Skip to main content

Cantina Code Communication Features

Effective communication is essential to successful security research, and Cantina Code offers a suite of features to help you collaborate with clients, teammates, and other researchers. Whether you’re participating in a competition, bug bounty, or a regular security review, our communication tools ensure that your messages, feedback, and updates reach the right people at the right time.

1. Comments & Pings

Comments

Cantina Code enables you to leave comments on specific lines of code during a security review. This feature helps you collaborate seamlessly, sharing your observations and thoughts with your team or clients. How to Use Comments:
  • When in Code Review mode, hover over a line of code to reveal a blue box at the right side of the line number.
  • Clicking on this box will give you the option to either submit a comment or initiate a Findings Submission.
  • Comments can be set to visible for everyone in the repository, your teammates, or only you, depending on the repository settings.
Visibility rules are determined by the repository administrator, so be sure to check with them if you’re unsure about the settings.
Enhanced Commenting: To make the most of your comments, you can:
  • Ping users by tagging them, ensuring they receive a notification and can quickly navigate to your comment.
  • Copy the permalink for the comment and share it with others.
  • Comments also support LaTeX formulas and Mermaid.js diagrams, allowing you to include technical formulas and diagrams directly in your comments.

Pings

Pings allow you to notify other users about important comments or updates. How to Ping:
  • To notify clients, use the @project tag to send an email notification and a dashboard alert.
  • The user receiving the ping will be notified promptly, making it easier to ensure that the right people are paying attention to your findings and observations.
Like comments, pings are influenced by the type of security review and repository settings, so be mindful of these when using them.

2. Custom Labels in Private Reviews

Cantina Code gives you more control over your findings with the ability to create custom labels for your work in private reviews. Custom Labels:
  • You can now organize your findings according to your preferred classification system, giving you the flexibility to categorize and track them as you see fit.
  • This feature streamlines the review process, making it easier to manage and prioritize your research.

3. Hidden Comments for Judging and Escalations

Cantina Code now supports hidden comments that can be made visible exclusively to judges and sponsors during escalations and evaluations. Benefits of Hidden Comments:
  • This feature helps you provide additional context, reasoning, and rationale for escalated findings without exposing your arguments to unnecessary public debate.
  • It ensures smoother judging and escalation processes by keeping discussions focused and private, allowing for quicker decisions and reducing the chances of unproductive debates.