|
|
|
|
|
|
by vesche
742 days ago
|
|
|
You’d be surprised. Repo mirroring systems, continual cloud backups, sysadmins/engineers cloning every repo of an org, 3rd party tools regularly inspecting repos, etc. The best option is for the organization themselves to monitor their gh/ghes logs, exclude this sort of activity, and then detect it themselves. There’s no way gh can monitor all orgs for mass repo clones without a mess of false positives. |
|
|