Ken Gaillot <kgail...@redhat.com> wrote:
Hello all,
Florian Haas and Kristoffer Grönlund noticed that the ClusterLabs
organization on github currently carries over any app access that
members have given to their own accounts.
Yep. I have a vague memory of discussing this with a GitHub employee
- IIRC he said that the problem only exists for OAuth apps using
GitHub's older API, but I might have totally misremembered that.
This is not significant at the moment since we don't have any private
repositories and few accounts have write access
It's not just about private repos; there's also a concern regarding
data privacy. I documented this here:
https://github.com/isaacs/github/issues/731
and funnily (or sadly) enough you can see that Clusterlabs is one of
the affected organizations listed in the example screenshot.
but to stay on the
safe side, we'd like to enable OAuth access restrictions on the
organization account.
Yes, this is definitely a very good idea.
Going forward, this will simply mean that any apps that need access
will need to be approved individually by one of the administrators.
But as a side effect, this will invalidate existing apps' access as
well as some individual contributors' ssh key access to the
repositories. If you are affected, you can simply re-upload your ssh
key and it will work again.
I'll wait a couple of weeks before implementing this change in case
anyone wants to raise concerns.
Good plan. Thanks a lot!
_______________________________________________
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/developers
ClusterLabs home: https://www.clusterlabs.org/
