GitHub keeps removing malware-laced repositories, but thousands remain.
    • surewhynotlem@lemmy.worldEnglish
      0·
      1 year ago

      To try and take over other people’s ci/cd pipelines and inject malware into otherwise legitimate application binaries.

  • Hal-5700X@lemmy.worldEnglish
    0·
    1 year ago

    Don’t use forks of repositories. Why don’t GitHub restrict forking. What will solve the problem.

    • catloaf@lemm.eeEnglish
      0·
      1 year ago

      Maybe just don’t blindly run code without at least checking the authenticity of the repo

  • Jeena@jemmy.jeena.netEnglish
    0·
    1 year ago

    I planned to selfhost my own code repos forever, this gives me one more little push, but let’s see if I move it to my server.

  • driving_crooner@lemmy.eco.brEnglish
    0·
    1 year ago

    Imagine if AI starts to pick up those malicious code as valid, and when you ask it to help you set up a server or something it gives you the malicious code.