203 private links
Forks are copy of the original repository. As such, leaked credentials remains in the forks.
A deleted repository still has the commit from the original repository and it can access it. Demo on youtube
Example:
They immediately deleted the repository, but since it had been forked, I could still access the commit containing the sensitive data via a fork
Also related to private repositories:
We demonstrate how organizations open-source new tools while maintaining private internal forks, and then show how someone could access commit data from the private internal version via the public one.
How to access the data? By direct access to the commit.
If you know the commit hash you can directly access data that is not intended for you.
AND
Commit hashes can be brute forced through GitHub’s UI, particularly because the git protocol permits the use of short SHA-1 values when referencing a commit.
because there are 65.536 minimal values, and 16.777.216 is a more realistic approach (6 characters per commit).
Also, "deleting a repository or fork does not mean your commit data is actually deleted."
The flaw also exists in other version control system products.
How to set significant labels on a Kanban?
Cross-posting on multiple platform.
The project is hosted on Github: https://github.com/rknightuk/echo
An argument for GitHub against self-hosted source code forgery.
The main reason is I’m kind of tired of the amount of spam bots that keep signing up to my Gitea.
Creating blog articles from github issues. Not bad as an idea, but it creates a dependency between Github and your personal blog that I dislike.
The blog: https://github.com/Kerollmops/blog
A collection of awesome projects. It is great to find good quality projects in it.
A list of the most-starred projects on Github
Lint Github workflow files
Github Worflow trigger cheatsheet
A map of github projects :)
Argument against Github that are mostly arguments against monopolies.
In order to measure this, the developers had to set up a JS server. Which is a routine... and that's cool Copilot helps with that. What would be a game changing is when specialized dev task can be done by Copilot.
A tool to make better README and the easy way.
It is especially useful for GitHub.
Nobody is entitled to support from volunteer FOSS projects, but they absolutely do deserve not to have the issues they took time to file actively thrown away. If you haven't fixed the bug, it stays open.
And nobody wants to find this issue closed if they found the same problem...
Reminder that this is not about closing bugs/PRs/requests in a NEEDINFO state where the user isn't being responsive. This is about indiscriminately closing "stale" bugs on a timer with no regard to whether they're still valid
Why give up GitHub?
- Copilot is a for-profit product that violated licenses
- GitHub has a for-profit software services contract with the USA Immigration and Customs Enforcement (ICE)
- While GitHub pretends to be pro-FOSS (like SourceForge before them), their entire hosting site is, itself, proprietary and/or trade-secret software. GitHub differs from most of its peers in the FOSS project hosting industry, as GitHub does not even offer any self-hosting FOSS option. Their entire codebase is secret.
- GitHub has long sought to discredit copyleft generally. Their various CEOs have often spoken loudly and negatively about copyleft
- GitHub is wholly owned by Microsoft, a company whose executives have historically repeatedly attacked copyleft licensing.
How do I give up?
Hard because vendor lock-in.
Alternatives?
CodeBerg, SourceHut, Gitea, Gitlab.
Use a README template to make others aware
- Repo release: https://github.com/:owner/:repo/releases.atom
- Repo commits: https://github.com/:owner/:repo/commits.atom
- Repo tag: https://github.com/:user/:repo/tags.atom
- User activity: https://github.com/:user.atom
The same as #gitlab does. It is pratical to have both platforms that are aligning with each other; picking the best of the other one.
Navigate into github as a filesystem !
Could we make it crossplatform ? I.e. integration of Gitea and Gitlab for example
A new way to search through the repositories in beta.
Github will provide a new interface for it: https://cs.github.com/
We can use regex, syntax specific (keywords, ...) of the 10 most used languages.