Skip to content

users would need better explanation for PATs #4

Description

@VijaySamant4368

Currently, the access page just asks PAT to be entered, however, the user should know about the dangers and scopes of PATs.

Dangers:

  • Though the PATs are stored encrypted, when making a request to GitHub, they are being exposed in memory as well as in requests. Any browser extension monitoring the later can easily access the PAT.
  • Abusing of PATs may trigger some unwanted actions on the account associated to the PAT (Refer to Understanding GitHub's policies #3)

Scopes:

  • Repository administration: Used to create new repositories when uploading to a new repo.
  • Repository contents: Used to read, create, and update files (i.e. upload and fetch images).

Metadata

Metadata

Assignees

No one assigned

    Labels

    good first issueGood for newcomershtml-basicResolving this issue requires basic knowledge of HTML.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions