|
|
|
|
|
|
by cmsparks
817 days ago
|
|
|
Oof not a fun incident, this is my nightmare as someone who works on this type of stuff. As an aside, GitHub’s security model for apps/integrations is extremely puzzling to reason about and enables a lot of foot guns. Add the fact that it’s very obtuse to audit integrations (especially within an organization) makes them pretty scary to use sometimes. |
|
|