ChengOrangeJu
commented
6 years ago Hello @eur0pa , thanks for your information, that's very helpful. Generally, this is an github account that is created by internal team members temporarily to test dependencies and make no harm. However, I agree with you that it is better not to reveal it in the repo. Thanks!
I was going to report this "elsewhere", but I'm not sure it pertains your scope. This set of credentials give access to GitHub as an organization and exposes data for all its members–you might want to assess whether it's a liability or not.
https://github.com/nebulasio/go-nebulas/blob/415c6ab50279aefb2ff37f447bf28a01b1e94f46/net/testing/test/main.go#L12