Someone using git without github isn't an edge case, it's the default | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		randomjoe2 5 months ago \| parent \| context \| favorite \| on: Breaking Git with a carriage return and cloning RC... Someone using git without github isn't an edge case, it's the default

gitfan86 5 months ago [–]

Just using git isn't the vulnerability. The vulnerability is that you clone a repo that an attacker was able to put this in. 90% of the time this would happen it would be due to an attacker creating a PR on a public repo.

kragen 5 months ago | [–]

Many public repos aren't on GitHub.

gitfan86 5 months ago | | [–]

Many people use IE 11. Still an edge case.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact