|
|
|
|
|
|
by peterwaller
4079 days ago
|
|
|
If you ever click "merge pull request", github makes the merge commit for you. That means they get to decide the SHA and the full contents of the commit. I'll leave the potential consequences as an exercise to the reader. I guess the only protection against this would be to either never press the merge button in github, or repeat the merge locally and check there is no diff against the remote merge. |
|
|