Add prefix to OAuth application secrets
Much like Personal Access Tokens with the glpat-
prefix, adding a prefix to OAuth application secrets (and potentially application IDs as well?) would make it easier for secret detection and incident response to be effective.
This would be for new secrets only, does not include a migration of existing application secrets to use a prefix.
Edited by Jessie Young