Github Token Leakaegir
Affected versions of
aegir bundle and publish the current users github token to npm when
aegir-release is executed.
Update to version 12.0.8 or later.
If you used this module to do a release for your project you should invalidate the GitHub tokens that were leaked.
publishedAdvisory publishedOct 13th, 2017
reportedInitial report by David DiasOct 12th, 2017