I scanned all of GitHub's "oops commits" for leaked secrets

(trufflesecurity.com)

199 points elza_1111 | 1 comments | 03 Jul 25 06:44 UTC | HN request time: 0.206s | source

Show context

ggm ◴[03 Jul 25 07:13 UTC] No.44452457[source]▶

Maybe a default secure delete option could be made a lower bar event?

Checkout to event, commit in clean state with prior log history, overlay the state after the elision and replace git repo?

When I had to retain log and elide state I did things like this in RCS. Getting date/time info right was tricky.

replies(3): >>44452527 #>>44452528 #>>44452799 #

Sayrus ◴[03 Jul 25 07:27 UTC] No.44452527[source]▶

>>44452457 #

If you push a secret publicly, you should consider it leaked. On GitHub, you have 5 minutes on a non-watched repository (due to the delay) and less than 30 seconds on a watched repository to revoke it before it's been cloned and archived by a third-party. Whether that party is malicious or not, rewriting the Git history will not change anything that the secret is leaked. And you can already rewrite the Git History and garbage collect commits that aren't part of the tree anymore on most providers.

replies(1): >>44452533 #

1. ggm ◴[03 Jul 25 07:29 UTC] No.44452533[source]▶

>>44452527 #

Yes I can see my off-line experience doesn't apply. Thanks.

↑