Private Comments & Your Security

Summary While leaving "private comments" on a repo can be incredibly useful, it can get you into trouble if the wrong person sees them and disagrees with what they see. This post goes into the problems, consequences, and things that tools that provide this functionality need to do to protect their users from accidental harm. Some Context A while ago I wrote a tool called "Private Comments", which allows you to leave "private comments" on a codebase that aren't actually in the codebase.