%t9RS2SIyTJXaanKwFN4Woq033qInm9Shv6lGeZhDK9w=.sha256This is a similar discussion to the one we're having about avatars on ssb: %m2QMChU... %7FSY+a3...
It's not so much about who is allowed to fork the repo, it's more about whether you should clone from the latest commit pushed to the network or the latest repo pushed by the repo author.
Right now git-ssb clones from the latest push from anyone within your friend of a friend gossip network. However, it'd probably be just as easy to only clone from the repo author.
Then we wouldn't be worried about random strangers pushing commits to core repos.
I don't know which approach is best, but we should offer people a choice about whether they want to trust repo authors or everyone in their network.
--
And yes, I have accidentally pushed to master when I meant to push to a branch on %patchbay at least once back in the day. It's fairly easy to fix that issue -- just get in touch with the primary developer and have them push a new commit that doesn't include your code.