| ▲ | ammar2 4 hours ago | |
> it'd be awesome if the in-browser IDE launched with a temporary per-repo permission scope That's actually exactly what they do for codespaces. The token only has read/write on the repo you activated for the codespace [1]. They should definitely consider doing that for github.dev as well. [1] https://orca.security/resources/blog/hacking-github-codespac... | ||