Echo JS 0.11.0

<~>

davej 3323 days ago. link 3 points
Can happen to anyone. Makes me wonder if GitHub could do some work to prevent the most common patterns for credentials being exposed.

I'm not sure what would be the best way to that. Perhaps just reject the push with a descriptive error message but editing your git history to remove offending file/data can be pretty messy.
mxxx 3316 days ago. link 1 point
I have a vague recollection that they already do this? I seem to recall someone telling me if you commit AWS credentials to github it gives you a warning...
xedcsm 3322 days ago. link 1 point
If Github started automatically blocking things like this, then the problem would be how to allow legit dot files and the like (e.g. you are intentionally including dummy dot files as a "quick start" project template of some kind)?
sylvainpv 3325 days ago. link 3 points
authentication keys publically available with a simple search. A common thing on Github, not only related to NPM