Hacker News new | comments | show | ask | jobs | submit login

I think github should keep an active list of filters that they apply to all code submitted to their service.

Such as when it is a key file, or is a known credential file -- "amazon_s3.yml" for example, they should send a warning to the committer.

And then show a big red flag on the website if the repo is public.

And of course, remove the results from search.

I know it's not github's responsibility, but it would help make the web a bit safer.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact