nix-security-tracker icon indicating copy to clipboard operation
nix-security-tracker copied to clipboard

Published 20 hours ago verified publisher icon Nix-Security-WG

GitHub activities from a "bot" account

Open RaitoBezarius opened this issue 1 year ago • 0 comments

The security tracker should have a "bot" account that can opens PRs on behalf of another user, but not as the other user.

https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-with-a-github-app-on-behalf-of-a-user should not be used as it may require excessive permissions on the user's account.

The security tracker should keep a copy of nixpkgs locally and update it regularly to create those. Inspiration can be taken from https://github.com/ryantm/nixpkgs-update.

RaitoBezarius avatar Nov 05 '23 23:11 RaitoBezarius