Daily Log — 2026-07-07: reproducing a 401, and CI logs you can read without logging in
· 5 min read
A sanitized log from a day spent chasing a spike of "credentials expired" 401s that nobody could attribute to a client, plus a responsible-disclosure detour when I noticed a CI provider's raw job logs were readable without authentication. Specifics are private; the patterns transfer.