👩💻 Join our community of thousands of amazing developers!
The GitLab security team is aware of a blog post from Sysdig describing how attackers scan public repositories to identify exposed credentials in Git config files. GitLab consistently recommends its customers and users follow several best practices to harden their public GitLab projects to prevent unintentional leaks of their credentials in Git config files or elsewhere in public projects. 1. Limit public visibility of GitLab Groups and Projects GitLab recommends setting the default visibility f...