Yeah I'm not saying this is not a net positive. I just don't understand why the recommendation reads like all is good as long as one amends the commit and nothing just happened.
That makes sense. I think it's just an extra step of protection, kind of like an alert that someone may have seen your ATM pin, so it's probably best to rotate it. But, your pin wasn't posted on the Internet.