*creating a branch that happens to be named the same as a revision, which then t... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		password4321 9 months ago \| parent \| context \| favorite \| on: Tj-actions/changed-files GitHub Action Compromised... creating a branch that happens to be named the same as a revision, which then takes precedence for certain commands TIL; yikes! (and thanks)

Terr_ 9 months ago [–]

A signed commit [0] might be good for internal devops stuff (e.g. "yes, we really do want this version in production") but unfortunately that's not gonna work for pulling in third-party tooling, since most won't use it.

[0]https://git-scm.com/book/ms/v2/Git-Tools-Signing-Your-Work

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact