Every developer who has ever pressed the period key on a GitHub repository, launching the convenient browser-based VS Code editor known as GitHub.dev, has unknowingly accepted a bargain. In exchange for a lightweight coding environment, GitHub silently passes an OAuth token to the session, one that grants read and write access to every repository the user […]This story continues at The Next Web