pkgctl: allow using encrypted/protected GitLab token
The GitLab token entered via pkgctl auth login
is stored in plain-text at ~/.config/devtools/gitlab.conf
with mode 0644. That looks insecure. Could you consider one of the following options?
- Allowing using encrypted/protected token. The
credential_process
trick for AWS [1] may be inspiring. It allows users to integrate their own credential management for use in AWS-related programs or libraries. - At least, using 0600 for the file with token.
[1] https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html