You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jan 25, 2024. It is now read-only.
secret-shield introduces a layer of protection against accidentally committing secrets to public repos. What if we want to protect against accidentally committing to public repos at all?
Proposal
We should add a pre-push hook to the default secret-shield suites. This hook would:
Check if the repo is public.
Check if this user has never committed to this repo before. (optional: make this configurable!)
If both are true, the hook would prompt with a confirmation message.
> git push -u origin foo
WARNING! This repository is PUBLIC, and you have never committed to this repo before.
Are you sure you want to push refs to 'git@github.com:mapbox/secret-shield'? y/N
secret-shield introduces a layer of protection against accidentally committing secrets to public repos. What if we want to protect against accidentally committing to public repos at all?
Proposal
We should add a pre-push hook to the default secret-shield suites. This hook would:
If both are true, the hook would prompt with a confirmation message.
cc/ @mapbox/security-and-compliance @ectrotter @tmpsantos