Private group assignment repositories can still be cloned by anyone in the classroom organization #311
Comments
Never mind. If you tunnel into the settings for the classroom organization, you can modify the default rights from "read" to "none". |
@ajarmst You shouldn't need to modify team settings in your organization. Can you describe the issue you had step by step, what the results you expected were, and what the actual results were? That'd be really helpful in determining if this is a bug and something that needs to be fixed. |
@johndbritton with the new organization permissions there are now different levels of repository permissions. Setting the level of permission to In order for them to be visible to just the admins and the teams/collaborators that work on them you need to set the permission level to |
I agree @johndbritton, setting everyone as outside collaborators will solve this issue. |
Following the principal of "default to fewer permissions", perhaps the default repository permission for Classroom groups should be "None" rather than the current "Read". |
@ajarmst Yes, I agree. We don't have a way to control that setting via the GitHub API, but we do have a solution in the works that will resolve this issue. |
Result is that student groups can easily see each other's code in even private repo assignments. Bug?
The text was updated successfully, but these errors were encountered: