undefined | Better HN

0 pointsjasonpeacock5y ago0 comments

Those keys absolutely need to be rotated, regardless of whether you delete the commit or repo after accidentally pushing them.

At which point you may as well leave them there...

0 comments

Keys probably aren't the best example. What about PII, accidentally committed "test" data, documents, nudes, whatever..

If repos are public, then you must assume that once something is pushed then someone has copied it.

You may get lucky and remove/hide it fast enough, or think you did...

This is an with Github today, all public repos are being watched by bots reviewing all commits for accidentally-pushed credentials.

The only solution is to not use a public repo.

You’re not answering the question. Is it possible to delete or not?

On GitHub yes someone might be watching, but deletes are still possible.

I agree, but is it possible to delete at all on ARWeave? Let’s say someone accidentally puts their full name and address in a repo.

j / k navigate · click thread line to collapse