On this example: https://unidata.github.io/siphon/latest/examples/Basic_Usage.html
Is there a best practice for obscuring the username/password information for the session manager? I am using a configuration paradigm so I can bring out my password into the config files to avoid putting my password in plaintext on GitHub but curious if there were any other strategies or recommendations. Thanks!
Storing credentials in a separate configuration file is a good start, so that at least the script doesn't have credentials hard-coded within. Another further step would be to store credentials encrypted, instead of in plain text. While decrypting would then require another e.g. password to decrypt, this could use an OS keyring, and be unlocked by e.g. login. This is quite a bit more involved than just reading a password from a file, and not readily done cross-platform.
