When duplicating a feed the passkey is copied from the existing feed. Depending on how you view the use/purpose of the passkey, it is technically there to provide an extra layer of security in addition to just being able to pass a feed ID from a web request to a trigger a feed import. Having it not changed from an existing feed could be seen as potentially a security issue if you have a passkey for another feed and just increment the ID to try and guess or enumerate.
Not a bug technically but perhaps something that can be reviewed?
Steps to reproduce
Duplicate an existing Feed Me feed
The passkey value provided will be the same from the original feed
Description
When duplicating a feed the passkey is copied from the existing feed. Depending on how you view the use/purpose of the passkey, it is technically there to provide an extra layer of security in addition to just being able to pass a feed ID from a web request to a trigger a feed import. Having it not changed from an existing feed could be seen as potentially a security issue if you have a passkey for another feed and just increment the ID to try and guess or enumerate.
Not a bug technically but perhaps something that can be reviewed?
Steps to reproduce
Additional info