~sircmpwn/sr.ht-docs

42908ef074137468536bb04d7efafe888f3567d2 — Drew DeVault 12 days ago a4f0a78
builds.sr.ht: update details on secret leaks
1 files changed, 6 insertions(+), 6 deletions(-)

M builds.sr.ht/index.md
M builds.sr.ht/index.md => builds.sr.ht/index.md +6 -6
@@ 124,12 124,12 @@ This is done for you automatically whenever you submit builds using sr.ht
features. When building patches from your mailing list, sr.ht will automatically
disable secrets.

In any case, if your secret is leaked, you **must** consider it permanently
compromised, revoke it from any services it provides authentication for, and
generate new secrets from scratch. All build logs are public, and to encourage
users to roll over secrets which are compromised, our policy is to refuse to
redact secrets leaked in this manner. If you require some time to fully address
the consequences of a secret leak, we may redact them for up to one week —
If your secret is leaked in a public *or* unlisted build, you **must** consider
it permanently compromised, revoke it from any services it provides
authentication for, and generate new secrets from scratch. To encourage users to
rotate compromised secrets, SourceHut policy is to refuse to redact secrets
leaked in this manner. If you require some time to fully address the
consequences of a secret leak, we may redact them for up to one week —
[email support][sr.ht-support] if you require this.

## Build environment