1. Home
  2. Discover
  3. Technology
  4. Product Habits

Product Habits - Managing access to GitHub/GitLab

I asked you how access to code in GitHub/GitLab is managed at your company.

Here’s what I learned.

Most people’s way of managing access to code repositories is through their onboarding/offboarding process. This starts as a simple checklist at smaller organizations and typically evolves into a more complex workflow and automation at larger organizations.

“There are onboarding/offboarding checklist. Each task in the checklist is managed by a person. Usually a manager is given the trigger to add/remove someone.”

“So part of the onboarding checklist is also to remove their accounts from the GitHub team.”

That all sounded fine and dandy to me. People described a very typical process that they have in place even at a 5-person startup.

But there’s a gap with these standard processes, a potentially major security gap. One person who replied really nailed the issue that persists which isn’t typically solved with the checklists and automated processes that organizations implement:

“One issue I found is that often, people are added manually to a repo instead of to a team.”

They continued on and described how this happens where they work.

“In those cases, sometimes someone still has access to a project because the onboarding/offboarding does not take into account those specific project cases.”

This tracks with everything we’re hearing from our customers. It’s manual, time consuming, and prone to errors to control who has access to GitHub and GitLab.

If this is something your company needs help with, reply and let me know.

Hiten











Copyright © 2022 Up Advisors, LLC., All rights reserved.
You received this email because you signed up to get emails from Product Habits.

Our mailing address is:
Up Advisors, LLC.
13337 South St. #269
Cerritos, California 90623

Add us to your address book


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Older messages

The most successful companies that almost failed

Monday, September 12, 2022

Some of the world's most successful companies have faced the threat of bankruptcy. The list might surprise you. Hiten's Pick The IKEA Effect The IKEA effect states that people overvalue things

Find the fast-moving water

Tuesday, September 6, 2022

Your goal as a founder is to find fast-moving water. Everything feels like it lights up at once when you're in it. Hiten's Pick Find the Fast-Moving Water This article compares technology and

The best product-led growth examples

Monday, August 29, 2022

This is an interesting read about the findings from signing up for more than 50 product-led growth companies. Hiten's Pick Internal Company Memos Internal company memos lend a ton of insight into

How is your code access managed?

Thursday, August 25, 2022

Just the other day, a former Twitter employee who left 18 months ago tweeted about still having access to the company's code repositories in GitHub... Just the other day, a former Twitter employee

How Segment found product-market fit

Monday, August 22, 2022

In 2020, Segment was acquired for an eye-popping $3.2B. Everyone dreams about that level of success, but it happened almost by accident for Segment. Hiten's Pick Scaling a Startup to Unicorn Status

You Might Also Like

Youre Overthinking It

Wednesday, January 15, 2025

Top Tech Content sent at Noon! Boost Your Article on HackerNoon for $159.99! Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, January 15, 2025? The

eBook: Software Supply Chain Security for Dummies

Wednesday, January 15, 2025

Free access to this go-to-guide for invaluable insights and practical advice to secure your software supply chain. The Hacker News Software Supply Chain Security for Dummies There is no longer doubt

The 5 biggest AI prompting mistakes

Wednesday, January 15, 2025

✨ Better Pixel photos; How to quit Meta; The next TikTok? -- ZDNET ZDNET Tech Today - US January 15, 2025 ai-prompting-mistakes The five biggest mistakes people make when prompting an AI Ready to

An interactive tour of Go 1.24

Wednesday, January 15, 2025

Plus generating random art, sending emails, and a variety of gopher images you can use. | #​538 — January 15, 2025 Unsub | Web Version Together with Posthog Go Weekly An Interactive Tour of Go 1.24 — A

Spyglass Dispatch: Bromo Sapiens

Wednesday, January 15, 2025

Masculine Startups • The Fall of Xbox • Meta's Misinformation Off Switch • TikTok's Switch Off The Spyglass Dispatch is a newsletter sent on weekdays featuring links and commentary on timely

The $1.9M client

Wednesday, January 15, 2025

Money matters, but this invisible currency matters more. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

⚙️ Federal data centers

Wednesday, January 15, 2025

Plus: Britain's AI roadmap ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Post from Syncfusion Blogs on 01/15/2025

Wednesday, January 15, 2025

New blogs from Syncfusion Introducing the New .NET MAUI Bottom Sheet Control By Naveenkumar Sanjeevirayan This blog explains the features of the Bottom Sheet control introduced in the Syncfusion .NET

The Sequence Engineering #469: Llama.cpp is The Framework for High Performce LLM Inference

Wednesday, January 15, 2025

One of the most popular inference framework for LLM apps that care about performance. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update

Wednesday, January 15, 2025

THN Daily Updates Newsletter cover The Kubernetes Book: Navigate the world of Kubernetes with expertise , Second Edition ($39.99 Value) FREE for a Limited Time Containers transformed how we package and