search

bower / registry

The Bower registry
https://registry.bower.io/packages
MIT License
292 stars 66 forks source link

non-owners return `GitHub.com error` #69

Closed desandro closed 9 years ago

desandro commented 10 years ago

Tried to unregister backbone-lite, a repo I am not a collaborator on. It returned GitHub.com error. Can we provide a better error for this? @jamesreggio

jamesreggio commented 10 years ago

@desandro, my PR should fix this.

Furthermore, you need to configure Heroku to set the REGISTRY_EDITORS_ID environment variable to bower in order for members of the Bower GitHub org to have the rights to remove any package.

desandro commented 10 years ago

My problem was that the GitHub.com error message is too broad, when it should be like Not authroized. You are not a repo owner or collaborator for this package.

jamesreggio commented 10 years ago

Yep, yep. That was a bug; it would be fixed by the above PR. If we decide not to merge it, I'll address the bug separately.

Also, thanks for the push access. Any chance you can confirm that the environment variable above has been set on the Heroku instance?

sheerun commented 9 years ago

I think both automation of deleting and allowing deletion for anyone if repo exists is too fragile. We can easily compromise whole registry this way. Closing this PR, please see: #110