Does anyone know why the default Nx cloud tokens are read-only for local and read/write for CI?
Are there major downsides in having read/write local tokens (security?)
yes, it’s about security. if you trust all your developers, then having read/write for local would work too. the problem is that with a read/write token a malicious developer could put whatever they want in your cache
Makes sense. I guessed that part but was wondering if any other “concurrency” issues could crop up as a result, but I suppose that you cache things based on hashes, so it should be okay consistency-wise