|
|
|
|
|
|
by candiddevmike
817 days ago
|
|
|
If they're a GitHub App, they receive a token to authenticate into your account/org when you grant them access/enable the app. Everyone should audit their GitHub Apps periodically/avoid using them if at all possible IMO. Most of these integrations are just a convenience for adding webhooks, which you can do yourself without compromising security. Always prefer "outbound" integrations. |
|
|