> injecting signed JWTs How is that not secrets management? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		hinkley 1 day ago \| parent \| context \| favorite \| on: GitHub Actions has a package manager, and it might... > injecting signed JWTs How is that not secrets management?

nijave 12 hours ago [–]

It is. Just wanted to point out these flows are also possible on CI. In my other comment, I think it's more fair to differentiate long lived vs short lived secrets

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact