-
Notifications
You must be signed in to change notification settings - Fork 217
Use API keys by default #450
Comments
I wish GitHub had something like https://google.com/device (which I intend to use in a project which I am working on). I am not doing this now, but I might find some time to do so in about 3 weeks (hopefully).
|
I was able to use only my username and PAT by leaving the password blank in the |
i think it is already supported in the current release. there is |
i think, asking for |
We could offer a list of authentication options using inquirer: https://github.com/SBoudrias/Inquirer.js#prompt-types The list of options could include what |
@mohhasbias Are you sure about that? This is what I got when I was using personal access token for accessing. |
@kenshinji you can generate a personal access token yourself here: https://github.com/settings/tokens/new Add these scopes: And then add to your
This will allow you to bypass the prompt which is just a convenience method. All we do is generate the personal token and store it for you automatically. Please let me know if you have any issues with that. I'm closing this for now as we will still offer the convenience method of generating the personal token for you. |
gh
delegates to the npmgithub
module for authentication, which sends your username and password as an HTTP header. That feels insecure.GitHub has personal access tokens for this purpose, which is what
github
is creating behind-the-scenes. Can we change the prompt to ask for a token, and completely avoid potentially sending real user credentials over-the-wire?The text was updated successfully, but these errors were encountered: