-
Notifications
You must be signed in to change notification settings - Fork 529
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't require write access to repository when moderation=true, fork instead of branch #98
Comments
moderation=true
, clone instead of branch
The Gitter Badger works this way, FWIW. |
So I tracked down the documentation for the github Node.js module being used, and apparently it explicitly disallows pull requests from separate repositories. In Pull Requests - Create:
This is strange. This Node.js module is a wrapper for the github API, which allows such pull requests. The notorious GitHub bot image-optimiser used the Ruby gem httparty to directly access the API and make such pull requests, as can be seen in its source code. The github API has not disallowed this since image-optimiser was active, since Gitter Badger still does it, as @meitar pointed out. |
This sounds interesting. I'd love to see a PR! :) |
Actually I misinterpreted the documentation for the github module. It's totally possible to pull in changes from a separate repository. All that the passage in the documentation said is that the repository that changes are being pulled into must be the same repository that has the pull request on it, which makes a lot of sense. |
Add background-position to bigimg's configurable per image.
The staticman github bot shouldn't need write access to the repository if
moderation
is set totrue
. Instead of branching and making a pull request, it can fork and make a pull request. This way there is less at stake if the bot is compromised.The text was updated successfully, but these errors were encountered: