tk103331 commented on issue #2800: URL: https://github.com/apache/incubator-devlake/issues/2800#issuecomment-1229920314
I'm still new to the devlake project and am learning some details of this project. At first, I found plaintext PAT in the API return result, and later found that the plaintext is stored in the _devlake_blueprints.plan field. But in _tool_github_connections.token is encrypted. I have some experience in CI Pipeline, when a task in the pipeline requires sensitive data, it will only be decrypted and used when the task is executed.So I recommend decrypting sensitive data only while the SubTask is executing. This shouldn't be a very important issue, and hopefully it won't affect your plans. :smiley: -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
