-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
--dry-run
shouldn't test push permissions
#2232
Comments
I for one would absolutely love to see this implemented. I have I personally would expect As far as I can tell it would only need to disable Lines 83 to 101 in 2c30e26
and I am also happy to take a crack at implementing this myself. In fact I likely will shortly if someone else doesn't beat me to the punch. |
Wouldn't it be better if it simply checks if push is possible, but continues anyway if it fails? I just started with semantic-release and from the documentation on |
This new option will bypass checking remote access. It only works in dry run mode. This addresses semantic-release#2232.
New feature motivation
Or at least we should be able to disable the validation of push permissions.
When trying to validate a release in the context of a CI we do this with the least amount of permissions possible.
Running
semantic-release --dry-run
stops simply because it cannot push to the underlying repo.Requiring these kind of permissions in the current security landscape where we run with the least permissions possible.
New feature description
Separate the validation of credentials and the dry-running to allow for a reduced set of permissions passed in.
New feature implementation
Separating the 2 allows the user to pass in both flags if they wish to retain current behavior.
OR we could introduce a new switch that disables push validation as part of the dry-run.
If the team feels that this will be helpful, I'm happy to take a stab at it.
The text was updated successfully, but these errors were encountered: