this post was submitted on 13 Nov 2025
96 points (99.0% liked)

Opensource

4626 readers
61 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

CreditsIcon base by Lorc under CC BY 3.0 with modifications to add a gradient


founded 2 years ago
MODERATORS
pylapp@programming.dev
96
Android syncthing repo gone and Developer profile gone private. (github.com)
submitted 1 month ago by cm0002@digipres.cafe to c/opensource@programming.dev
12 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] orygin@piefed.social 6 points 1 month ago* (last edited 1 month ago) (1 children)

It makes sense, but once it's pushed there is no way to know if it's been cloned or kept somewhere else. The only real mitigation is to rotate the keys or password that was leaked.
If it's something else you can't rotate, you're screwed.

[–] onlinepersona@programming.dev 3 points 1 month ago (1 children)
[–] somewa@suppo.fi 2 points 1 month ago* (last edited 1 month ago)

The point wasn't that it's not accessible but limiting the damage while you still can.