{"id":5124,"date":"2025-03-25T12:14:42","date_gmt":"2025-03-25T12:14:42","guid":{"rendered":"https:\/\/signmycode.com\/blog\/?p=5124"},"modified":"2025-03-25T12:27:35","modified_gmt":"2025-03-25T12:27:35","slug":"github-supply-chain-attack-expose-secrets-across-218-repositories","status":"publish","type":"post","link":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories","title":{"rendered":"GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">A major supply chain attack has exposed sensitive CI\/CD secrets in GitHub Action tj-actions\/changed-files, known as CVE-2025-30066, across 218 repositories.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This incident has raised significant concerns about security and is connected to an earlier attack on the other GitHub Action, reviewdog\/action-setup@v1, tracked as CVE-2025-30154.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">While only 4% of the 5,416 repositories that were affected had secrets leaked, the damage is severe. Some of the repositories compromised have hundreds of thousands of stars and tens of thousands of forks, which all increase the <a href=\"https:\/\/signmycode.com\/blog\/software-supply-chain-attacks-notable-examples-and-prevention-strategies\">risk of supply chain attacks<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-timeline-of-the-attack\">Timeline of the Attack:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>March 11, 2025:<\/strong> Attackers compromise reviewdog\/action-setup@v1 which could have obtained a GitHub personal access token (PAT) for the bot configured to manage tj-actions\/changed-files.<\/li>\n\n\n\n<li><strong>March 14, 2025 (4:00 PM UTC):<\/strong> Attackers create a malicious commit to tj-actions\/changed-files that allows the code to dump CI\/CD secrets into publicly viewable logs.<\/li>\n\n\n\n<li><strong>March 15, 2025 (2:00 PM UTC): <\/strong>GitHub removes the Action that generated the leaked secrets.<\/li>\n\n\n\n<li><strong>March 15, 2025 (10:00 PM UTC):<\/strong> The repository is restored but the damage is done.<\/li>\n\n\n\n<li><strong>March 19, 2025:<\/strong> Security researchers confirm multiple additional reviewdog actions are likely compromised.<\/li>\n\n\n\n<li><strong>March 20, 2025:<\/strong> Cyber Security organizations including CISA advise organizations to rotate secrets and audit workflows.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-scope-of-the-breach\">Scope of the Breach<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The GitHub Action supply chain attack affected<strong> tj-actions\/changed-files<\/strong>, a popular and widely used repository that impacted thousands of software projects.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong><em>According to Endor Labs, the attack compromised 5,416 repositories used by 4,072 organizations. 614 repositories ran workflows that incorporated the malicious action.<\/em><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">218 repositories were found to have exposed credentials (e.g., GitHub tokens) in publicly accessible logs.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">While this number is small considering that more than 23,000 repositories are using the compromised action, the security implications are concerning.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Some of the affected repositories have more than 350,000 stars and over 63,000 forks, indicating that an attack success could lead to additional potential supply chain attacks against a broader swath of developers or organizations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <br><a href=\"https:\/\/signmycode.com\/blog\/new-ci-cd-attack-in-pytorch-supply-chain-that-exploiting-github-self-hosted-action-runner\">Researchers Demo New CI\/CD Attack in PyTorch Supply-Chain that Exploiting GitHub Self-Hosted Action Runner<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-what-was-leaked\">What Was Leaked?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The compromised credentials were primarily GitHub tokens, which are set to expire within 24 hours.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Other credentials included AWS keys, npm tokens, DockerHub credentials, and private RSA keys, which pose multi-layered security risks as they could be potentially exposed for years.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-link-to-reviewdog-attack-cve-2025-30154\">Link to Reviewdog Attack (CVE-2025-30154)<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Security researchers ultimately traced the compromise of<strong> tj-actions\/changed-files<\/strong> to an earlier supply chain attack on reviewdog\/action-setup@v1, which occurred on March 11, 2025.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <a href=\"https:\/\/signmycode.com\/blog\/cyberlink-breached-through-supply-chain-attack-by-north-korean-hackers\">CyberLink Breached Through Supply Chain Attack By North Korean Hackers<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The reviewdog attack exposed a GitHub PAT used by a bot, allowing attackers to alter <strong>tj-actions\/changed-files<\/strong>. With the connection between the two attacks, experts suggest that there may be consequences for other GitHub Actions as well.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Reviewdog actions that may be compromised include:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>reviewdog\/action-shellcheck<\/li>\n\n\n\n<li>reviewdog\/action-composite-template<\/li>\n\n\n\n<li>reviewdog\/action-staticcheck<\/li>\n\n\n\n<li>reviewdog\/action-ast-grep<\/li>\n\n\n\n<li>reviewdog\/action-typos<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">This indicates a broader supply chain attack campaign, where attackers have compromised one GitHub Action and used the information to compromise another.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-mitigation-and-security-recommendations\">Mitigation and Security Recommendations<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">To mitigate impacts associated with the GitHub Action supply chain attack and to take steps to avoid similar incidents, organizations need to take immediate security action.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Organizations should rotate any secrets that have been exposed in affected repositories, such as GitHub tokens, AWS keys, and npm credentials, in order to prevent further unauthorized access.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Recommended:<\/strong> <a href=\"https:\/\/signmycode.com\/blog\/nist-supply-chain-security-guidance-for-ci-cd-environments\">NIST Supply Chain Security Guidance for CI\/CD Environments<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Developers should also audit their CI\/CD workflows for any unexpected output in the \u2018changed-files\u2019 section of those workflows and verify that compromised commits are not referenced in the workflows at all.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">GitHub recommends updating workflows to reference specific commit SHAs in the workflow instead of mutable tags (e.g., v1 or latest), which limits an attacker&#8217;s ability to inject malicious code into an already tagged version.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition, logs for workflows should be configured as private so that credential information is not leaked in logs that are publicly accessible.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Organizations should put in place strict pipeline access controls&#8211;to determine who can modify and execute GitHub Actions for their repositories-long term.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This can be combined with a trusted GitHub action allow-listing approach to limit the options available to any potentially unwanted or compromised external third-party tools from being in a workflow.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Security teams should regularly review GitHub Personal Access Tokens (PATs) and enforce multi-factor authentication (MFA) for developers with elevated permission or access.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The Cybersecurity and Infrastructure Security Agency (CISA) has included CVE-2025-30066 in its Known Exploited Vulnerabilities Catalog. It encourages all affected users to report any suspicious activity or breaches as soon as possible.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Finally, as they move forward, development teams should watch for security advisories and proactively implement GitHub\u2019s security hardening best practices to reduce the risk of future supply-chain attacks.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusion\"><a><\/a>Conclusion<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">In order to ensure a secure software ecosystem and to defend against supply chain attacks, your organization should proactively use <a href=\"https:\/\/signmycode.com\/digicert-software-trust-manager\">DigiCert Software Trust Manager<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The DigiCert portfolio provides enterprise-hardened secure code signing, threat detection scanning, and CI\/CD pipeline automation services to help explicitly manage the integrity of your software supply chain.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">DigiCert is a leading software and code signing provider, securing more than 90% of the world&#8217;s software supply chains, inoculating organizations against unauthorized access and malware through role-based permission controls and deep insights into software binaries, all while managing complex DLP policies.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Protecting your business begins now\u2014using DigiCert Software Trust Manager to mobilize your users to safeguard a secure, policy-driven software security strategy.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Also Read:<\/strong> <a href=\"https:\/\/signmycode.com\/blog\/what-is-a-software-bill-of-material-sbom-and-supply-chain-security\">What is a Software Bill of Material? SBOM and Supply Chain Security<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Don&#8217;t leave your software vulnerable in the &#8220;trust and understand but looking away&#8221; category, consider an upgrade or integration with DigiCert Software Trust Manager to protect, and take action to deploy and fend off new threats to supply chains.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A major supply chain attack has exposed sensitive CI\/CD secrets in GitHub Action tj-actions\/changed-files, known as CVE-2025-30066, across 218 repositories. This incident has raised significant concerns about security and is connected to an earlier attack on the other GitHub Action, reviewdog\/action-setup@v1, tracked as CVE-2025-30154. While only 4% of the 5,416 repositories that were affected had&hellip; <a class=\"more-link\" href=\"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories\">Read More <span class=\"screen-reader-text\">GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories<\/span><\/a> <\/p>\n","protected":false},"author":1,"featured_media":5125,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[458,457],"tags":[811],"class_list":["post-5124","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","category-developers-guide","tag-github-supply-chain-attack","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.6 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>GitHub Supply Chain Attack Expose Secrets Across 218 Repositories<\/title>\n<meta name=\"description\" content=\"A recent supply chain attack compromised the tj-actions\/changed-files GitHub Action, impacting over 23,000 repositories.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories\" \/>\n<meta property=\"og:description\" content=\"A recent supply chain attack compromised the tj-actions\/changed-files GitHub Action, impacting over 23,000 repositories.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories\" \/>\n<meta property=\"og:site_name\" content=\"SignMyCode - Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-25T12:14:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-25T12:27:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2025\/03\/gitHub-security-supply-chain-attack.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"912\" \/>\n\t<meta property=\"og:image:height\" content=\"453\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories\",\"url\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories\",\"name\":\"GitHub Supply Chain Attack Expose Secrets Across 218 Repositories\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/gitHub-security-supply-chain-attack.webp\",\"datePublished\":\"2025-03-25T12:14:42+00:00\",\"dateModified\":\"2025-03-25T12:27:35+00:00\",\"description\":\"A recent supply chain attack compromised the tj-actions\\\/changed-files GitHub Action, impacting over 23,000 repositories.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories#primaryimage\",\"url\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/gitHub-security-supply-chain-attack.webp\",\"contentUrl\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/gitHub-security-supply-chain-attack.webp\",\"width\":912,\"height\":453,\"caption\":\"Supply Chain Attack on GitHub Action\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/github-supply-chain-attack-expose-secrets-across-218-repositories#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/\",\"name\":\"SignMyCode - Blog\",\"description\":\"Code Signing News, Updates\",\"publisher\":{\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/#organization\",\"name\":\"SignMyCode.com\",\"url\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/logo1.png\",\"contentUrl\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/logo1.png\",\"width\":135,\"height\":86,\"caption\":\"SignMyCode.com\"},\"image\":{\"@id\":\"https:\\\/\\\/signmycode.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"GitHub Supply Chain Attack Expose Secrets Across 218 Repositories","description":"A recent supply chain attack compromised the tj-actions\/changed-files GitHub Action, impacting over 23,000 repositories.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories","og_locale":"en_US","og_type":"article","og_title":"GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories","og_description":"A recent supply chain attack compromised the tj-actions\/changed-files GitHub Action, impacting over 23,000 repositories.","og_url":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories","og_site_name":"SignMyCode - Blog","article_published_time":"2025-03-25T12:14:42+00:00","article_modified_time":"2025-03-25T12:27:35+00:00","og_image":[{"width":912,"height":453,"url":"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2025\/03\/gitHub-security-supply-chain-attack.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories","url":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories","name":"GitHub Supply Chain Attack Expose Secrets Across 218 Repositories","isPartOf":{"@id":"https:\/\/signmycode.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories#primaryimage"},"image":{"@id":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories#primaryimage"},"thumbnailUrl":"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2025\/03\/gitHub-security-supply-chain-attack.webp","datePublished":"2025-03-25T12:14:42+00:00","dateModified":"2025-03-25T12:27:35+00:00","description":"A recent supply chain attack compromised the tj-actions\/changed-files GitHub Action, impacting over 23,000 repositories.","breadcrumb":{"@id":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories#primaryimage","url":"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2025\/03\/gitHub-security-supply-chain-attack.webp","contentUrl":"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2025\/03\/gitHub-security-supply-chain-attack.webp","width":912,"height":453,"caption":"Supply Chain Attack on GitHub Action"},{"@type":"BreadcrumbList","@id":"https:\/\/signmycode.com\/blog\/github-supply-chain-attack-expose-secrets-across-218-repositories#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/signmycode.com\/blog\/"},{"@type":"ListItem","position":2,"name":"GitHub Supply Chain Attack: CVE-2025-30066 and CVE-2025-30154 Expose Secrets Across 218 Repositories"}]},{"@type":"WebSite","@id":"https:\/\/signmycode.com\/blog\/#website","url":"https:\/\/signmycode.com\/blog\/","name":"SignMyCode - Blog","description":"Code Signing News, Updates","publisher":{"@id":"https:\/\/signmycode.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/signmycode.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/signmycode.com\/blog\/#organization","name":"SignMyCode.com","url":"https:\/\/signmycode.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/signmycode.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2021\/10\/logo1.png","contentUrl":"https:\/\/signmycode.com\/blog\/wp-content\/uploads\/2021\/10\/logo1.png","width":135,"height":86,"caption":"SignMyCode.com"},"image":{"@id":"https:\/\/signmycode.com\/blog\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/posts\/5124","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/comments?post=5124"}],"version-history":[{"count":2,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/posts\/5124\/revisions"}],"predecessor-version":[{"id":5128,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/posts\/5124\/revisions\/5128"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/media\/5125"}],"wp:attachment":[{"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/media?parent=5124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/categories?post=5124"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/signmycode.com\/blog\/wp-json\/wp\/v2\/tags?post=5124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}