Hi there, GitScan detected `GitHub token (Classic PAT)` possibly leaked in your public repository. ### Details - **File**: [scripts/track-prs-simple.sh](https://github.com/code-orange-dev/grad-pipeline/blob/e7ade885c0b693dd569bd91ab955922973fe11cc/scripts/track-prs-simple.sh#L4) - **Line**: 4 - **Commit**: [`e7ade88`](https://github.com/code-orange-dev/grad-pipeline/commit/e7ade885c0b693dd569bd91ab955922973fe11cc) - **Snippet** (redacted): ``` export GITHUB_TOKEN="${GITHUB_TOKE********************************Khw}" ``` ### Recommended actions 1. **Revoke and rotate** this token under [GitHub → Settings → Developer settings](https://github.com/settings/personal-access-tokens) (or your org’s fine-grained PAT policies). 2. Remove the secret from your code 3. Clean it from your Git history if possible 4. Push a new commit When you're ready, **[mark this finding as resolved on GitScan](https://gitscan.ai/resolve?utm_source=issue&utm_medium=disclosure&utm_campaign=auto_issue&utm_content=mark_resolved&finding=gs_def17846d5b3594c)** — we'll verify the fix automatically. You can also close this issue from GitHub if you prefer.
Hi there,
GitScan detected
GitHub token (Classic PAT)possibly leaked in your public repository.Details
e7ade88Recommended actions
When you're ready, mark this finding as resolved on GitScan — we'll verify the fix automatically. You can also close this issue from GitHub if you prefer.