#52 Twitter API Key is Public
Opened 8 months ago by thelittlewonder. Modified 7 months ago

The Bearer Token is Publically available at https://pagure.io/Fedora-app/blob/master/f/src/providers/tw/tw.ts (Line17)

Anyone can use this token to make calls to the Twitter API and exhaust the limit of the key. Also this is a bad developer practice.


PR merged, please close this

Login to comment on this ticket.

Metadata