[iakh]

In either case, the secret is already out whether the user wants to admit to it or not

[soulofmischief]

But in one case, damage is mitigated because the sys admins didn't assume everyone is infallible and strictly adheres to protocol.

[danharaj]

The correct way to deal with fallibility in this situation is to make it feasible to change secrets when they leak, not pretend they weren't leaked.

[soulofmischief]

That doesn't prevent someone from not following protocol.

[_II__II_]

It's not their job to prevent that.

[soulofmischief]

It is a sys admin's job to mitigate damage from security leaks and to introduce hardened, fault-tolerant security paradigms.

[mkagenius]

You are just hacking the leaves. Once the secret is posted. It is public, it has multiple copy elsewhere on the internet. Even if you delete there is a copy kept somewhere on the internet -- and that's not an assumption. For example, iirc, Github copy is dumped to google every some-x-time.

[wybiral]

Is it mitigated? Once it's leaked you can't force everyone who may have captured it to delete it. So GitHub deleting it doesn't solve the problem.

[soulofmischief]

The definition of mitigation is to make something less severe. Yes, GitHub making this policy as clear as possible and allowing controls to toggle it per-repository or per-account mitigates the problem.