Techly NewsGet the app

Get the latest tech news

Anyone can access deleted and private repository data on GitHub


You can access data from deleted forks, deleted repositories and even private repositories on GitHub. And it is available forever. This is known by GitHub, and intentionally designed that way.

We surveyed a few (literally 3) commonly-forked public repositories from a large AI company and easily found 40 valid API keys from deleted forks. You create a private, internal version of that repo (via forking) and commit additional code for features that you’re not going to make public. We’ve spent a lot of time documenting how to rotate keys for the most popularly leaked secret types - check our work out here: howtorotate.com.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of GitHub

GitHub

Photo of repository data

repository data

Related news:

News photo

A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

News photo

'GitHub Is Starting To Feel Like Legacy Software'

News photo

Briefly Bio raises $1.2M to build the GitHub of science experiments

« Kamala Harris hasn’t said a lot about tech policy, but here’s what we know
Space-filling curves, constructively »