Alright, that all sounds reasonable. However… I think I’m asking the wrong question. Let’s start here:
Is it even safe to clone a repo from github onto a live server? I’m going to say probably not, ESPECIALLY when I work with collaborators. How do I know their workstations are secure? Who has access to it? How do I know they didn’t push a shell script into the repo that I missed?