Storage of token secret in cleartext

[jennydaman]

cumin/src/config/config.ts

Lines 80 to 81 in 22a83fa

	this.tokenFile = name.replace("/", "_") + "_token.txt";
	this.tokenFilepath = options.tokenFilepath || "";

Secrets should not be written in cleartext to files. Popular alternative solutions include:

• Obfuscation (e.g. docker login, podman login, popular pick is to use base64 encoding). Bad but better than nothing.
• System keyring (e.g. https://pypi.org/project/keyring/), usually works ok, in some cases decoupled integration with password managers is achieved