First, they restricted code search without logging in so I’m using sourcegraph But now, I cant even view discussions or wiki without logging in.
It was a nice run
First, they restricted code search without logging in so I’m using sourcegraph But now, I cant even view discussions or wiki without logging in.
It was a nice run
Removed by mod
An API token is more secure than a password by virtue of it not needing to be typed in by a human. Phishing, writing down passwords, and the fact that API tokens can have restricted scopes all make them more secure.
Expiration on its own doesn’t make it more secure, but it can if it’s in the context of loading the token onto a system that you might lose track of/not have access to in the future.
Individual API tokens can also be revoked without revoking all of them, unlike a password where changing it means you have to re-login everywhere.
And that’s just the tip of the iceberg. Lmk if you have questions, though.
Removed by mod
Because of someone gets your API token they can only push and pull. If someone gets your password they can do anything
Removed by mod
Never used it in GitHub, but in GitLab it is not password equivalent, you can restrict its usage.
it’s obviously the same in github OP don’t know what is talking about lol