This is not limited to GitHub. The whole point of putting an email into each commit is to make it easy to contact the author.
So if you make a git repo public, no matter whether you use a managed git service or self-host, anyone who can access it will be able to read all those email adresses in the commits.
This seems like a nothing-burger. If you put your email address publicly on the Internet, you'll get spam. Git inherently doesn't let you remove your email address from past commits without rewriting history and all the problems that causes. And I have no idea why this suggests a bunch of GitHub alternatives that all have the same "problem".
6 comments
[ 4.4 ms ] story [ 29.0 ms ] threadBasically, I have 2 email addresses: one public, one professional that I share only with partners/clients/coworkers.
I expect my public address to be found in under 5 minutes if someone wants to contact me (or spam me).
So if you make a git repo public, no matter whether you use a managed git service or self-host, anyone who can access it will be able to read all those email adresses in the commits.
Delete is the only real option now as far as I see.
I don't know if any of the other ones do that. It's always good to have a second option.
Replacing email addresses in past commits means rewriting history, which will break everyone else's copy of the repo.
> I don't know if any of the other ones do that.
None of them do what you want.