Echo JS 0.11.0

NPM lol

at github.com

23 up and 3 down, posted by nfroidure 3119 days ago 5 comments

davej 3116 days ago. link 3 points ▲ ▼

Can happen to anyone. Makes me wonder if GitHub could do some work to prevent the most common patterns for credentials being exposed.

I'm not sure what would be the best way to that. Perhaps just reject the push with a descriptive error message but editing your git history to remove offending file/data can be pretty messy.

Replies

mxxx 3109 days ago. link 1 point ▲ ▼

I have a vague recollection that they already do this? I seem to recall someone telling me if you commit AWS credentials to github it gives you a warning...

xedcsm 3116 days ago. link 1 point ▲ ▼

If Github started automatically blocking things like this, then the problem would be how to allow legit dot files and the like (e.g. you are intentionally including dummy dot files as a "quick start" project template of some kind)?