GitHub Community
Is there a way to prevent compromised collaborator accounts from stealing secrets? #25047
-
|
If I understand correctly, a single collaborator account could be compromised and a malicious actor could modify a config to run when pushed and send all your secrets to their server. |
Beta Was this translation helpful? Give feedback.
Answered by
Yanjingzhu
Jan 21, 2020
Replies: 2 comments
-
|
Sorry to tell you that you could not prevent collaborators to access to secrets through workflow. |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected
-
|
Oh bummer. I was hoping for a way to secure these for when working with contractors. Thanks for the reply! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sorry to tell you that you could not prevent collaborators to access to secrets through workflow.