<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:26:43 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[RANCHER-171] Replace Rancher GitHub token for security</title>
                <link>https://folio-org.atlassian.net/browse/RANCHER-171</link>
                <project id="10136" key="RANCHER">rancher</project>
                    <description>&lt;p&gt;&lt;b&gt;Purpose/Overview:&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;Rancher has a GitHub token that still uses the old GitHub authentication format.&lt;/p&gt;

&lt;p&gt;Reset that token and replace it by a token in the new GitHub authentication format for better security.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Notices from GitHub:&lt;/b&gt;&lt;/p&gt;
&lt;blockquote&gt;&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on August 20th, 2021 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36).&lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; .&lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;&#160; and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; .&lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;&#160;&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on October 20th, 2021 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36).&lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; .&#160;&lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;&#160; and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; .&#160;&lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;.&lt;/p&gt;&lt;/blockquote&gt;
&lt;p&gt;&#160;&lt;/p&gt;

&lt;blockquote&gt;&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on November 20th, 2021 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36).&lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; .&lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;&#160; and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; .&lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;.&lt;/p&gt;&lt;/blockquote&gt;
&lt;p&gt;&#160;&lt;/p&gt;

&lt;blockquote&gt;&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on December 20th, 2021 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36).&lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; .&lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;&#160; and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; .&lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;.&lt;/p&gt;&lt;/blockquote&gt;

&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on January 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;


&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on February 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;


&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on March 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;


&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on April 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;


&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on May 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;


&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on June 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;


&lt;blockquote&gt;
&lt;p&gt;We noticed that an application, FOLIO Rancher, owned by an organization you are an admin of, folio-org, used a token with an outdated format to access the GitHub API on July 20th, 2022 at 00:00 (UTC), with a user-agent header of Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36). &lt;/p&gt;

&lt;p&gt;In order to provide additional security benefits to all our customers, we recently updated the format of our API authentication tokens. We encourage you to reset any authentication tokens used by this app, as well as tokens used by any other apps you may have, with our reset token API &amp;lt;&lt;a href=&quot;https://docs.github.com/en/rest/reference/apps#reset-a-token/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/reference/apps#reset-a-token/&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;Alternatively, you can prompt your users to step through the authorization flow again, as outlined in the docs for either GitHub Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/identifying-and-authorizing-users-for-github-apps&lt;/a&gt;&amp;gt;  and OAuth Apps &amp;lt;&lt;a href=&quot;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/developers/apps/authorizing-oauth-apps&lt;/a&gt;&amp;gt; . &lt;/p&gt;

&lt;p&gt;To understand more about this change and why it&apos;s important, visit &lt;a href=&quot;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats&lt;/a&gt;. &lt;/p&gt;&lt;/blockquote&gt;</description>
                <environment></environment>
        <key id="52384">RANCHER-171</key>
            <summary>Replace Rancher GitHub token for security</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10002" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p3.svg">P3</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5e01c637cbf1830daa9b9c65">kseniia_dubniak</assignee>
                                                                <reporter accountid="5ee89462f7aa140abd82d11d">Julian Ladisch</reporter>
                                    <labels>
                            <label>reviewed</label>
                            <label>security</label>
                            <label>security-reviewed</label>
                    </labels>
                <created>Mon, 26 Jul 2021 13:43:42 +0000</created>
                <updated>Thu, 25 Aug 2022 08:23:08 +0000</updated>
                            <resolved>Thu, 25 Aug 2022 08:23:08 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>7</watches>
                                                                <comments>
                                                            <comment id="123779" author="5cf6c546b87c300f36eb7b9a" created="Thu, 20 Jan 2022 16:45:09 +0000"  >&lt;p&gt;Assigning to Kitfox, as I believe they manage the scratch/rancher envs.&#160;&#160;attn. &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=61e1a06fe67ea2006b5b23af&quot; class=&quot;user-hover&quot; rel=&quot;61e1a06fe67ea2006b5b23af&quot; data-account-id=&quot;61e1a06fe67ea2006b5b23af&quot; accountid=&quot;61e1a06fe67ea2006b5b23af&quot; rel=&quot;noreferrer&quot;&gt;Dilshod_Khusanov&lt;/a&gt;&#160;&lt;/p&gt;

&lt;p&gt;FYI &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; class=&quot;user-hover&quot; rel=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; data-account-id=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; accountid=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; rel=&quot;noreferrer&quot;&gt;Jakub Skoczen&lt;/a&gt;&#160;- it isn&apos;t clear if the DevOps team needs to do anything here, or if Kitfox can handle it on their own.&lt;/p&gt;</comment>
                                                            <comment id="123781" author="5f9abc1eb45b2e007453f423" created="Fri, 25 Feb 2022 17:32:14 +0000"  >&lt;p&gt;This is the client key owned by the FOLIO Rancher OAUTH app which is managed in the top-level github.com/folio-org settings.    The key was used on a per project basis in Rancher to configure access to all FOLIO repos (github.com/folio-org) for use in Rancher Pipelines.   It doesn&apos;t appear that most Rancher projects even have this configured.  If we are no longer supporting or using Rancher pipelines,  we can revoke the existing key and not generate a new one.      The client id associated with this key is: 8fd55ccf70c14f6f530e.   &lt;/p&gt;

&lt;p&gt;Let me know what you want to do.  &lt;/p&gt;</comment>
                                                            <comment id="123783" author="5f9abc1eb45b2e007453f423" created="Fri, 25 Feb 2022 17:33:34 +0000"  >&lt;p&gt;Example where this is configured:  &lt;a href=&quot;https://rancher.dev.folio.org/p/c-479xv:p-8gnfv/pipeline&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://rancher.dev.folio.org/p/c-479xv:p-8gnfv/pipeline&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="123785" author="712020:a5c28de9-094e-4e90-a09f-78e64621c1c0" created="Mon, 28 Feb 2022 20:46:31 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5f9abc1eb45b2e007453f423&quot; class=&quot;user-hover&quot; rel=&quot;5f9abc1eb45b2e007453f423&quot; data-account-id=&quot;5f9abc1eb45b2e007453f423&quot; accountid=&quot;5f9abc1eb45b2e007453f423&quot; rel=&quot;noreferrer&quot;&gt;John Malconian&lt;/a&gt; &#160;So, we have two things. The first one it&apos;s Rancher authentication that uses the GitHub token and the second one it&apos;s Rancher Pipelines that you described. As I know, we don&apos;t use the Rancher Pipelines at all (especially for my team), but for Rancher authentication, we use the same GitHub token I think.&lt;/p&gt;</comment>
                                                            <comment id="123787" author="5f9abc1eb45b2e007453f423" created="Mon, 28 Feb 2022 20:56:47 +0000"  >&lt;p&gt;Ahh.  Ok. Thanks, &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=999854%3A82b14fd5-2a69-4a4f-8844-1f20a3ae67cb&quot; class=&quot;user-hover&quot; rel=&quot;999854:82b14fd5-2a69-4a4f-8844-1f20a3ae67cb&quot; data-account-id=&quot;999854:82b14fd5-2a69-4a4f-8844-1f20a3ae67cb&quot; accountid=&quot;999854:82b14fd5-2a69-4a4f-8844-1f20a3ae67cb&quot; rel=&quot;noreferrer&quot;&gt;Former user&lt;/a&gt;.  I&apos;ll verify that and update the token for Rancher authentication and make the change in Rancher if that is the case.&lt;/p&gt;</comment>
                                                            <comment id="123788" author="5f9abc1eb45b2e007453f423" created="Mon, 28 Feb 2022 21:35:05 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=712020%3Aa5c28de9-094e-4e90-a09f-78e64621c1c0&quot; class=&quot;user-hover&quot; rel=&quot;712020:a5c28de9-094e-4e90-a09f-78e64621c1c0&quot; data-account-id=&quot;712020:a5c28de9-094e-4e90-a09f-78e64621c1c0&quot; accountid=&quot;712020:a5c28de9-094e-4e90-a09f-78e64621c1c0&quot; rel=&quot;noreferrer&quot;&gt;Vasili Kapylou&lt;/a&gt; I&apos;ve generated a new github OAUTH token and reconfigured Rancher authentication to use the new token.  You can close this issue unless you notice any problems. &lt;/p&gt;</comment>
                                                            <comment id="123789" author="712020:a5c28de9-094e-4e90-a09f-78e64621c1c0" created="Tue, 1 Mar 2022 08:36:12 +0000"  >&lt;p&gt;Everything is working fine. Thank you &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5f9abc1eb45b2e007453f423&quot; class=&quot;user-hover&quot; rel=&quot;5f9abc1eb45b2e007453f423&quot; data-account-id=&quot;5f9abc1eb45b2e007453f423&quot; accountid=&quot;5f9abc1eb45b2e007453f423&quot; rel=&quot;noreferrer&quot;&gt;John Malconian&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="123790" author="5ee89462f7aa140abd82d11d" created="Tue, 22 Mar 2022 08:20:18 +0000"  >&lt;p&gt;Reopening because GitHub reports that the token with an outdated format is still in use, see Jira description.&lt;/p&gt;</comment>
                                                            <comment id="123792" author="5ee89462f7aa140abd82d11d" created="Wed, 20 Apr 2022 13:21:55 +0000"  >&lt;p&gt;GitHub reports that the outdated token format is still in use.&lt;/p&gt;</comment>
                                                            <comment id="123794" author="5f9abc1eb45b2e007453f423" created="Tue, 23 Aug 2022 12:38:13 +0000"  >&lt;p&gt;The new token (client ID and client secret) is stored in AWS Secrets Manager (us-east-1).  The secret name is called &apos;folio-rancher-ci-oauth&apos;.    The old token has a client ID of 8fd55ccf70c14f6f530e and a client secret that ends in &apos;aefb405d&apos;.    Hopefully that will help find the old token in Rancher.&lt;/p&gt;</comment>
                                                            <comment id="123796" author="5ee89462f7aa140abd82d11d" created="Tue, 23 Aug 2022 16:11:52 +0000"  >&lt;p&gt;GitHub did NOT repeat the notice on August 20th, 2022. It seems that the issue has been resolved. Thanks!&lt;/p&gt;</comment>
                                                            <comment id="123799" author="5e01c637cbf1830daa9b9c65" created="Thu, 25 Aug 2022 07:29:33 +0000"  >&lt;p&gt;If it`s happened again need to assign the task to a person who has admin rights in GitHub and is able to work with OAuth Apps.&lt;/p&gt;

&lt;p&gt;Need to check token &lt;a href=&quot;https://docs.github.com/en/rest/apps/oauth-applications#check-a-token&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/apps/oauth-applications#check-a-token&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;And if it is not suitable for GitHub token try to reset it &lt;a href=&quot;https://docs.github.com/en/rest/apps/oauth-applications#reset-a-token&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.github.com/en/rest/apps/oauth-applications#reset-a-token&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10002">
                    <name>Duplicate</name>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="79730">FOLIO-3169</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10161"><![CDATA[Kitfox]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10063" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>PO Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|hzx1te:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="609">Kitfox: sprint 146</customfieldvalue>
    <customfieldvalue id="290">Kitfox: sprint 133</customfieldvalue>
    <customfieldvalue id="1831">Kitfox: sprint 147</customfieldvalue>
    <customfieldvalue id="168">Kitfox: sprint 134</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10044" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 20 Jan 2022 16:45:09 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>