rsHRF
rsHRF copied to clipboard
[BUG] Compromised credentials
What version of the bids app were you using?
No response
Describe your problem in detail.
CircleCI has alerted everyone to cycle credentials stored in their environment variables: https://circleci.com/blog/january-4-2023-security-alert/
A PYPI_PASSWORD environment variable was set in CircleCI (I have deleted it). I believe this belongs to @AmoghJohri and needs to be changed immediately. In the future, we should use tokens, and this can be done by setting TWINE_USER
to __token__
and TWINE_PASSWORD
to a token that is scoped to this one package only. The twine tool will automatically pick these up.
See https://pypi.org/help/#apitoken for additional guidance.
What command did you run?
No response
Describe what you expected.
No response