A guide for rotating GitHub Personal Access Tokens (PATs) used by the stdlib project.

This document outlines the process for rotating GitHub Personal Access Tokens (PATs) used by the stdlib project.

Tokens should be rotated every 90 days to maintain security best practices.

1. Sign into GitHub with the stdlib-bot account. Credentials are stored in BitWarden under the "GitHub stdlib-bot" item of the "stdlib" team vault.

2. Go to https://github.com/settings/personal-access-tokens and https://github.com/settings/tokens to renew all tokens for 90 days.

3. Note down all new token values.

4. Update all the tokens in the "GitHub PAT Tokens" BitWarden item to their new values and update the "Expiration Date" custom field to the new expiration date.

5. Update the respective tokens in the following repositories:

   • https://github.com/stdlib-js/stdlib/settings/secrets/actions
   • https://github.com/stdlib-js/www-test-code-coverage/settings/secrets/actions
   • https://github.com/stdlib-js/www-status/settings/secrets/actions
   • https://github.com/stdlib-js/todo/settings/secrets/actions

• Ensure the new tokens have the same scope/permissions as the previous ones.
• Verify all GitHub Actions are working correctly after the token rotation.