search

sahil-sagwekar2652 / GitHub-Automation-scripts

Bash and Python scripts to automate your Git & GitHub workflow. Made by using only standard python libraries.
https://sahil-sagwekar2652.github.io/GitHub-Automation-scripts/
MIT License
52 stars 64 forks source link

github_secrets.py is added #114

Open bhavya1857 opened 1 year ago

bhavya1857 commented 1 year ago

Issue Description:

The problem initially was that the GITHUB_API_TOKEN and USERNAME variables were hard-coded into the github_secrets.py file. This means that anyone who had access to the file would be able to see the GitHub personal access token and username.

To fix this problem, I suggested changing the GITHUB_API_TOKEN and USERNAME variables to environment variables. This means that the GitHub personal access token and username would be stored in the environment and not in the file. This makes the code more secure because only the people who have access to the environment variables will be able to see the GitHub personal access token and username.

I also suggested adding comments to the code to explain what each line does. This makes the code easier to read and understand.

Finally, I suggested indenting the code by four spaces. This makes the code easier to read and understand. Moreover the github_secrets.py was missing

Expected Behavior:

The new changed code would get the GitHub personal access token and username from the environment, instead of hard-coding them into the file. This makes the code more secure because only the people who have access to the environment variables will be able to see the GitHub personal access token and username.

The code would also print the GitHub personal access token and username to the console. This is useful for debugging purposes.

Current Behavior:

If we don't implement the changes I suggested, then the GITHUB_API_TOKEN and USERNAME variables would still be hard-coded into the github_secrets.py file. This means that anyone who had access to the file would be able to see the GitHub personal access token and username.

This would be a security risk because anyone who could access the file could use the GitHub personal access token and username to access your GitHub account. They could then use your account to make changes to your repositories, create new repositories, or delete repositories.

In addition, if the file were to be leaked or compromised, anyone who could access it would be able to see your GitHub personal access token and username. This could be used to impersonate you on GitHub or to steal your identity.

Therefore, it is important to implement the changes I suggested to make the code more secure.

Labels: new file added

bhavya1857 commented 1 year ago

i have done the PR for this already

sahil-sagwekar2652 commented 1 year ago

link the PRs please.