rtvb
August 31, 2017, 7:25pm
6
Please be aware that you could possibly upload private and/or secret information like passwords, ssh keys or API keys to the cloud. E.g. Someone else’s computer.
It may be “private” but if it is on someone else’s servers, you don’t own it and you don’t have full control over it. While you trust the current company, that company may go out of business, change hands, or change business plans and start to harvest it sell your “private” repo.
That is the admittedly extreme but still accurate paranoid position. For me personally, it took less work to setup my own gogs docker image than it would have to figure out all the encryption options to protect my pass…
