[e12e]

Sure, if someone checked in a secret to a repo that at some point was public, and got crawled by co-pilot - they should cycle that secret, so it's no longer valid - rather than only mark the repo private and/or nuke the secret from the repo history.

But there's another side to this - if you write code using co-pilot against a popular Api - and co-pilot gives you a valid key - and you access data or a system you aren't supposed to - would you be liable under the various draconian antighacker laws?

If you pick up a key card from the street, and enter someone's home - you'd be trespassing after all..

[phumberdroz]

That is a good question and I think you should be. After all you are still the Person that writes and produces the code just with the help of a tool. Similar to a lockpick. (I hope that makes sense)