Disappointed that the GitHub security log doesn’t show access for personal accounts. Would be rather nice if they temporarily made that available for a short period of time so we can see if any of our repositories have been cloned/downloaded.
I've been disappointed with GitHub's auditing capabilities.
I noticed that some members of my team were committing changes to our enterprise repositories with poorly-configured clients, so it was impossible to tell who made the commit or performed the push.
I understand that git itself doesn't have any protections against this, but GitHub knows who pushed it; why isn't that metadata available?
Do you know whether that's available via GitHub proper? I'd like the user identity for commits to be accessible through the API, but last I checked it wasn't.
(Updated for clarification: user identity is available via the API, but only the identity embedded in git itself, not the GitHub authenticated user.)
