Re: [heycam/webidl] Use Travis-CI deployment support. (#818) from Domenic Denicola on 2019-10-24 (public-webapps-github@w3.org from October 2019)

From: Domenic Denicola <notifications@github.com>
Date: Thu, 24 Oct 2019 08:50:02 -0700
To: heycam/webidl <webidl@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <heycam/webidl/pull/818/c545981998@github.com>

This isn't as secure as using a per-repo deploy key; in particular GitHub access tokens give access to all repositories on your account.

The setup I've been using recently is still based on encoded deploy keys. See e.g. https://github.com/WICG/origin-policy/commit/c3be6b3b84c92a8e49fce1a5eca91a7eb70c4158#diff-354f30a63fb0907d4ad57269548329e3

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/heycam/webidl/pull/818#issuecomment-545981998

Received on Thursday, 24 October 2019 15:50:04 UTC