We’re off to a rough start today. A dev who’s been with us for half a year got fired. While clearing out their work computer, they accidentally deleted our company’s GitHub org. We’re talking over 50 repos gone in a flash!
Now we’re all twiddling our thumbs, waiting to hear back from support. Fingers crossed they can recover everything.
Side note: All our devs have owner access. Maybe time to rethink that?
Update: Good news! GitHub support came through and restored everything this afternoon. Turns out the dev was using their personal Mac. They were trying to remove local repos and company logins when they ‘accidentally’ deleted the whole org while leaving. And yeah, this all went down at the office. Talk about an awkward exit!
Wow, that’s a nightmare scenario! Glad to hear GitHub support saved the day. I’ve been through something similar, though not quite as dramatic. We had a junior dev accidentally push a massive binary file to our main repo, which ballooned the size and caused all sorts of issues.
After that incident, we implemented a strict access control policy. Only senior devs and leads have admin rights now. Everyone else gets read/write access to their specific project repos. We also set up branch protection rules and required code reviews.
One thing I’d strongly recommend is setting up regular backups of your repos. We use a third-party service that takes nightly snapshots of all our GitHub orgs. It’s saved our bacon more than once when someone’s made a mess of things.
Lastly, consider implementing a proper offboarding process for departing employees. Revoking access should be the first step, ideally before they even know they’re being let go. It’s not foolproof, but it can prevent a lot of potential headaches.