My understanding is Trivy’s Personal Access Token (PAT) - used for accessing your account via scripts / the services API - got leaked in the repo. The bot saw the PAT and revoked it because someone else could come along and use it to gain access to their repo or impersonate them.
My understanding is Trivy’s Personal Access Token (PAT) - used for accessing your account via scripts / the services API - got leaked in the repo. The bot saw the PAT and revoked it because someone else could come along and use it to gain access to their repo or impersonate them.
Real June Cleaver “Pardon me, I speak jive” energy coming from this post lol (I mean this as a compliment)