Work with Github to add token scanning

Commenti

2 commenti

  • Kelwing

    IP whitelisting on bot accounts would be a better solution to this issue, imo.

  • Frikandel

    More documentation from Github: https://developer.github.com/partnerships/token-scanning/

    Seems fairly straight forward.

    @Kelwing that would be a good extra measure. I still don't think you want tokens to be public. You also can't force everyone to have IP restrictions, that would introduce a whole new set of issues. 

Accedi per aggiungere un commento.