(www.praetorian.com)

297 points cyberbender | 3 comments | 30 Mar 25 19:54 UTC | HN request time: 0.238s | source

1. ryao ◴[30 Mar 25 22:00 UTC] No.43528076[source]▶

I put CodeQL in use in OpenZFS PRs. This is not an issue for OpenZFS. None of our code is secret. :)

2. ◴[30 Mar 25 23:44 UTC] No.43528995[source]▶

3. asmosoinio ◴[31 Mar 25 01:29 UTC] No.43529721[source]▶

I don't think this is a good take: Even if your code is not secret, the attack could add anything to your code or release artifacts.

Luckily it was quickly remedied at least.

Public secrets exposure leads to supply chain attack on GitHub CodeQL