffic on select apps

+1 - has anyone had any luck getting in touch with heroku support?

we sent an email to support@heroku.com as suggested in the docs when unable to login: https://www.heroku.com/policy/support/#:~:text=If%20you%20ar... But nobody has come back to us yet

Salesforce Service Cloud is affected by the issue too, so if they are dogfooding their own customer service software there's a good chance their support team are locked out of accessing support cases too :/

https://status.salesforce.com/generalmessages/10001540

nope, can't log in (SSO) to access the support area, sent an email to support@heroku.com

@kurmiashish - If you and team are willing share your version without requiring a Step Security subscription today or in the future, happy to archive our repo and redirect users to Step

Thanks again for your timely detection and reporting!

@rahulr0609 https://github.com/step-security/changed-files will forever remain free, and the community can use it without requiring a StepSecurity subscription.

For folks looking for a drop-in replacement for v45 (latest major version), we have a patched mirror here: https://github.com/trmlabs/changed-files

1] We took the public mirror from: https://code.forgejo.org/tj-actions/changed-files/src/tag/v4...

2] Undid the malicious code change: https://code.forgejo.org/tj-actions/changed-files/commit/0e5... - You can see the change here: https://github.com/trmlabs/changed-files/commit/8567847ee196...

3] Published under a v1 tag (since we can't vet historical releases and changes and didn't want folks to get confused)

If you want to contribute or report an issue, file a GH Issue or ping us at security@trmlabs.com

Surprised by Trino's performance here, and curious what is driving the performance for Starrocks

StarRocks is more engine is more optimised for Apache Iceberg and additionally has a aggressive caching mechanism for metadata and data, recent development in Trino are interesting as well

Great add to the PG ecosystem, and looking forward to kicking the tires.

Been looking for something to augment work done from pg_lakehouse!

Loving the experimentation -- Heroku for real-time data with analytical queries could be awesome

Is your wallet code open source? How can a user verify that the token is safe, and won't be easily hacked.

P.S. I understand that most tokens don't have much monetary value, but just wanted to understand the benefits and legal ramifications of taking on a custodial wallet...

Good stuff!