Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Anyone at your company and just push to a public git repository at any time. Nothing stopping them except threat of consequences.


So? Employees with access to sensitive data are capable of leaking that data. News at eleven!

And anyone in the world can pull what was pushed to a public git repo before you delete it. You should always assume that has happened.


This is about access to private repos, not public ones:

"Anyone can access deleted and private repository data on GitHub"


You might have noticed that my comment is a reply to another comment.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: