Describe the bug
I have a private repo in GitHub which I have no authority to access repository settings.
But I still can access to repository secrets and create/update/delete the secrets.
To Reproduce
Steps to reproduce the behaviour:
Link the repo which has no authority to access repo settings with vscode github actions extension.
At the extension can see/edit/create/delete the secrets.
Expected behavior
Supposed to be failed or blocked to read/write the secrets.
The VSCode Extension uses our public REST APIs to modify secrets and variables. Repo secrets and variables can be written written, modified and deleted with collaborator access to the repo
Describe the bug I have a private repo in GitHub which I have no authority to access repository settings. But I still can access to repository secrets and create/update/delete the secrets.
To Reproduce Steps to reproduce the behaviour:
Expected behavior Supposed to be failed or blocked to read/write the secrets.
Extension Version
v0.26.2