Echo JS 0.11.0

<~>

davej 3360 days ago. link 3 points
Can happen to anyone. Makes me wonder if GitHub could do some work to prevent the most common patterns for credentials being exposed.

I'm not sure what would be the best way to that. Perhaps just reject the push with a descriptive error message but editing your git history to remove offending file/data can be pretty messy.
mxxx 3353 days ago. link 1 point
I have a vague recollection that they already do this? I seem to recall someone telling me if you commit AWS credentials to github it gives you a warning...
xedcsm 3360 days ago. link 1 point
If Github started automatically blocking things like this, then the problem would be how to allow legit dot files and the like (e.g. you are intentionally including dummy dot files as a "quick start" project template of some kind)?
sylvainpv 3363 days ago. link 3 points
authentication keys publically available with a simple search. A common thing on Github, not only related to NPM