Closed gr2m closed 4 years ago
The problem is that permissions.push is set to false, even when the installation has write access to the repository.
permissions.push
https://github.com/gr2m/octokit-plugin-create-pull-request/blob/a3cabf5c0c36d574146119af6d787c77d80f5b79/src/create-pull-request.ts#L43
Checking for that property is not enough. One way we could check if the current authorization is a user or not is to check for the presence of the X-OAuth-Scopes response header:
X-OAuth-Scopes
X-OAuth-Scopes lists the scopes your token has authorized.
https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/
fixed via #49
The problem is that
permissions.push
is set to false, even when the installation has write access to the repository.https://github.com/gr2m/octokit-plugin-create-pull-request/blob/a3cabf5c0c36d574146119af6d787c77d80f5b79/src/create-pull-request.ts#L43
Checking for that property is not enough. One way we could check if the current authorization is a user or not is to check for the presence of the
X-OAuth-Scopes
response header:https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/