Closed derhuerst closed 4 years ago
Let me know if you need help with this.
PRs are welcome
You can revoke your token on the GitHub UI. This will invalidate the plugin's token within 5s.
npm token
support was added in verdaccio v4.3.0 but this plugin currently only supports v3, so I'll close this for now.
I'm re-opening this because v4 is now supported, although I'm not sure if we can hook into how Verdaccio handles the npm token
command.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Using GitHub OAuth, it's very easy to get an auth token. Thanks for this lib!
But if I accidentally post my auth token somewhere, I should be able to revoke/invalidate my token using the built-in
npm token revoke
command. Seamless secret invalidation is considered an important security feature.Let me know if you need help with this.