)]}'
{"templates/graphite.ssl.vhost.erb":[{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"204ff534e74c7b776b855f71f95f08f2a1fcfb02","unresolved":false,"context_lines":[{"line_number":8,"context_line":"\u003c/VirtualHost\u003e"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"\u003cVirtualHost *:443\u003e"},{"line_number":11,"context_line":"        Header always set Strict-Transport-Security \"max-age\u003d31536000; includeSubDomains\""},{"line_number":12,"context_line":"        SSLEngine on"},{"line_number":13,"context_line":"        SSLCertificateFile      \u003c%\u003d scope.lookupvar(\"graphite::ssl_cert_file\") %\u003e"},{"line_number":14,"context_line":"        SSLCertificateKeyFile   \u003c%\u003d scope.lookupvar(\"graphite::ssl_key_file\") %\u003e"}],"source_content_type":"application/x-erb","patch_set":1,"id":"bfb3d3c7_6521d6fb","line":11,"updated":"2019-05-21 00:34:39.000000000","message":"I was treating this more as an example... HSTS for graphite probably isn\u0027t *that* useful, but for other services we\u0027ll never want to serve over plain HTTP it is a bit of extra belt-n-braces insurance against downgrade attacks or accidental site misconfigurations. In those circumstances you want this set to an effectively indefinite recheck period to reduce exploit opportunities.","commit_id":"2658fb41baa3be250a8f78e180c91f9b341c360a"},{"author":{"_account_id":4146,"name":"Clark Boylan","email":"cboylan@sapwetik.org","username":"cboylan"},"change_message_id":"c96b3cd627f3530cc5a8959b3462f671648d2b3b","unresolved":false,"context_lines":[{"line_number":8,"context_line":"\u003c/VirtualHost\u003e"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"\u003cVirtualHost *:443\u003e"},{"line_number":11,"context_line":"        Header always set Strict-Transport-Security \"max-age\u003d31536000; includeSubDomains\""},{"line_number":12,"context_line":"        SSLEngine on"},{"line_number":13,"context_line":"        SSLCertificateFile      \u003c%\u003d scope.lookupvar(\"graphite::ssl_cert_file\") %\u003e"},{"line_number":14,"context_line":"        SSLCertificateKeyFile   \u003c%\u003d scope.lookupvar(\"graphite::ssl_key_file\") %\u003e"}],"source_content_type":"application/x-erb","patch_set":1,"id":"bfb3d3c7_c5cd225e","line":11,"range":{"start_line":11,"start_character":61,"end_line":11,"end_character":69},"updated":"2019-05-21 00:21:18.000000000","message":"Should this value be more conservative since the cert is only ever valid for 90 days?","commit_id":"2658fb41baa3be250a8f78e180c91f9b341c360a"}]}