Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
jedberg
on April 15, 2022
|
parent
|
context
|
favorite
| on:
We lost 54k GitHub stars
But that's an easy fix. If they delete the repo, delete the stars. If they make it private, indicate it is now private in some way.
judge2020
on April 15, 2022
[–]
That's information disclosure; nothing about the repo after it's privated should be known, including name changes and deletion.
jedberg
on April 15, 2022
|
parent
|
next
[–]
It’s unclear to me what the attack vector is for that disclosure.
loa_in_
on April 15, 2022
|
parent
|
prev
[–]
It was known and there are many sites scraping GH for metadata that will have it anyway
judge2020
on April 15, 2022
|
root
|
parent
[–]
Not whether or not a repo exists after it's set private.
loa_in_
on April 16, 2022
|
root
|
parent
[–]
This information is useless. It leaks nothing but name and existence of something once public (that vanished from public view). Most importantly it's not confidential or critical in any way
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
