The labs/private git repo is known and NOT private. It contains fake secrets.
We also sync it from Gerrit to Github and then every once in a while we get messages from users who find this and assume it's an accidental leak. They they contact us like they are reporting a security issue.
Similar with automatic scans and warnings such as this:
"GitGuardian has detected the following OpenSSH Private Key exposed within your GitHub account."
This just makes me think we should stop having that repo on github. We should use Gerrit and/or Gitlab and that should be enough for it and it stops the false alerts.