create-pull-request icon indicating copy to clipboard operation
create-pull-request copied to clipboard

Published 20 hours ago verified publisher icon peter-evans

docs: suggest using fine-grained PATs

Open jackkoenig opened this issue 2 years ago • 1 comments
trafficstars

Fine-grained PATs fix a lot of the security issues with PATs so are worth suggesting (IMO): https://github.blog/2022-10-18-introducing-fine-grained-personal-access-tokens-for-github/.

jackkoenig avatar May 05 '23 17:05 jackkoenig

Hi @jackkoenig

I'm happy add information about using fine-grained PATs to this section of the documentation, but it should be a separate bullet point and not replace the existing advice. The reason for this is that fine-grained PATs are still in beta and not all GitHub APIs and processes support them yet. Some features of this action appear not to work with fine-grained PATs currently, such as this issue. So if I add it to the documentation it needs to come with a caveat that it may not work in all cases.

peter-evans avatar May 08 '23 00:05 peter-evans