Closed mattbishop closed 4 years ago
Hello, thanks for your feedback.
Vssue is always trying to get the minimal access of the platforms.
Of course we have checked the list, but we could only find public_repo
that can access issues & comments. Do you have any clue on that?
Here's the related code about the scope:
In fact, during the development of Vssue, we found that:
public_repo
scopeapi
scope: https://vssue.js.org/guide/gitlab.html#create-a-new-applicationAs this issue could not be solved by Vssue itself, let move to #62 to track it.
What problem does the feature solve?
When a user "Logs in to Github" to set a comment, they are presented with a scary access request that wants all of their data, including access to all their organizations. This is unnecessary and excessive.
Proposed solution
Is there a subset of information that can be asked for? My readers are complaining that they don't want to give me so much access just to leave a comment.
Alternative solutions
Here is the list of github scopes: https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/#available-scopes
Additional context