carrylexJul 12, 2024

Seriously how many times does this have to happen

https://lemmy.world/post/17495476

Seriously how many times does this have to happen - Lemmy.World

> One does not > commit or compile credentials Template [https://i.kym-cdn.com/photos/images/original/000/297/820/3c5.jpg] Context: This meme was brought to you by the PyPI Director of Infrastructure who accidentally hardcoded credentials [https://blog.pypi.org/posts/2024-07-08-incident-report-leaked-admin-personal-access-token/] - which could have resulted in compromissing the entire core Python ecosystem.

Show threadLeonard Menzel Jul 12, 2024
@carrylex git should be password manager aware and refuse to commit if changes include a password
Show threaddohpaz42Jul 12, 2024
They do. But, as they say,ake it idiot-proof, and someone will make a better idiot.
Behind the scenes of GitHub Token Scanning

We've extended GitHub Token Scanning to include tokens from cloud service providers and additional credentials.

The GitHub Blog
Show threadDoc Avid Mornington
Github != Git
Jul 12, 2024 at 10:18pmWeb
Show threaddohpaz42Jul 13, 2024
You’re right. I do that sometimes.