Only ask for public read-only OAuth scope for signers #54
Assignees
Comments
ghost
assigned 
|
Just wanted to note that I was about to sign and contribute to some project, but couldn't go ahead due to this scope issue. First time I'm encountering clahub, and the idea seems great, but this really needs to be resolved. |
Closed
|
We're looking at deploying clahub and I believe that this is a high barrier for entry for developers active on many projects. I see the permissions here: https://github.com/clahub/clahub/blob/master/config/initializers/omniauth.rb#L9 Can anyone give a suggestion on what it would take to change this? |
|
👍 |
|
+1 |
|
This looks sweet, but I'm hitting the same thing as everyone else. Too many permissions requested. |
|
Can this be closed? #101 (comment) |
|
Closing! See #101 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We only need the
public_reposcope for people who make agreements. People who are signing agreements really only need their identity provided by GitHub, so we should only ask for the(no scope)"Public read-only-access" GitHub OAuth scope.Related to, but different from, #17
The text was updated successfully, but these errors were encountered: