Y
Hacker News
new
|
ask
|
show
|
jobs
by
gitfan86
339 days ago
Just using git isn't the vulnerability. The vulnerability is that you clone a repo that an attacker was able to put this in. 90% of the time this would happen it would be due to an attacker creating a PR on a public repo.
1 comments
kragen
338 days ago
Many public repos aren't on GitHub.
link
gitfan86
338 days ago
Many people use IE 11. Still an edge case.
link