In this tutorial, I’ll show you how you can confirm this and protect your privacy by updating email settings and your local Git configuration.
- How anyone can find out your personal email
- Update your privacy settings on Github
- Add your private email to your local Git config
- Remove personal email addresses from GitHub repos
- Find out more
How anyone can find out your personal email
Github stores the history of commits and events for public repos, which anyone can view.
Git uses your email address to associate your name to any commits you author. Once you push your commits to a public repository on GitHub, the authorship metadata is published as well.
This means that your personal email addresses may be publicly available. I’ll show you how to check this by viewing the
.patch file of a commit in a browser and through making Github API calls.
GitHub in a browser
Here is how to find out the email address associated with a commit on GitHub via your browser.
- Go to a public GitHub repo in your browser
- Click on a specific commit
.patchto the end of the commit URL
You will then see the details of the commit, including the user and email address.
Did you know? You can also add
.diff to the end of a commit URL to also view the Git diff.
GitHub API call
The GitHub API for users’ public events is another way you can view personal information associated with GitHub data.
Entering this URL within your browser or calling this URL with a GitHub username returns a JSON object that includes email addresses associated with the user and commits.
Updating your privacy settings on GitHub
Fortunately, GitHub has recommendations for setting up privacy to hide personal email addresses.
Go to GitHub → Sign in → Personal Settings → Emails
Tick / enable the following settings:
- Keep my email address private
- Block command line pushes that expose my email……Read more>>