|
|
|
|
|
|
by 1attice
840 days ago
|
|
|
Agreed. Also, I just found this. This current, ongoing attack against GitHub is nicely mitigated by signed commits. If everyone signed commits, before cloning a repo, you could check to see if (a) the author of the fork added anything of value and (b) if the author of the fork has added anything else of value to GitHub, and (c) who signed the majority of the commits to the project. https://arstechnica.com/security/2024/02/github-besieged-by-... |
|
|