scopes for github oauth #29
Labels
Comments
julien-nc
pushed a commit
that referenced
this issue
Sep 1, 2021
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
|
Yes well, when using OAuth, we request more scopes than when using a personal token. It's not a big deal as the app never makes any action which require the Keep in mind that the instructions in the settings are for personal tokens and the line you mention is about the scopes that are required when getting a token via OAuth. Did I understand your concern? Anyway, for security reasons, let's limit the OAuth scopes as much as possible, you're right. it's done and pushed. It will be included in the next release. |
|
Yes, indeed, both scopes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
integration_github/src/components/PersonalSettings.vue
Line 182 in 318bbd1
In this line more access is requested compared to what is described in settings. Should it not be
read:user user:email notificationsinstead to be more specific?As mentioned in the "connected accounts" GitHub settings hint, you should check "read:user", "user:email" and "notifications" permissions.
Originally posted by @eneiluj in #18 (comment)
The text was updated successfully, but these errors were encountered: