bug: GitHub classroom gives viewing access of a new repo to all previous teams #130232
Replies: 1 comment
-
ok, I tested everything again after the fork version rolled out, things seem to be working as expected now 🌮 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi everyone,
This bug has been around for some time. I have already seen it in a discussion this March and I hoped it would be fixed before the final release, but it is still present!
When using the "opt-in" version of the GitHub classroom (aka the forking version), the teams accepting the assignment sooner will have the view access to all repos of teams which accept it after them. Imagine a timeline:
team-A accepts the assignment -> team-B accepts the assignment -> team-C accepts the assignment
then, the viewing rights for each repo are:
repo of team A: team A - role: Admin/Write (depending on your settings)
repo of team B: team B - role: Admin/Write (depending on your settings) <---> team A - role: Read
repo of team C: team C - role: Admin/Write (depending on your settings) <---> team A - role: Read <--> team B - role: Read
Obviously, this is an issue as earlier accepting teams can spy on the other teams (but they can't spy back). Even when given admin rights, the teams cannot see another team's view rights over their repo and therefore cannot even set their repo private by hand. This action can be only done from the organization owner's side. Doing so would be really time consuming and all teams do not even accept the assignment at the same time...
I do not understand this behavior, it seems like the viewing rights get attached to the original repo and then propagate through forking over all later created repos. It is highly unwanted as students can very clearly see others solutions in the organization's
Repositories
tab.Can this please be fixed asap or can be the final move to the "opt-in" version postponed until this gets resolved? Otherwise the GitHub Classrooms become unusable for my application of hosting the final coding project of a university course.
Here are some supporting screenshots:
access to team A (as organization owner):
access to team B (as organization owner):
access to team C (as organization owner):
and access to team B as the student who created it:
Beta Was this translation helpful? Give feedback.
All reactions