Now install tools that are only available as github released binaries. And ensure that hashes match for that. Maybe install a tool that needs to be compiled.

What if, get this, we put the bash scripts in yaml. And then put it in kubernetes.

There are ways to have passwords transmitted completely encrypted, but it involves hitting the backend for a challenge, then using that challenge to encrypt the password client side before sending. It still gets decrypted on the backend tho before hash and store.

And what is the token in the link?

But Google that high? I wouldn’t have expected as high considering Apple (another one who takes a cut of mobile gaming) isn’t.

Yeah, but then you find out Gith lay eggs, which raises weird questions. Idk, maybe their closest analog is a platypus, which would make them far more adorable if they werent trying to separate your head from your neck so often.

Consider that a ‘username+password’ is much harder to ‘revoke’ individually. As in, you can have 3-4 API keys in use, and can revoke any one of them without having to change a password.

You can also change password independently of the keys, or have it linked so keys are revoked on a password change. It also allows traceability as to where accesses are coming from (auditability). If everything is using the same client-id+secret (or usn/pwd), you don’t know which ‘client’ is doing what.

Having played DOS2 with a controller & split screen, it worked just fine.

Slay the Spire is a complete 10/10 for deck builder roguelike.