That is one thing that RFC8959 is intended to solve. If you see "secret-token:" ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		er4hn on May 27, 2022 \| parent \| context \| favorite \| on: NPM security update: Attack campaign using stolen ... That is one thing that RFC8959 is intended to solve. If you see "secret-token:" in any logs after running tests you flag that as a problem and fail the test.

willcipriano on May 27, 2022 [–]

Thanks I assumed someone else must've had the same idea.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact