alt Hacker NewsSurprised that people allow force-push on git. If it needs to be done, it should only be done after consultation and disabled after.
Surprised that people allow force-push on git. If it needs to be done, it should only be done after consultation and disabled after.
It was on development branches. The threat actor was trying to delete development work.
Their main branch was already protected. I don't think it makes sense to protect every single branch in a repo? Since not all devs will have the ability to turn this off