GitHub repository visibility changed to public
Description
AlphaSOC detected that a GitHub repository visibility was changed from private to public. This change exposes repository content, actions history, and workflow logs to anyone on the internet. Additionally, private forks become detached and convert into independent public repositories.
Impact
Changing a private repository to public exposes sensitive information to anyone on the internet. Exposed data can include source code and internal implementation details. Action workflow histories and logs become publicly visible, potentially revealing authentication tokens, credentials, and internal repository references. The change impacts private forks by detaching them into standalone repositories.
Severity
| Severity | Condition |
|---|---|
Low | GitHub repository visibility changed to public |
Investigation and Remediation
Review the repository visibility change in GitHub audit logs to determine who made the change and when. If unintended, revert the repository back to private status immediately. Conduct a thorough review of repository contents, git history, and action logs for any exposed sensitive data or credentials. Rotate any potentially compromised tokens and review repository security settings.