TODO: somehow implement session caching to avoid re-authentication on every request save to repo secrets (but this needs permissions) ? use github cache API ? is this really secret enough ?