|
|
|
|
|
|
by lucd
746 days ago
|
|
|
Kind of ironic reading this and then finding https://github.com/customer-stories/nytimes, huh? Wonder how GitHub wasn't able to detect a single token downloading the entire organization's worth of repositories, especially if it's over 6 thousand of them. Surely that's not something that's done regularly? Seems like a pretty massive oversight if anyone can just grab a token and get themselves a full copy of the organization. |
|
|
The best option is for the organization themselves to monitor their gh/ghes logs, exclude this sort of activity, and then detect it themselves. There’s no way gh can monitor all orgs for mass repo clones without a mess of false positives.