Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] Should rmenv GitHub auth tokens #4157

Closed
matthew-cline opened this issue Apr 2, 2021 · 2 comments
Closed

[Feature] Should rmenv GitHub auth tokens #4157

matthew-cline opened this issue Apr 2, 2021 · 2 comments
Labels
enhancement New feature request
Projects
Release 0.9.68

Comments

@matthew-cline
Copy link
Contributor

The GitHub command line app (gh) uses GitHub personal access tokens. These can be passed to gh via environmental variables:

  • GH_TOKEN
  • GITHUB_TOKEN
  • GH_ENTERPRISE_TOKEN
  • GITHUB_ENTERPRISE_TOKEN

These should be rmenv'd somewhere. Perhaps in disable-passwdmgr.inc?
@rusty-snake
Copy link
Collaborator

Keep in mind that even if you rmenv them, a sandbox can still read the file where they are set if this file is not blacklisted or has no whitelist (in whitelisting profiles).

@rusty-snake rusty-snake mentioned this issue Aug 6, 2021
Closed
@kmk3
Copy link
Collaborator

kmk3 commented Dec 11, 2021

For future reference, the rmenv entries were moved to disable-common.inc
on #4461.

kmk3 added a commit that referenced this issue Dec 11, 2021
@kmk3
RELNOTES: add more missing pr/issue references
5716965 
Relates to #4157 #4288 #4461 #4462.
@kmk3 kmk3 added this to Done (on RELNOTES) in Release 0.9.68 Jan 27, 2022
@kmk3 kmk3 added the enhancement New feature request label Feb 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature request
Projects
No open projects
Release 0.9.68
  
Done (on RELNOTES)
Milestone
No milestone
Development

No branches or pull requests
3 participants
@matthew-cline @kmk3 @rusty-snake