Open Rohaq opened 4 months ago
Thank you very much for opening up this issue! I am currently a bit overwhelmed by the many requests that arrive each week, so please forgive me, if I fail to respond personally. I am still very likely to at least skim read your request and I'll probably try to fix all (real) bugs if possible and I will likely review every single PR being made (please, give me a heads up if you intent to do so) and I will try to work on popular requests (please upvote via thumbs up on the original issue) whenever possible, but trying to respond to every single issue over the last years has been kind of draining and I need to adjust my approach for this project to remain fun for me and to make any progress with actually coding new stuff. Thanks for your understanding!
Hello there Rohaq! 👋
Thank you and congratulations 🎉 for opening your very first issue in this project! 💖
In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀
For more open ended discussions and/or specific questions, please visit the discussions page. 💖
Link to the Gitlab Documentation on Access Token permissions: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#personal-access-token-scopes
Gitlab also offers project level access tokens too. It's probably worth also including the project roles that the token might need too.
Makes sense to provide some documentation about this somewhere. Best place is probably somewhere here on github, so updates are easily accessible to everyone. Maybe docs/github-access-token-instructions.md
is a good place.
Help with putting these together would be much appreciated! Any volunteers? :)
@Rohaq The ability to use Project Access Token are limited on GitLab.com. " On GitLab.com, you can use group access tokens if you have the Premium or Ultimate license tier" A pity.
@johannesjo i would try to write a documentation. At the Moment i play a little bit with the scopes which are the "best" working.
Thank you @BanditsBacon !! This would be much appreciated!
As referenced in this thread: https://github.com/johannesjo/super-productivity/discussions/2714#discussioncomment-9490660
There's currently no documentation or guidance in the UI for what the minimum Access Token permissions required are for the Gitlab integration.
It's good security practice to restrict permissions on these access tokens, even for local applications, in order to mitigate any damage that could be done if they were ever leaked.
Could these permissions be determined, and added to documentation? I'd also suggest displaying these in the config UI in a future release.
Screenshot of available permissions on Gitlab.com: