Closed tobias closed 8 months ago
We already support GitHub's secret scanning, where they report Clojars tokens found in code and we notify the user and disable the token.
They also now support a response where we can signal if the secret was actually a valid Clojars token.
We currently return an empty response.
Todo:
The changes to the endpoint have been deployed, and I've emailed Github.
We already support GitHub's secret scanning, where they report Clojars tokens found in code and we notify the user and disable the token.
They also now support a response where we can signal if the secret was actually a valid Clojars token.
We currently return an empty response.
Todo: