Based on some quick tests it seems like this plugin is able to function correctly with the read_api scope instead of the read/write api scope, and it wasn't immediately clear to me from the source code if there's anything that needs to modify state on the GitLab server.
Would it be possible to switch from api to read_api? Or offer a defaulted-to-api checkbox for backwards compatibility? I prefer keeping applications and PAT scopes as minimal as possible for security.
What feature do you want to see added?
Based on some quick tests it seems like this plugin is able to function correctly with the
read_api
scope instead of the read/writeapi
scope, and it wasn't immediately clear to me from the source code if there's anything that needs to modify state on the GitLab server.Would it be possible to switch from
api
toread_api
? Or offer a defaulted-to-api
checkbox for backwards compatibility? I prefer keeping applications and PAT scopes as minimal as possible for security.Upstream changes
No response