|
|
|
|
|
|
by dustedcodes
1345 days ago
|
|
|
I think that is a reasonable limit. It prevents you from having forever tokens floating around, somewhere left and forgotten many years ago and perhaps getting leaked one day through some vulnerability in that particular system. Just automate the recycling of your tokens if you can't be bothered to review it once a year and generate a new one yourself. If security to your own repos is not worth of a one time 20 minute effort to automate this then I wonder what is. |
|
|
I've not found an API endpoint for setting a GitHub Actions secret, for example. Or for generating fresh time limited personal access tokens.