search

suttacentral / bilara

Our Computer Aided Translation software
10 stars 8 forks source link

GitHub OAuth permissions scope #153

Closed vwkd closed 1 year ago

vwkd commented 1 year ago

I'd like to try out Bilara, but the GitHub OAuth permissions screen is ... scary. The permission to "read and write all public and private repository data" is asking for a lot of trust. Is it really necessary?

permissions

sujato commented 1 year ago

You shouldn't be connecting to github, certainly not to our repo, that is for our instance. You can try it out using the dev instance, that does not require any Github connection or authorization, you can just set up set dummy credentials.

https://github.com/suttacentral/bilara/wiki/Dev-Installation

https://github.com/suttacentral/bilara/wiki/Dev-Installation-Ubuntu-20.04

If you want to try it with your own repo, you'll have to set up the credentials yourself.

But note that we have just started a major overhaul of the project, so don't get invested, it's all about to change! (Most of the UI will stay, though.)

blake-sc commented 1 year ago

I'd like to try out Bilara, but the GitHub OAuth permissions screen is ... scary. The permission to "read and write all public and private repository data" is asking for a lot of trust. Is it really necessary?

Hmmm, yes, the repo scope is not needed, it must have been included by mistake. I've removed it.

vwkd commented 1 year ago

Great that it works without. Thanks for fixing it!