RequestHunt is a community-driven platform that collects and curates feature requests from X (Twitter), Reddit, and GitHub. We help product teams discover what features real users are asking for, making it easier to validate product ideas and prioritize feature development based on actual user demand.

How does RequestHunt collect feature requests?

RequestHunt uses AI-powered extraction to automatically collect feature requests from social media platforms including X, Reddit, and GitHub. The platform monitors discussions, issues, and posts to identify genuine user feature requests, extracting key information like the requested feature, product mentioned, and user sentiment.

Who uses RequestHunt?

RequestHunt is used by product managers, founders, developers, and product teams who want to discover what features real users are requesting. It's particularly valuable for startups looking to validate ideas, established companies prioritizing their roadmap, and developers building products that solve real user problems.

Is RequestHunt free to use?

Yes, browsing and searching feature requests on RequestHunt is completely free. We also offer API access for developers who want to integrate feature request data into their own applications. Check our pricing page for API plan details.

How often is RequestHunt data updated?

RequestHunt continuously collects feature requests from Reddit, X (Twitter), and GitHub. You can also trigger on-demand scraping via the API or web interface to get the freshest data for any topic.

[TruffleHog] Default action version input to release version instead of latest

The 'version' input in the `action.yml` for TruffleHog GitHub Action currently defaults to "latest". The user requests that this default be changed to the action's release version, aligning with GitHub's security hardening recommendations.

Original Source

@@martindolezal | 0 pts | 4d ago

## Problem The `version` input in `action.yml` defaults to `"latest"`: https://github.com/trufflesecurity/trufflehog/blob/main/action.yml ```yaml inputs: version: default: "latest" description: Scan with this trufflehog cli version. required: false ``` This means that when users pin the action to a specific commit SHA (as recommended by [GitHub's security hardening guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)), the Docker image pulled at runtime is still ghcr.io/trufflesecurity/trufflehog:latest — a mutable tag that can change at any time. For example, pinning to the v3.93.8 release SHA: `uses: trufflesecurity/trufflehog@6c05c4a00b91aa542267d8e32a8254774799d68d# v3.93.8` still results in the latest image being pulled, not v3.93.8. This is observable in the workflow logs. The action code is pinned, but the actual scanner binary running inside the container is not. This creates a two-layer su

Discussion

Loading comments...