context: use the real oauth credentials
It is trivial to extract this information from the released artefacts, thus there is no security benefit to the safe/development credentials. This approach also prevents users from using go-get to install. As proof of concept, and to enable go-get, this change embeds the GitHub CLI credentials, instead of GitHub CLI (dev).
This commit is contained in:
Colin Arnott
Mislav Marohnić
parent
48ffd5aa00
commit
213f4a5333
1 changed files with 2 additions and 4 deletions
|
|
@ -18,10 +18,8 @@ const (
|
|||
)
|
||||
|
||||
var (
|
||||
// The GitHub app that is meant for development
|
||||
oauthClientID = "4d747ba5675d5d66553f"
|
||||
// This value is safe to be embedded in version control
|
||||
oauthClientSecret = "d4fee7b3f9c2ef4284a5ca7be0ee200cf15b6f8d"
|
||||
oauthClientID = "178c6fc778ccc68e1d6a"
|
||||
oauthClientSecret = "34ddeff2b558a23d38fba8a6de74f086ede1cc0b"
|
||||
)
|
||||
|
||||
// TODO: have a conversation about whether this belongs in the "context" package
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue