In the database, passwords in the 'repositories' table are stored in cleartext. This feels like a bad idea to me, and I was happy to notice that user passwords are stored differently. Shouldn't repository passwords also be hashed in a similar fashion? Is there other potentially sensitive information that is stored in cleartext?