Am wondering if this is a reason to not run our own git server. Better stick to github, gitlab, bitbucket ?
https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/
Own git server or not ?
anjanesh I don't know the details but my understanding of this incident is that the server itself was compromised, not git or a specific git account.
We manage the servers that host your repos at Opalstack. If you have repos at Github etc then someone else is managing those servers for you. Either way, you're trusting a provider to mitigate this sort of risk for you.
This was a high-profile incident, but servers all over the world are compromised every day. I wouldn't think about switching providers unless I had some specific security concern.