Jump to content

WARNING to GitHub users


Sitwon

Recommended Posts

Don't be like these idiots.

https://github.com/search?q=path%3A.ssh%2Fid_rsa&type=Code&ref=searchresults

and
If you don't understand why the first one is wrong, watch this video:
If you don't understand why the second one is wrong:
Link to comment
Share on other sites

  • 2 weeks later...

Whenever I push something back up to Github there's always that awkward feeling that I may have just posted something I wasn't supposed to. The tool is automated and complicated, which in my opinion is the perfect combination for things to go wrong.

Link to comment
Share on other sites

Whenever I push something back up to Github there's always that awkward feeling that I may have just posted something I wasn't supposed to. The tool is automated and complicated, which in my opinion is the perfect combination for things to go wrong.

I don't really agree. Git is fully transparent to anyone who takes the time to understand how it works. I'm not even talking about reading the source code, they provide ample tools and documentation for poking around the system. You can easily view the changes made by each commit which will be uploaded before doing a push.

Git does allow you to automate the process as much as you like, as a convenience to the user. However, since the typical user is a sysadmin or developer I have little sympathy for them not understanding how to use Git appropriately, or making this kind of mistake. I tend to hold sysadmins and developers to much higher standard in this context, as it is our obligation to understand these tools and systems in order to perform the functions of our job. A sysadmin or developer who doesn't know how to use Git would be like a carpenter who doesn't know how to use a circular saw.

Link to comment
Share on other sites

I have to admit it does worry me pushing things to github and I tend to be paranoid about checking exactly what is going up. This is the same though for any service where what I am transferring becomes public as soon as it is done and the removal process isn't instant.

Link to comment
Share on other sites

I don't disagree with Sitwon in anything that he said. My point was more about how I feel personally. I find got to be a bit unclear since I don't now it all that well. I try to be very clear about what I am commuting each time and what exactly is getting pushed out.

One of the problems, and it's something similar to Wikipedia, that being that even if the current head doesn't have something sensitive, it doesn't mean it's not in the history somewhere. Not really a criticism of the tool as much as just me personally that I don't 100% trust myself not to stuff it up.

Edit: typo

Edited by Garda
Link to comment
Share on other sites

One of the philosophical differences between Git and other DVCS tools (and a frequent criticism of Git) is that Git's history is mutable. In other words, you can purge a file from the history of an existing repository.

Of course, since it's a DVCS that doesn't remove it from any repositories which were forked or cloned before the history was re-written. And using this ability to re-write history can sometimes cause problems in a large, heavily branched repository. But all power comes with some risk.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...