I see in the settings that I can mirror my project to a GitHub repo, and that I need to put in the authentication credentials for the repo I want to mirror to. Is this safe? I would normally think that having any service store my login username and password in plain text when I sign in would not be safe. Am I not understanding something? Shouldn’t this authenticate with OAuth instead?