mschwartz
commented
2 years ago Thanks for the heads up. Fortunately, I don't use Firefox much, especially for logging into sites.
The real heads up is to not install broot, which is a nice command line enhanced du. It ended up putting files in its .config/ subdirectories that it shouldn't.
You might want to report it to the broot repository as an issue for them.
Thanks again
Hey! I just wanted to inform you that your dotfiles repo seems to be leaking your firefox profile, including your cookies (cookies.sqlite) and browsing history (places.sqlite). I've been made aware of this issue by an article from The Register: https://www.theregister.com/2021/11/18/firefox_cookies_github/ . The problem with leaking your cookies.sqlite is that it might contain credentials that can be used to impersonate you on websites you have been logged into at the time of your last commit.
This information is publicly available and searchable by anyone with a github account, by simply using the Advanced Search and looking for the filenames (see https://github.com/search?q=filename%3Acookies.sqlite).
My suggestion is that you either make your dotfiles private, or add your firefox profile to the .gitignore. In any case you should probably take a look at your cookies.sqlite currently on github and change the passwords for websites contained in it.
Cheers, Daniel