Title basically
GitHub pushed API keys to GitHub themself once, so you’re not alone xD
Wasn’t this the reason they built the system to protect you from this by defining secrets not to be pushed?
Is this like when Facebook suggested you upload all your nudes so they can tell you if your sensitive photos are ever leaked.
Non prod creds, right? Right…
Narrator: It was the prod creds.
The worst case of this I heard was a crypto developer that lost 300k$ of clients money when he accidentally pushed some crypto keys to GitHub public repository. Last I heard he was getting sued.
Image not visible, link missing when opening thread.
I know it’s not you, it’s me. But yeah. No idea what the image is, can’t copy paste from home thread.
Bart Simpson writing “I will not push API keys to github” on the blackboard over and over
API*
Yep, edited my comment already it is midnight in my defense
But…It still says APT
Thank you kind person. Funnily enough the image is now visible.
Ooof!
Reminds me of the time I forgot to lock the Ansible vault before pushing my new playbook to production. Thankfully my boss caught it and was able to scrub the commit, but I still got a very, very stern talking-to.
Did this for the first time yesterday 😅
And of course I had an instant watcher on my repo yet I never had one before, lol