git-unlocked is an educational course repository. It does not contain application code, APIs, or user data. However, security matters in two specific ways:
- Malicious content - if you find a file that contains harmful, misleading or dangerous instructions that could put a learner at risk
- Credential or sensitive data exposure - if you find any accidentally committed secrets, tokens or private information in the repository history or files
Do not open a public GitHub issue for security concerns.
Report security issues privately by contacting the maintainer directly:
Isaac Adjei (Zaccess) - via isaacadjei.me
Please include:
- A clear description of the issue
- The file or location where you found it
- Any relevant context that would help reproduce or understand the problem
- You will receive acknowledgement of your report within 72 hours
- The maintainer will investigate and respond with a timeline for resolution
- Once resolved, you will be credited in the fix commit unless you prefer to remain anonymous
| In scope | Out of scope |
|---|---|
| Harmful or dangerous instructions in course content | Typos or factual corrections (use a normal issue) |
| Accidentally committed credentials or secrets | Style or formatting preferences (use a normal issue) |
| Links to malicious external resources | Feature requests (use a normal issue) |
| Misleading security advice that could harm learners |
Security is woven throughout this course rather than siloed in one place. Key security topics covered include credential management, SSH key setup, .gitignore for sensitive files, secret scanning, removing sensitive data from Git history, two-factor authentication and safe authentication practices.
If you believe any of this security guidance is incorrect or outdated, please open an issue or pull request - keeping this content accurate protects every learner who reads it.
Made with care by Isaac Adjei
Access Granted. Success Unlocked.