Subnostr

The raw git protocol is unencrypted. It's fine for in-house repos but not a good idea for the open internet. Anything unencrypted is subject to snooping, alteration, and man-in-the-middle attacks.

mleku 2y ago

If the repo's commits are signed, that closes the MITM attack/alteration vectors, and snooping too, at least learning what state is being copied in by a pull command.

Reply to this note

Please Login to reply.

Discussion

Hazey 2y ago

True! But I don't think the percentage of repo's actually using signed commits is very high