This would reduce accidental creations of repos that are meant to be private in the first place. Often these repos contain confidential information, and sometimes even private keys (yes, it's bad practice that should be discouraged, but we can significantly lower the rate of accidents!). One potential way to achieve this is perhaps an additional preference at the org level. The repo creation UI can then present additional hoops/warnings/verifications to be able to create a public repo, or even deny it entirely (maybe you could make this access more granular in later iterations). Creation of private repo = business as usual. Often, these accidents are not noticed immediately because the UI indicator for private and public repos is barely noticeable. Maybe this could also be changed based on the additional preference. If the org prefers private repos, then the public ones can be rendered with a significantly noticable different theme, or something along that line.
... View more