IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [github]

github.com is a website for hosting source code using the git version control system. This tag is for questions about security aspects of the github platform. For questions about git itself, please use [git]

github.com is a website for hosting source code using the git version control system. This tag is for questions about security aspects of the github platform. For questions about git itself, please use

75 questions
108
votes
4 answers

Suspicious GitHub fork

Update (April 15): The forked repo and the user do not exist any more. Yesterday, one of my GitHub projects was forked and there is a suspicious commit on the fork of the repo. As you can see from the commit the GitHub Actions configuration installs…
Giorgi
  • 913
  • 2
  • 4
  • 12
2
votes
1 answer

Is it possible to find the owner of a GitHub Pages site that is connected to a custom domain?

I am curious whether someone could find out if a site hosted on GitHub Pages could be traced back to the user that published it. This is of course, assuming that: the GitHub repository containing the website’s file is private, the website is…
Mysterio
  • 21
  • 2
1
vote
1 answer

What can an attacker do with a stolen GitHub deploy key?

Let’s say I created a deploy key with write permissions to repository A. Let’s say repository A has a protected master branch that has " Require a pull request before merging " enabled and “Allow force pushes” and “Allow deletions” disabled for…
1f604
  • 11
  • 1