| ▲ | lloeki 3 days ago | |
Maybe: - create a GitHub App or something that can generate transient tokens - implement some CLI that generates a token - login with that token - push See e.g: https://medium.com/@tiwari09abhi/github-app-token-authorizat... https://martin.baillie.id/wrote/ephemeral-github-tokens-via-... But I'm not even sure because GH auth system is all over the place and downright nuts in some places... e.g a fine grained token with repo access can't curl a tarball with the usual URL, it has to use the /api which makes tooling that constructs URLs from repo names and versions break with no recourse as soon as you disable classic PATs | ||