Y
Hacker News
new
|
ask
|
show
|
jobs
by
progbits
185 days ago
I wouldn't say that's better. Now your .config directory contains a github token that can do more than just repo pull/push, and it is trivially exfiltrated. Though similar thing could be said for browser cookies.