Sensitive information may have been inadvertently committed to the repository
RA80533 opened this issue · 1 comments
RA80533 commented
The information in question resides in .vsgitbuild, located at the root of the repository. I suggest you revoke the exposed personal API token (see this blog post), modify the root .gitignore file to exclude .vsgitbuild from the repository, and push your repository after running git rm --cached .vsgitbuild.
folke commented
Thank you for pointing this out!!
The token in question only had read access on notification count, but still a pretty bad thing I overlooked there.
I must've added this by accident.
Thanks again!