Because of literally this issue? I'm not sure if you're doing a generic "I don't like github" or know for a fact that CodeCommit doesn't have issues like this.
This seems like a terrible security vector but I'm not sure migrating thousands of repos out of github vs. training engineers to keep public and private repos completely separated makes sense and you haven't explained why you use CodeCommit.
Unless it is this reason, which like I said, seems a bit heavy handed, but I rarely move private repos to public.
I kind of assumed this was a distributed Git problem, not Github, but I don't know.
The article states that this “vulnerability” might exist in other scm systems as well
Because of literally this issue? I'm not sure if you're doing a generic "I don't like github" or know for a fact that CodeCommit doesn't have issues like this.
This seems like a terrible security vector but I'm not sure migrating thousands of repos out of github vs. training engineers to keep public and private repos completely separated makes sense and you haven't explained why you use CodeCommit.
Unless it is this reason, which like I said, seems a bit heavy handed, but I rarely move private repos to public.
I kind of assumed this was a distributed Git problem, not Github, but I don't know.
I use and like github for open source and publically shared projects.