He could push directly to main/prod, so there weren’t explicitly any code reviews or necessarily oversight. Also, that code would be private. Only an insider with repository access could tell us that.
That said, I also want to know. I’m guessing we’ll hear about it soon enough.
Not really? Every single maintainer / owner of a repository can do that. The only thing stopping them is protecting a branch. And even that isn’t a thing in git, it’s just something that providers like github or gitlab did to prevent people accidentally pushing to main like that. So they got maintainer access and that’s the entire story?
The article doesn’t say what he did, only that he had write abilities. Did he use them? How do we know? If yes, what were they specifically?
He could push directly to main/prod, so there weren’t explicitly any code reviews or necessarily oversight. Also, that code would be private. Only an insider with repository access could tell us that.
That said, I also want to know. I’m guessing we’ll hear about it soon enough.
“could” doesn’t mean “did”?
True. But there’s zero reason to give permissions that reckless unless you plan on using them.
Not really? Every single maintainer / owner of a repository can do that. The only thing stopping them is protecting a branch. And even that isn’t a thing in git, it’s just something that providers like github or gitlab did to prevent people accidentally pushing to main like that. So they got maintainer access and that’s the entire story?
Josh Marshall, the reporter from Talking Points Memo asserted that he did push changes.