Skip to content

Conversation

@GG-HH
Copy link
Contributor

@GG-HH GG-HH commented Sep 30, 2025

Scope can be defined but is lot listed here, leading to tokens with this permission to fail.

I am wondering how we could make sure this is synced with the definitions of the labels or get rid of the definitions here.


Note

Adds missing PUBLIC_PERIMETER_VIEW (public-perimeter:read) to TokenScope and updates changelog.

  • Models:
    • Extend TokenScope in pygitguardian/models.py with PUBLIC_PERIMETER_VIEW (public-perimeter:read).
  • Changelog:
    • Add fragment noting fix for missing scope causing validation errors.

Written by Cursor Bugbot for commit 11aa579. This will update automatically on new commits. Configure here.

@GG-HH GG-HH requested a review from a team as a code owner September 30, 2025 15:38
@GG-HH GG-HH requested review from agateau-gg and removed request for agateau-gg September 30, 2025 15:39
@codecov-commenter
Copy link

codecov-commenter commented Sep 30, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.62%. Comparing base (684332d) to head (11aa579).

Additional details and impacted files
@@           Coverage Diff           @@
##           master     #155   +/-   ##
=======================================
  Coverage   95.62%   95.62%           
=======================================
  Files           5        5           
  Lines        1234     1235    +1     
=======================================
+ Hits         1180     1181    +1     
  Misses         54       54           
Flag Coverage Δ
unittests 95.62% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Scope can be defined but is lot listed here, leading to tokens with this permission to fail
@salome-voltz
Copy link
Contributor

@GG-HH, what do you mean by "leading to tokens with this permission to fail"? Can you link the ticket, or explain how to reproduce?

We are aware that there is a synchronization problem here, but we have tried to ensure that it no longer causes ggshield to crash. This is a bug on a different level.

@GG-HH
Copy link
Contributor Author

GG-HH commented Oct 14, 2025

@GG-HH, what do you mean by "leading to tokens with this permission to fail"? Can you link the ticket, or explain how to reproduce?

To reproduce:

  1. Create a token with all possible permissions (make sure to be in a workspace with public monitoring activated)
  2. Add this token to your ggshield environment
  3. Run a command such as ggshield secret scan path <whatever_file>
  4. ggshield scan will fail as the scope is unknown

@GG-HH GG-HH merged commit 785259c into master Oct 14, 2025
20 checks passed
@GG-HH GG-HH deleted the GG-HH-patch-1 branch October 14, 2025 09:30
@salome-voltz
Copy link
Contributor

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants