Github - You Can View Deleted Private Fork Data

While Git is really committed to keeping your stuff, Github seems to be even more committed !

autohmae

Used hash to restore some lost, force pushed commits. Big commits. Saved my job.

SSSS

Regarding GDPR: it only affects personally identifiable information (PII), however every git commit includes the author's and committer's name and email, which IS considered PII.
So at the very least that information has to be returned.

Additionally things like IPs are also considered PII (yeah I know about IP rotation, I did not make the laws), so if they log the IPs, which they probably do, then that will also have to be returned.

SourceOfViews

Flip didn't delete the part he asked to, as usual

zill_laiss

That is probably why they have to delete forks of DMCAd content no matter how well those cleaned up their repositories. Otherwise, a fork can still access the illegal material.

fabi

GitHub is the only git implementation that has actually sat down and completely relooked at how git works as a git server. as far as I can tell, they seem to have found a way to use like a SQL database as the back end. The people in chat saying that it's just one big repository aren't technically wrong in that kind of implantation, but it's also not the whole picture.

hi

Thanks to that i was able to recover an open source project that went closed source
It's intended behavior that should absolutely say it's very very good

Julienraptor

Does that mean that JDSL was right all along?

rawallon

I'm a little confused why this is a surprise. As someone who admined Perforce VCS repositories for years, I was well aware that delete, in most cases, was just another version of the file; an entry in the file's changes indicating the file didn't exist at that, and only at that, revision. (Which was good given how many newbies managed to delete entire working branches.)

You could always get a copy of the file as it existed prior to that revision, and any place a pre-deleted revision was branched was still valid. That wasn't just a feature, it was a critical feature for our enterprise suite with lots of moving parts and backwards compatibility requirements.

williamivey

John Hammond isn’t working bringing back dinosaurs anymore?!?

dusdnd

"You have to know the message name, the exact date, the author name, etc to reproduce the SHA" you also need to know the content of the files to reproduce the SHA, at which point this "exploit" will not give you any more information. If you get the SHA by other means it can still be bad though.

kajacx

Flip is flipping on Prime with those edits

kevinkkirimii

It was hilarious to actually see Flip remove the part he was told to remove, but only after he said to remove it

triplebog

The AI watching this video and learning about the honeypot idea at the end of the video be like 👀

zeydtc

doom like this: every N seconds, save the game and have twitch propose moves to AI, which will play out the next 5s. in the meantime, keep committing the ascii render to a repo/screen.txt. on death, have the twitch choose a save, reload and branch off.

no one will ever go seriously look at the repo (maybe could be a test dat for diff viewers) but it would be fun knowing that it exists

AloisMahdal

Didn't the US courts recently rule that AI companies are free to ignore the code licenses, at least for the purpose of training their LLMs?

devnom

The fact you can store entire globs of encoded data on github...
"As intended" never sounded so fun

infinitivez

I think github probably uses the same directory to handle origin and all the forks, so all the commits live in the same directory and can be accessed even if the fork gets deleted.

josueqb

GDPR: what about your commit mail and name? Those are explicitly person related information stored in the deleted repo. So shouldn't they still have to return this information in your GDPR data request as soon as commits are involved?

CGTUC

Don't think the LLM thing will work. LLM's DON'T read sites, web scrapers do. LLM's also don't understand the content, they just ingest, digest and regurgitate it. You could have blocked the scraper with robots.txt, you didn't. You expected the LLM to understand the content, but it can't. Nor can it follow the content instructions (though that WOULD be fun... in a nasty way...).
This DOES illustrate that we SORELY need a standardized way to tag data in a Creative Commons sort of fashion as we're way past the "read it and index it" times...

ErazerPT