Remove Private Tokens from GitLab
In 10.0 we announced the deprecation of Private Tokens from GitLab with their removal in 10.2.
Proposal
- Remove Private API Token from
profile/account - Remove
API::Sessionwhich can be used to get the private token when providing username/password - Remove
UserWithPrivateDetailsentity. - Remove all API/web authentication using
private_tokenorauthentication_token(they're the same thing) - Migrate Private tokens to PATs with the
apiscope, as well as thesudoscope if the user is an admin (depends on https://gitlab.com/gitlab-org/gitlab-ce/issues/38447)
Edited by Douwe Maan