Investigate using githooks to avoid situations where we could expose credentials to github #22
Comments
|
What's the problem with just using push protection? |
|
@northeastprince seems like the right tool for the job tbh, and superior to just reliance on .gitignore, and would catch things hard-coded inline as well if I understand correctly. @JosiasAurel be aware |
|
super! I will investigate how to set this up. |
|
@JosiasAurel unassigned as this hasn't been moved forward in a while, and I don't think you're currently focusing on it - feel free to self-assign in the future again. |
|
Do we enable Push protection organisation-wide or for specific repositories? GitHub has a default ruleset that includes Push protection for all repositories across the organisation (see https://github.com/organizations/hackclub/settings/security_products/configurations/view) |
It may be possible to use githooks to make it very hard to ever issue a commit on a repo that contains things that look like credentials. Please investigate the feasibility of this and, if possible, how we could provide broad protection re: this across all Hack Club repos.
The text was updated successfully, but these errors were encountered: