Comments (4)
I vaguely remember having seen a similar issues earlier... #95 and #96 also reported too broad permissions. Maybe we should start with again, with an empty list and just adding permissions as they are really needed, instead of going for the convenient approach?
from stryker-dashboard.
Browsing the code I see that it specifically checks for 'push' access - isn't this a way to verify that someone creating the dashboard account/report actually has ownership of the repo/org they're trying to create the report for?
[edit] As @mthmulders says, #96 actually describes this.
from stryker-dashboard.
It seems that we are requesting too many scopes here:
stryker-dashboard/packages/website-backend/src/api/auth/GithubAuth.ts
Lines 19 to 20 in 87fe0b1
from stryker-dashboard.
It seems that simply removing 'repo:status'
seems to work.
from stryker-dashboard.
Related Issues (20)
- Dashboard documentation seems hard to find HOT 1
- Dashboard a bit slow to load
- Sort repositories by type
- Slow redirection
- Display non-private repositories
- Make the mutation ID's optionals HOT 1
- Issue with shared xmldom org HOT 2
- Stryker badge should have the word "report" in the label
- GitHub reporter HOT 6
- How to delete a module on dashboard? HOT 2
- Why does signing up to the dashboard requires write commit access? HOT 3
- [feature-request] Support storage other than Azure ? HOT 1
- Private repositories HOT 1
- Prevent module overwrite, allow clear/remove based on configuration HOT 6
- Stryker dashboard support for private repos HOT 2
- “Report does not exist” in my dashboard HOT 2
- Support HEAD branch HOT 5
- Consider replacing `unpkg` CDN HOT 2
- Badge API is not working HOT 1
- Enable deletion of outdated modules in the dashboard reports
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from stryker-dashboard.