Y
Hacker News
new
|
ask
|
show
|
jobs
by
elpakal
302 days ago
So if their GH API token with access to million plus repos was this easy to compromise, isn't it plausible that their token could have been used to clone clone said repos? Is it possible to audit the clone history of a token?