nix-security-tracker icon indicating copy to clipboard operation
nix-security-tracker copied to clipboard

Published 20 hours ago verified publisher icon Nix-Security-WG

GitHub independence

Open RaitoBezarius opened this issue 4 months ago • 0 comments

This issue is not in the scope of our paid work and sprints.

Currently, we have GitHub dependencies in two forms:

  • OAuth 2 connector
  • Foreign entities who are allowed to perform actions (security team, etc.)

We can generalize the OAuth 2 connector properly without too much issue. For foreign entities, we can move this problem to a generic userinfo request to analyze the roles and scopes which are bestowed upon someone.

We probably need to introduce some error handling to automatically disable some of the GitHub features if you are running with another forge.

At the same time, a trivial implementation would be the DevelopmentDirectory where we can make up whatever we want.

RaitoBezarius avatar Oct 04 '24 15:10 RaitoBezarius