On Wed, Mar 31, 2021 at 3:14 PM @lbutlr <[email protected]> wrote:
>
> On 31 Mar 2021, at 12:02, Jose Quinteiro <[email protected]> wrote:
> > I've found passwords checked into public Github repos more than once. I
> > don't equate Github with security.
>
> Have you also found the code necessary to replicate a 2FA token checked in to 
> a GitHub repo?
[...]

The "official" statement [1] points to a compromise of git.php.net
server than any individual account. Potentially poorly maintained
infra. They may have simply moved to github to delegate this
responsibility of maintaining the infra to github, and potentially
simplify access control decisions.

Thanks.

-ag

[1] https://news-web.php.net/php.internals/113838
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[email protected]"

Reply via email to