Closed bearbin closed 8 years ago
In githubapihelper.php the client id and client secret are exposed. They should be removed, and the old ones invalidated to prevent compromise.
githubapihelper.php
Yeah. I security really well, don't I.
Have you revoked the key on GitHub's side, since history is immutable?
Yes, I have.
In
githubapihelper.php
the client id and client secret are exposed. They should be removed, and the old ones invalidated to prevent compromise.