search

github / safe-settings

ISC License
561 stars 137 forks source link

Collaborators are not watched when empty #619

Closed JakubBiel closed 2 months ago

JakubBiel commented 2 months ago

Problem Description

I appreciate this might be a limitation around GitHub API but when repository collaborators are empty, safe-settings won't modify the collaborators if an individual user has been added.

What is actually happening

Example config for repository

collaborators: []

teams:
  - name: some-team
    permission: admin
  - name: some-other-team
    permission: push

With this config, if a single collaborator (not a team) is given access manually it will go undetected, i.e. safe-settings will not remove the rogue collaborator.

What is the expected behavior

Manually added single collaborator is removed if not present in the settings.

Error output, if available

Context

Are you using the hosted instance of probot/settings or running your own?

If running your own instance, are you using it with github.com or GitHub Enterprise?

Version of probot/settings

Version of GitHub Enterprise

JakubBiel commented 2 months ago

Ah apologies, I wasn't running the latest version 🤦