Pricing
Log in Sign up →
Back to blog

Opinion

"Isn't GitHub my backup?" No. And here is why.

A remote is not a backup. Git push leaves behind uncommitted work, stashes, local branches, and .env files. GitHub has had 257 incidents in 12 months. Here is what you are actually risking.

May 2026 7 min read HXA Labs
Backup GitHub
Written for: (select one)

What is git push vs git backup?

Git push is a command that sends committed objects from your local repository to a remote server like GitHub, GitLab, or Bitbucket. It transfers only committed data on the branches you push. It does not transfer uncommitted changes, staged files, stashes, local-only branches, git hooks, reflog history, or files excluded by .gitignore (like .env files). A git backup, by contrast, captures the complete state of your local repository, including all five namespaces of uncommitted work: the index, working tree changes, untracked files, stashes, and in-progress operation state. The distinction matters because a remote is a collaboration tool, while a backup is a recovery tool. They solve different problems and leaving one out creates a gap most developers do not discover until a hardware failure.

Think of GitHub like a shared folder for your finished work. When you push, you are sending only the commits you have made. Anything you have not committed yet stays on your laptop and nowhere else.

What GitHub does NOT save
  • Work you have not committed yet
  • Stashes (temporary saves you made mid-task)
  • Local branches you have not pushed
  • Your .env file with passwords and API keys
  • Git hooks you set up for your workflow
What a real backup saves

Everything. Committed work, work in progress, stashes, environment files. All captured automatically, without you having to remember to push.

A push is for sharing. A backup is for saving. They are not the same thing.

A git push is a partial state transfer. It serializes committed objects reachable from the specified refs and transmits them to the remote. Five namespaces are systematically excluded from this transfer:

Excluded namespaces
  1. INDEX Staged but uncommitted changes
  2. WORKTREE Unstaged modifications
  3. UNTRACKED New files not yet added
  4. STASH refs/stash entries (dangling commits)
  5. OP_STATE In-progress merge, rebase, cherry-pick state

A git backup captures all five namespaces atomically. A git push captures none of them. This is the infrastructure gap this post addresses.

A remote is not a backup. Say it until you believe it.

The scenario you are ignoring

Your laptop dies. The SSD fails at 2am on a Tuesday. No warning. You had uncommitted changes across three repos. A stash you have been sitting on for a week. Environment variables you never backed up because they were in .gitignore where they belong.

No problem. You have GitHub.

Except GitHub is down. February 2026 alone had 37 incidents. Your repos are there, somewhere, on Microsoft's servers. You just cannot reach them. And even when you can, half of what you lost was never pushed in the first place.

This is not a hypothetical. This is what happens when you confuse a remote with a backup.

Your computer stops working. It could be a spilled drink, a failed hard drive, or a laptop that will not turn on. You stayed calm because you have been pushing to GitHub regularly.

What you just lost
  • 3 hours of work you were about to commit
  • A stash you saved mid-feature last Thursday
  • Your entire .env file (passwords, API keys, configs)
  • A local branch with early experiments you were not ready to share
Good news

This is fixable with the right setup. GitHub is still useful. You just need one more layer that runs automatically and captures everything, not only what you remembered to push.

Single-point-of-failure analysis. A developer with a standard GitHub workflow has exactly one local copy and one partial remote copy. When the local machine fails, recovery depends entirely on what was pushed to the remote at failure time.

State lost at failure boundary
  • Agent workspace state (mid-task context accumulated in working tree)
  • CI environment configurations not committed to the repo
  • Secrets and credentials in .env files excluded by gitignore
  • In-flight rebase or merge operation state
  • Any stash refs (not transmitted by push protocol)

GitHub had 37 incidents in February 2026. Even if the remote is intact, provider availability adds a second failure mode. A resilient recovery architecture requires a backup that is independent of GitHub's uptime and complete beyond what push transmits.

What "backup" actually means

The backup industry has had a standard answer for decades. It is called the 3-2-1 rule.

  • 3 copies of your data. The original plus two backups.
  • 2 different storage types. Your laptop SSD and a cloud bucket. Or a local NAS and an external drive. The point is that one failure mode does not take out both.
  • 1 copy offsite. Somewhere physically separate from your machine, so that a fire, theft, or flood does not erase everything at once.

Now test GitHub against this rule. You have your laptop (copy one) and GitHub (copy two). That is two copies on two media. Seems close.

But the 3-2-1 rule assumes complete copies. GitHub does not have a complete copy. It has whatever you last pushed. If you have uncommitted work, unpushed branches, stashes, environment files, or work-in-progress code, GitHub has none of it. You have one and a half copies at best.

Backup experts have a simple rule called the 3-2-1 rule. It has worked for photographers, writers, and businesses for decades. Here is what it means for your code.

3: Three copies of your project

Your laptop is copy one. GitHub is copy two. You are missing copy three.

2: Two different places to store them

Your laptop SSD and a cloud bucket count as two different storage types. GitHub counts as one of them.

1: One copy somewhere else entirely

A fire, flood, or theft should not be able to erase everything at once. That offsite copy is what protects you.

The problem with using GitHub as your backup is that it only holds a partial copy. Anything you have not committed and pushed is missing. You have one and a half copies, not three complete ones.

The 3-2-1 rule is an infrastructure requirement, not a best practice. Three independent copies. Two different storage classes. One geographically separate. GitHub satisfies one of the three copies and partially satisfies the second storage class requirement.

3-2-1 Requirement GitHub Compliant Backup
3 complete copies Partial (push only) Yes
2 storage types 1 of 2 Yes
1 offsite Yes Yes

The critical compliance gap: GitHub's offsite copy is incomplete. The 3-2-1 rule requires complete copies. A partial push state does not satisfy the rule, even though it satisfies the "offsite" checkbox superficially.

What git push leaves behind

When you run git push, git sends your committed objects to the remote. That is it. Here is everything that stays behind on your local machine.

What Pushed to GitHub? At risk?
Committed + pushed branches Yes No
Uncommitted changes (staged or unstaged) No Yes
Stashes No Yes
Local branches not yet pushed No Yes
.env and gitignored files Never Always
Work-in-progress (WIP commits) Only if pushed Usually
Git hooks No Yes
Reflog history No Yes

Most developers have at least two or three of these sitting on their machine at any given time. Some have all of them. Every single one is invisible to GitHub.

Stashes are local only. They are not branches. They are not pushed. They are not backed up anywhere. When your disk dies, every stash dies with it.

When you push to GitHub, only your committed code goes up. Everything else stays on your laptop. Here is what that means in practice.

Work in progress

The code you are writing right now, before you commit it. If your laptop dies while you are mid-feature, this is gone. It was never on GitHub.

Stashes (this one hurts)

When you save unfinished work with git stash, those saves are local only. They do not go to GitHub. They do not get pushed. If your laptop dies, every stash is gone permanently.

Your .env file

API keys, database passwords, service tokens. These are in .env on purpose, kept off GitHub to stay safe. But that means they have no backup at all unless you create one.

Local branches

If you started a branch and have not pushed it yet, GitHub does not know it exists. It only lives on your machine.

Risk matrix for what a standard git push leaves unprotected on the local filesystem.

Local-only data by namespace
Namespace Git location Push transmits? Risk
Index .git/index No High
Working tree Project files No High
Stash refs/stash No High
Untracked files Filesystem only Never Always
Op state .git/MERGE_HEAD etc No Medium
Gitignored files .env, secrets Never Always
Critical finding: Stash entries are dangling commit objects referenced only by refs/stash. The push protocol does not transmit dangling commits or local-only refs. There is no mechanism in standard git to push stashes to a remote. They are structurally local-only.

Five scenarios where GitHub fails you

1. GitHub has an outage

Between May 2025 and April 2026, GitHub logged 257 incidents with 48 major outages. GitHub Actions usage has grown from 500 million minutes per week in 2023 to 2.1 billion in early 2026, and infrastructure has not kept pace. The platform's own CTO admitted they initially planned for 10x scale but realized by early 2026 they needed to design for 30x.

During an outage, you cannot clone, pull, or push. If your machine is also dead, you have zero copies.

Period Total Incidents Major Outages
2023 (full year) 94 22
2024 (full year) ~120 26
2025 (full year) ~180 36
May 2025 - Apr 2026 257 48

The trend is going up, not down.

2. Your account gets compromised

In March 2026, a campaign called ForceMemo compromised hundreds of GitHub accounts through malicious VS Code and Cursor extensions. The malware harvested GitHub tokens and used them to force-push malicious code into every repository the victim owned. Hundreds of Python repos were injected with malware before anyone noticed.

Earlier, the Gitloker extortion campaign took a different approach. Attackers compromised accounts, wiped repository contents, renamed repos, and left a ransom note as the README. Pay up or lose your code.

If an attacker has your GitHub token, they can delete every repo you own. GitHub might be able to restore it. They might not. Their terms say they will make "a reasonable effort" to provide a copy within 90 days. Reasonable effort is not the same as a guarantee.

3. Accidental force push

Someone on your team runs git push --force to the wrong branch. The remote history is rewritten. The commits you were depending on are gone from GitHub. If your local copy still has them, you can recover. If your local copy is also gone, those commits are permanently lost.

This happens more often than anyone admits. GitHub community forums are full of developers asking how to recover from accidental force pushes. Some recover. Many do not.

4. Terms of Service violation

GitHub can suspend your account at any time for a Terms of Service violation. The suspension can happen "with or without notice," according to their own terms. In 2025 alone, GitHub processed 2,661 DMCA deletion requests and removed 47,228 repositories.

Some of those were legitimate takedowns. Some were false positives. GitHub community forums include reports of developers locked out for weeks or months while resolving verification issues. During that time, every repo on the account was inaccessible.

GitHub does have a Developer Defense Fund. But legal processes take time. Your deadline does not wait for a dispute resolution.

5. GitHub changes or disappears

GitHub is owned by Microsoft. Microsoft has shut down products before. It is unlikely that GitHub goes away tomorrow. But "unlikely" is not "impossible," and building your entire backup strategy on the continuity of a single company is a bet, not a plan.

Terms change. Pricing changes. Free tiers shrink. A strategy that depends entirely on one provider's goodwill is not a strategy. It is a dependency.

GitHub is a company, not a guarantee. Here are five situations where having GitHub as your only copy is not enough.

1. GitHub goes down

257 incidents in one year. When GitHub is down, you cannot pull, push, or clone. If your laptop is also broken, you have no copies at all.

2. Your account gets hacked

In 2026, hundreds of GitHub accounts were compromised through malicious editor extensions. Attackers wiped projects and left ransom notes. GitHub might restore it. They might not.

3. Someone force-pushes over your work

A force push rewrites history on the remote. If your local copy is gone and the remote history was overwritten, those commits are permanently lost.

4. Your account gets suspended

GitHub suspended 47,228 projects in 2025. Some were legitimate takedowns. Some were false positives. If your account is locked, you cannot access your projects until the dispute is resolved. That could take weeks.

5. GitHub changes or disappears

GitHub is owned by Microsoft. Companies change, get acquired, shut down features, or change pricing. Building your entire safety plan on one company's promises is a bet, not a plan.

Five infrastructure failure modes. Each represents a distinct risk vector that a GitHub-only backup strategy does not mitigate.

SEV-2
Provider availability failure

257 incidents in 12 months. During degraded API access, git operations fail. Backup strategy requires independence from provider uptime. A local-encrypted backup on user-owned storage is unaffected by GitHub availability.

SEV-1
Account credential compromise (ForceMemo)

Malicious VS Code/Cursor extensions harvested GitHub tokens and executed force-push attacks across all repos the victim owned. An independent encrypted backup is unaffected by account-level credential compromise.

SEV-2
Remote history rewrite (force push)

Force push rewrites remote ref targets. Original commit objects become unreachable from the remote. Without a backup that captured those objects before the rewrite, they are unrecoverable from GitHub.

SEV-2
Account suspension (ToS enforcement)

47,228 repositories removed in 2025. Suspension locks access to all repos on the account. A backup stored on user-owned infrastructure remains accessible regardless of account status.

SEV-3
Provider discontinuation or policy change

Free tier elimination, pricing changes, or product discontinuation are all within Microsoft's discretion. Vendor lock-in at the backup layer is a survivability risk for long-running projects.

What you actually lose

When developers say "I use GitHub as my backup," they usually mean they push regularly and feel safe. Here is a realistic picture of what a working developer has on their machine that GitHub does not have.

  • 2-4 hours of uncommitted work on an average day. More on a deep focus day.
  • 3-5 stashes from context-switching between tasks last week.
  • 1-2 local branches for features not yet ready for review.
  • Environment files with API keys, database credentials, and service configurations that took hours to set up correctly.
  • Git hooks for linting, testing, and deployment that are not tracked in the repo.
  • IDE configurations and local tooling that make the repo actually buildable on your machine.

A disk failure does not ask whether you committed. It does not wait for you to push. It takes everything.

Think about a typical Tuesday. You have been coding for a few hours. Here is a realistic picture of what is sitting on your laptop that GitHub does not have.

What is at risk on your machine right now
  • 3 hours of code you are writing (not committed yet)
  • 4 stashes from switching between tasks this week
  • 1 local branch with experiments you are not ready to share
  • Your entire .env file (API keys, database passwords, tokens)
  • Custom git hooks that make your workflow run smoothly

When your laptop stops working, it does not ask whether you remembered to commit. It takes all of it. The question is whether you have a copy somewhere else.

Quantified risk assessment for a standard development workday. These figures represent the expected unprotected state at any given failure boundary.

Unprotected state at failure boundary
Asset Typical exposure Recovery possible?
Uncommitted work 2-4 hours per day No
Stash entries 3-5 per week No
Unpushed branches 1-2 active No
Gitignored env files Hours to reconstruct Partial
Local hooks + tooling 30-90 min setup Partial

Time-to-recovery with a GitHub-only strategy after total local failure: measured in hours to days. With a complete automated backup to user-owned storage: measured in minutes.

A remote is not a backup

A git remote is a collaboration tool. It lets multiple people work on the same codebase. It is designed for sharing, not for recovery.

A backup is a recovery tool. It is designed to restore your complete working state after a failure. Every file. Every change. Every secret. Back to the exact moment before things went wrong.

Here is the difference.

Property Git Remote (GitHub) Real Backup
Captures uncommitted work No Yes
Captures stashes No Yes
Captures gitignored files No Yes
Captures all local branches Only if pushed Yes
Runs automatically No (manual push) Yes
Encrypted at rest No (readable by provider) Should be
Independent of provider uptime No Yes
Survives account compromise No Yes
Survives force push No Yes
Survives account suspension No Yes

Ten properties. GitHub satisfies one. Maybe two if you are disciplined about pushing branches.

A remote is for sharing. A backup is for saving. They are built for completely different jobs.

Think of GitHub like a whiteboard in a shared office. It is great for collaborating. It is not where you keep the only copy of something important.

What GitHub is great at
  • Sharing code with teammates
  • Reviewing pull requests
  • Running CI/CD pipelines
  • Hosting your committed history
What GitHub cannot do
  • Save work you have not committed
  • Run automatically without you pushing
  • Encrypt your code so only you can read it
  • Stay available when GitHub is down
  • Survive if your account is compromised or suspended

GitHub does 1 out of 10 things a real backup needs to do. The good news is the other 9 are solvable.

Capability matrix comparing git remote semantics against backup system requirements. This is a compliance analysis, not a criticism of GitHub's design. GitHub is designed for collaboration, not recovery.

Backup requirement GitHub Compliant backup
Captures all 5 git namespacesNo (1 of 5)Yes
Automated schedulingNoYes
Encryption at rest (user-keyed)NoYes
Provider-independent availabilityNoYes
Survives account-level compromiseNoYes
Survives force-push history rewriteNoYes
Captures gitignored secretsNeverYes
Verifiable restorabilityNoYes
User-owned storageNoYes
Compliance gap count9 of 90 of 9

GitHub satisfies zero of the nine backup system requirements. It satisfies many collaboration requirements. These are different product categories.

The fix

A real backup for code needs to do three things.

  1. Capture everything. Committed work, uncommitted changes, stashes, local branches, environment files. All of it. Automatically. Without waiting for you to remember to push.
  2. Encrypt before storing. Your code should not be readable by your storage provider. GitHub can read every file in your private repos. A subpoena, a breach, or an internal policy change is all it takes. Encryption means even if the storage is compromised, the data is useless without your key.
  3. Store independently. Your backup should not depend on the same provider, the same account, or the same infrastructure as your primary copy. If GitHub goes down, your backup should still be there. On your own storage. Under your own control.

This is what we built DevSafe to do.

Keep using GitHub. It is a great remote. It is a great collaboration tool. It is not a backup. Stop treating it like one.

The 3-2-1 rule for code: Your laptop is copy one. GitHub is copy two (partial). An encrypted, automated backup to your own storage is copy three. That is the one most developers are missing.

The good news: fixing this is straightforward. You need three things.

1. Something that captures everything

Not just committed code. Your work in progress, stashes, local branches, and environment files too. And it needs to run automatically, not just when you remember to push.

2. Encryption before it leaves your laptop

Your code should be scrambled before it goes anywhere. That way, even if the cloud storage is breached, no one can read your project without your key.

3. Your own storage, not GitHub

Your backup needs to be in a separate place that you control, independent of GitHub. That way if GitHub is down or your account has a problem, your backup is still there.

That is what DevSafe does. Keep using GitHub for collaboration. Add a real backup that runs automatically in the background.

Three infrastructure requirements for a compliant code backup system.

REQ-1
Complete state capture across all 5 namespaces

Index, working tree, untracked files, stash refs, and in-progress operation state. Automated scheduling. No manual intervention required. Agent workspace state must be captured between task boundaries.

REQ-2
Encryption before egress (AES-256-GCM, user-held keys)

Data must be encrypted on the local machine before transmission. Keys must not leave the machine. Storage provider must not have access to plaintext. This addresses both provider breach and subpoena risk.

REQ-3
User-owned storage, independent of GitHub account

S3-compatible bucket under the user's own credentials. No dependency on GitHub account status, GitHub availability, or GitHub's terms of service. Backup must be accessible when GitHub is not.

Key insight: A backup system that uses the same provider, the same account credentials, or the same infrastructure as the primary copy does not satisfy independence requirements. GitHub-to-GitHub archiving is not a backup.

DevSafe implements all three requirements: complete state capture, AES-256-GCM encryption before egress, and user-owned S3-compatible storage. GitHub remains the collaboration layer. DevSafe is the recovery layer.

Frequently asked questions

Does git push back up everything in my repository?

No. Git push only sends committed objects on the current branch to the remote. It leaves behind uncommitted changes in your working directory, staged but uncommitted files, stashes, local-only branches, git hooks, .env files, and anything in .gitignore. If your laptop dies, all of that unpushed work is gone even though your remote is intact.

Is GitHub reliable enough to use as my only backup?

GitHub had 257 incidents in 12 months, including complete outages, degraded API access, and git operations failures. Even with perfect uptime, GitHub only stores what you have pushed. It is a collaboration tool and a remote, not a backup service. A real backup follows the 3-2-1 rule: three copies, two different storage types, one offsite.

What is the difference between a git remote and a backup?

A git remote stores pushed commits on a server you do not control. A backup is an independent, complete copy of your data stored on infrastructure you own, with automatic scheduling, encryption, and verified restorability. A remote requires you to remember to push. A backup runs automatically. A remote skips uncommitted work. A backup captures everything. A remote is controlled by a third party. A backup is yours.

Does pushing to GitHub save everything in my project?

No, and this surprises a lot of people. When you push, only your committed code goes up. Anything you have not committed yet stays on your laptop only. That includes your temporary saves (stashes), any branches you have not pushed, your environment file with passwords and API keys, and code you are actively writing. If your laptop breaks before you commit and push, that work is gone even though GitHub looks fine.

Can I count on GitHub to always be there when I need it?

GitHub is reliable most of the time, but it had 257 problems in one year, including periods where you could not push, pull, or access your projects at all. More importantly, even if GitHub is always available, it still only holds what you pushed. A real backup runs automatically and holds everything, not just what you remembered to send up.

What is the actual difference between GitHub and a backup?

GitHub is for sharing with teammates and storing your finished commits. A backup is for emergencies. It captures everything automatically, not just what you pushed. It encrypts your code so only you can read it. It stores everything on your own cloud storage, not a company that could go down or suspend your account. GitHub is a great collaboration tool. A backup is what protects you when things go wrong.

Does git push provide complete state capture for backup purposes?

No. The git push protocol transmits committed objects reachable from the specified refs. It excludes four of the five local git namespaces: the index, working tree, untracked files, and stash refs. It also excludes gitignored files such as environment configs and secrets. For agent-based workflows, this means any in-progress task state accumulated in the working tree between commits is not transmitted and is lost on local machine failure.

Is GitHub's availability sufficient for a production backup dependency?

No. 257 incidents in 12 months, including degraded git operations and complete API unavailability. Beyond availability, GitHub's backup value is bounded by what was last pushed. A resilient production backup architecture requires independence from GitHub's availability, account status, and terms of service. User-owned S3-compatible storage satisfies this independence requirement where GitHub does not.

What is the architectural difference between a git remote and a backup system?

A git remote is a collaboration synchronization endpoint. It receives push protocol payloads and stores the transmitted objects. A backup system is a recovery infrastructure component. It captures complete local state across all namespaces, encrypts before egress, stores on independent infrastructure, runs on automated scheduling, and provides verified restorability. These are different product categories with different design goals. GitHub satisfies zero of nine backup system requirements as analyzed in this post.

All posts

English is my second language, and I am deaf. I use AI tools to help organize ideas and communicate clearly. Everything you read here reflects my own thinking, experience, and perspective. AI helps me bridge communication barriers so I can focus on sharing ideas rather than struggling with language mechanics.

This page carries a verifiable publication receipt.
Verify
Published
Signed by devsafe.com
Content Hash 9341b7b942f25c3f5fa8947f756b8abe5ce04b38a4af01b6a246c23ab78f4ab7
Algorithm SHA-256 + Ed25519
Timestamp 2026-06-15T23:17:23.676Z
TSA Co-sign FreeTSA.org
Raw Receipt JSON
{
  "version": 1,
  "type": "publication-receipt",
  "url": "https://devsafe.com/blog/github-is-not-backup",
  "contentHash": "sha256:9341b7b942f25c3f5fa8947f756b8abe5ce04b38a4af01b6a246c23ab78f4ab7",
  "timestamp": "2026-06-15T23:17:23.676Z",
  "signedBy": "devsafe.com",
  "publicKey": "https://devsafe.com/.well-known/publication-receipt-key.json",
  "signature": "ed25519:WuXybrmn1JHQZ+DBbSuNpXbDs7c5BiCdhjzgYi3eXHkVlFp4RT3almy0S+OaQRX9y3mCIaW18Ieb9MMim1xMCA==",
  "tsaCosignature": {
    "tsr": "MIISFjADAgEAMIISDQYJKoZIhvcNAQcCoIIR/jCCEfoCAQMxDzANBglghkgBZQMEAgMFADCCAYYGCyqGSIb3DQEJEAEEoIIBdQSCAXEwggFtAgEBBgQqAwQBMDEwDQYJYIZIAWUDBAIBBQAEIJNBt7lC8lw/X6iUf3Vrir5c4Es4pK8BtqJGwjq3j0q3AgQFoo/YGA8yMDI2MDYxNTIzMTcyM1oBAf+gggETpIIBDzCCAQsxETAPBgNVBAoMCEZyZWUgVFNBMQwwCgYDVQQLDANUU0ExdjB0BgNVBA0MbVRoaXMgY2VydGlmaWNhdGUgZGlnaXRhbGx5IHNpZ25zIGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0cyBtYWRlIHVzaW5nIHRoZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAWBgNVBAMMD3d3dy5mcmVldHNhLm9yZzEkMCIGCSqGSIb3DQEJARYVYnVzaWxlemFzQG1haWxib3gub3JnMRIwEAYDVQQHDAlXdWVyemJ1cmcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm6ggg5nMIIGYDCCBEigAwIBAgIJAMLphhYNqOnNMA0GCSqGSIb3DQEBDQUAMIGVMREwDwYDVQQKEwhGcmVlIFRTQTEQMA4GA1UECxMHUm9vdCBDQTEYMBYGA1UEAxMPd3d3LmZyZWV0c2Eub3JnMSIwIAYJKoZIhvcNAQkBFhNidXNpbGV6YXNAZ21haWwuY29tMRIwEAYDVQQHEwlXdWVyemJ1cmcxDzANBgNVBAgTBkJheWVybjELMAkGA1UEBhMCREUwHhcNMjYwMjE1MTk0NDIyWhcNNDAwMjAyMTk0NDIyWjCCAQsxETAPBgNVBAoMCEZyZWUgVFNBMQwwCgYDVQQLDANUU0ExdjB0BgNVBA0MbVRoaXMgY2VydGlmaWNhdGUgZGlnaXRhbGx5IHNpZ25zIGRvY3VtZW50cyBhbmQgdGltZSBzdGFtcCByZXF1ZXN0cyBtYWRlIHVzaW5nIHRoZSBmcmVldHNhLm9yZyBvbmxpbmUgc2VydmljZXMxGDAWBgNVBAMMD3d3dy5mcmVldHNhLm9yZzEkMCIGCSqGSIb3DQEJARYVYnVzaWxlemFzQG1haWxib3gub3JnMRIwEAYDVQQHDAlXdWVyemJ1cmcxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm4wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASiFeGhstbLhxix0o4UAumNSwHUUlOe3DBvs8fYs580wADW59oqGSCx15bp61TSmXkwLm1JW48XnbLLizP6ZtjcvshV3H9uz2bS53sgDXhg1wLbIhAtraC+fHCytHeuVaujggHmMIIB4jAJBgNVHRMEAjAAMB0GA1UdDgQWBBQVwL0m69RdgtFdkyYxL+9wsotGXjAfBgNVHSMEGDAWgBT6VQ2MNGZRQ0z357OnbJWveuaklzALBgNVHQ8EBAMCBsAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwbAYIKwYBBQUHAQEEYDBeMDMGCCsGAQUFBzAChidodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2ZpbGVzL2NhY2VydC5wZW0wJwYIKwYBBQUHMAGGG2h0dHA6Ly93d3cuZnJlZXRzYS5vcmc6MjU2MDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2NybC9yb290X2NhLmNybDCByAYDVR0gBIHAMIG9MIG6BgMrBQgwgbIwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZnJlZXRzYS5vcmcvZnJlZXRzYV9jcHMuaHRtbDAyBggrBgEFBQcCARYmaHR0cDovL3d3dy5mcmVldHNhLm9yZy9mcmVldHNhX2Nwcy5wZGYwRwYIKwYBBQUHAgIwOxo5RnJlZVRTQSB0cnVzdGVkIHRpbWVzdGFtcGluZyBTb2Z0d2FyZSBhcyBhIFNlcnZpY2UgKFNhYVMpMA0GCSqGSIb3DQEBDQUAA4ICAQBrMVS/YfnfMr0ziZnesBUOrDNRrNNgt3IgMNDwNhwl6oKWHVIhlYnM/5boljfbpZTAbqvxHI3ztT0/swxQOqTat5qBJRAY/VH1n/T4M9uDjSuu3qfh0ZH5PL9ENqoVW44i5NT/znQev2MGXOAHwz9kZwwzz9MFX6hbGhBqWa+nlAqb7Y72KFzj33m1OVHxV2Wl4YD9f91bZTFpUEGW4Ktbkmxpf/iGIPaf4WHpoBW/O6EzofMKYlz4yXyEBh0wRRVyXltLrj+MFHqhe+PsMBllq/dCaO4W/F+AuHElu7aUYWMASelphWAJiUsNMr5HAoeCSSgilqf1CSoWC+k6e4334Fym+Iy4csMex+PG4rSdqXJVQ+AWEdRajSPKh7yDfpNkdnO6yqQJ/tSd11XQ5cL0M9jWuCD1zHlgA+u+R2cry3yo23jD7qTGLhZqUvXCyWigH30/Q/RXjjDwrc4DJiQ+gRY0FhdTYqlvgMBPr4LcJKnNksivdj+kbz7bVSbrBAzRiazK9l841/5XMtP9BvD0hKCpQFvP9PSgCC8EQnKqgSe26FSJBaAQcA5TnK8NF4jkbElBxf/zyh7P3IjHso35jtgUWD1/itg9BJWbYUwJ4tfILpB2F0wbk1GcZDCDZoyW3Xf3trApz/Zd93gF3joc9Hh9RFveKRzWQ7ddUt3egTCCB/8wggXnoAMCAQICCQDB6YYWDajpgDANBgkqhkiG9w0BAQ0FADCBlTERMA8GA1UEChMIRnJlZSBUU0ExEDAOBgNVBAsTB1Jvb3QgQ0ExGDAWBgNVBAMTD3d3dy5mcmVldHNhLm9yZzEiMCAGCSqGSIb3DQEJARYTYnVzaWxlemFzQGdtYWlsLmNvbTESMBAGA1UEBxMJV3VlcnpidXJnMQ8wDQYDVQQIEwZCYXllcm4xCzAJBgNVBAYTAkRFMB4XDTE2MDMxMzAxNTIxM1oXDTQxMDMwNzAxNTIxM1owgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALYCjg4wMvERENlkzalLnQJ44ZQq6ROqpZkHzaaXk5lb2ax+M7rZ/jcE2hwBqY0hr+P1kaWdcGdwUWeZj1AWci4KtGKyH0ORcdLPzEWT83Na95SlqzEfbAEMeJjeM9dcRRDudvS9HRSYzxfTA/BqXdn3lsxsqbZXpW/j6k/vvnzmtqGNPjWjDO5f8XDRzzmjM9P9qJZNIttoWynlYb6JDwqoRYc7LoSrJquDn/6PrenSO7MeYdJzzJuIBkkYX6vs+gU0YAq6kBthTi6FRYLeoiJvwZzX31K+1Q2Hd82ZiMBTo/x9wyh6BopP8StxPNmANmbpVThUVv84+AKYz2uThW6SJHdKZs8c3RHC+O/YUgPXRYslZksT7WOc3tT/gRPWzFNT0nKUc8PDBxV8ciqltd0L+y1sOLG5N0nIgexgAm0IlRs4JL1xusvORzrr1jbwuRi0osj/RpTwdFevLW8c+CVU0XcP15/10xTc0QTN3KvJQTgFbfzwF+frhXL9UvcBRPGI2gX1gj9Y3QYpfnOHvtLXcsE9qCZmAQRf5BLdcJhsDJh7pzRLkDc4dRbSWOeIW1H4lot/JgEhO8TLTIX4/wuEr2qYgzfN+4GGj37PMdymcW1+wt2ALBZyYp5cAFLLNX3Smq/EP2FbOx/51OHOCMccc+H+u33FajNiEynp7WwjAgMBAAGjggJOMIICSjAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQU+lUNjDRmUUNM9+ezp2yVr3rmpJcwgcoGA1UdIwSBwjCBv4AU+lUNjDRmUUNM9+ezp2yVr3rmpJehgZukgZgwgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERYIJAMHphhYNqOmAMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly93d3cuZnJlZXRzYS5vcmcvcm9vdF9jYS5jcmwwgc8GA1UdIASBxzCBxDCBwQYKKwYBBAGB8iQBATCBsjAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5mcmVldHNhLm9yZy9mcmVldHNhX2Nwcy5odG1sMDIGCCsGAQUFBwIBFiZodHRwOi8vd3d3LmZyZWV0c2Eub3JnL2ZyZWV0c2FfY3BzLnBkZjBHBggrBgEFBQcCAjA7GjlGcmVlVFNBIHRydXN0ZWQgdGltZXN0YW1waW5nIFNvZnR3YXJlIGFzIGEgU2VydmljZSAoU2FhUykwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vd3d3LmZyZWV0c2Eub3JnOjI1NjAwDQYJKoZIhvcNAQENBQADggIBAGivfr+ThWLvTOs7WAvi+vbMNaJncpYvPZWQH6VjDIfQkZiYTOigajP4qcKC7Z8csRrGwj4XEI7k785vspTelcEzJiJVclUiymGXHUo7f3glDfuNSu7A+xlZsWQQBSC5wQ5kxiZi5K1NCrriKY/JSPxOmejZ5rj9vkQEEh7HwUIurLLJ1zKOBzluYLTzu4A61KVVyA/vtT+F53ZKCp+0r8OZ9M0vX79YcQXGCBzz0FM3trt9GwELdJ9IiMkS82lrobaQLXe338BGwEoMwexPjRheLaVd+3vCogNsYhkkak+Z3btvH4KTmPO4A9wK2Q3LWb70wnx3QEuZBDt4JxhnmRFSw5nxLL/ExiWtwJY1WuRONCEA7FF6UC4vBvlAuNQ1mbvBFU+K52GgsNVV+0oTkdTzQgr42/EvLX3bnXfc4VN4BAdK8XXk8tbVWzS11vfcvdMXMK9WSA1MDP8UP56DvBUYZtC6Dwu9xH/ieGQXa71sGrhd8yXt93eIm8RHG/P6c+VsxZHosWDNp7B4ah7ASsOyT6LijV0Z5eSABNXhZqg8guxv1U+zheuvcTOoW1LeRttSROHDSujTbnEvn84NST19Pt1YbGGY4+w+bpY0b0F6yfIh4K/zOo9qCx70wCNjC3atqo2RQzgl7MQcSaW5ixgcfaMOmXq5VMc8LNgFr9qZMYIB7TCCAekCAQEwgaMwgZUxETAPBgNVBAoTCEZyZWUgVFNBMRAwDgYDVQQLEwdSb290IENBMRgwFgYDVQQDEw93d3cuZnJlZXRzYS5vcmcxIjAgBgkqhkiG9w0BCQEWE2J1c2lsZXphc0BnbWFpbC5jb20xEjAQBgNVBAcTCVd1ZXJ6YnVyZzEPMA0GA1UECBMGQmF5ZXJuMQswCQYDVQQGEwJERQIJAMLphhYNqOnNMA0GCWCGSAFlAwQCAwUAoIG4MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMjYwNjE1MjMxNzIzWjArBgsqhkiG9w0BCRACDDEcMBowGDAWBBRIH9U8U004QYDAKGUZoDb5iFRHZjBPBgkqhkiG9w0BCQQxQgRAFFPKKOF03ewS5dzfAh+D3zDX/BsnboKheYgshNqEDX6bcYt49BlPlm3W1ERBc5eO/mB+aXcxgE0P0VVXbpDYujAKBggqhkjOPQQDBARoMGYCMQCd2qUnmPCfxWylkATfh6WB5C5Xz/XbQOgyfsAprWJVPWxD1McfqlNFK/FKP0Nqy+ICMQC4wy3js7UccrhdjplShRgrby6mCG5Qnnw6bcjubrF2x1n8CY28vjetl+jolycKFiU=",
    "tsaUrl": "https://freetsa.org/tsr",
    "requestedAt": "2026-06-15T23:17:23.739Z"
  }
}

Skip this step

No spam. Unsubscribe anytime.

Ask Voss

Answers sourced from this article only

I've read this entire post. Ask me anything about why GitHub is not a backup, what it does not protect, or what you need beyond git hosting.
...

10 questions per session