cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon buildkite

GitHub scopes too large?

Open toolmantim opened this issue 7 years ago • 2 comments

Is all we need a list of repos? There's a new GitHub App permissions scope that can give you that, without all this:

image

If we are asking for a god token, perhaps we need to spell out why a little more?

Also perhaps we need to say that the GitHub authorisation is only valid to your cli, and can't be used outside of the cli (if we were, say, to update the GitHub App settings or something). Assuming that's correct? I was only a little more comfortable once I noticed the 127.0.0.1 redirect at the bottom of the authorise screen.

toolmantim avatar Jun 11 '18 01:06 toolmantim

Yup, super valid point. I wrote the OAuth stuff ages ago, we should work on a principle of least privilege required.

lox avatar Jun 11 '18 11:06 lox

We need to write GitHub Webhooks, which unfortunately means we need to ask for all these things.

lox avatar Feb 04 '19 02:02 lox