Turns out I found out you could even invite external collaborators into your fork and totally bypass enforced SSO.
Even if you block forking into your main repo, the existing forks remains active and still can pull from upstream.
It feels like if you need proper security, you have to go with enterprise
Turns out I found out you could even invite external collaborators into your fork and totally bypass enforced SSO.
Even if you block forking into your main repo, the existing forks remains active and still can pull from upstream.
It feels like if you need proper security, you have to go with enterprise