using Github personal access token on a public website
I have a website that displays records from a database. I have set up a feedback form so if someone spots a mistake in a record, they can report it so it can be set right. I use a Github Personal Access Token (PAT) to create a Github issue when the form is submitted, and then the appropriate team member is notified. It all works fine, but my questions:
This is potentially opening up the possibility of spam issues being created. How can I catch that? I have also set up a question-answer barrier before the user can submit the form (to determine it is not a robot trying to create fake issues) but, of course, this is not fool-proof.
The PATs seem to expire after a certain period of time. Is there a way to generate a PAT that lasts a long time?
Any other gotchas I should be aware of before I unroll this to public users?
The PATs seem to expire after a certain period of time. Is there a way to generate a PAT that lasts a long time?
As documented, a PAT only expires if you selected an expiration period at its creation:
For creating issues, make sure you have selected only the scope public_repo or repo permission on your Personal Access Token.
public_repowill only grant the ability to manipulate public repositories.- repo will grant the ability to manipulate all repositories you have access to.
Note sure about issue spam, except for reporting those when you see them.
- Using gitattributes for linguist examples
- 'Could not read from remote repository' on NPM install from GitHub public repo
- Github actions for creating an npm pacakge from angular workspace/library
- How do I list my gists?
- Is it possible to use GitHub Desktop application to commit to Bitbucket repository?
- Is there an overview of what can go into a .github "dot github" directory?
- Delete a workflow from GitHub Actions
- How do you publish a typescript website to GitHub Pages using Visual Studio?
- Rendering a GitHub wiki on a GitHub Pages Jekyll site
- Superscript in markdown (Github flavored)?
- How do I show docker pulls as an image in my github readme file
- Why is Visual Studio Code not recognizing Git?
- Support for password authentication was removed on August 13, 2021. Please use a personal access token instead
- GitHub - Find the pull request associated with a commit
- github action to copy a file from one repo to another
- Why does GitHub pages now show a 404 error?
- Show CI/CD Status overview of all repositories
- How to use array input for a custom GitHub Actions
- Does git checkout branch command actually really compare against remote?
- Git push results in "Authentication Failed"
- How do I get and download the contents of a file in GitHub using the REST API?
- Why does audio play locally but not on liveserver or Github Pages?
- Accidentally cloned an older version of my code from my repo to my updated folder. Is it possible to restore my files?
- How to delete files in github using the web interface
- Github: list PRs between two tags
- Github package successfully published, but not showing up in "Packages" section
- Backup all github repo to bitbucket
- How to add empty spaces into MD markdown readme on GitHub?
- How to include files in .gcloudignore that are ignored in .gitignore
- Permission denied error on Github Push