Open peekxc opened 2 weeks ago
To add another case: In GitHub organizations that support communities, the owner of a repository may not have the privileges to grant access.
As an example, I'm doing some volunteer work for a non-profit at the moment, and we're keeping the document sources in a repository that's part of the non-profit's GitHub organization. While I have access to the repository I'm working in, I have no access to other repositories in the organization, or any administrative access to the organization itself (nor should I!).
Unfortunately the standard OAuth protocol we can use across GitHub and GitLab does not support this, so we'll need to implement a GitHub-specific GitHub app. This is a fair amount of work, so I can't say when we'll get to it.
Description
I just got typst pro (yay!) mostly because I wanted version control via git.
Adding typst GH support required giving typst read/write access to all of my repositories, both public and private.
While I trust that typst will likely not alter/commit to any directory/project I configure, I can't help but feel like the permissions granted should be more granular.
Can you refine the write permissions requested to be local to a given repository? (And also to only public repos, unless otherwise configured)?
Use Case
This could help users adopt the GH synchronization feature without worrying about relinquishing control to typst their non-typst repos