Github security flaw when detaching fork
The only (reliable) way to detach github fork into a standalone repository is to contact github support. It can be done via web form, where you should enter your name and email, and send request to them.
That’s what I did for my own repo. In a couple of hours I got the response that the job is done. And it really was.
But they didn’t verify my identity. Which means that anyone can impersonate another user and detach his fork.
When I told them about this, they replied that they have a specific process to follow in cases like this - which is a total crap, because once a fork is detached, it’s gonna be a little hard to get it back. And who knows what else can be done by contacting them…
Written on October 20, 2018