Migrate LGTM.com installation from OAuth to GitHub App

[LGTM-badger]

Hi There,

This project is still using an old implementation of LGTM's automated code review, which has now been disabled. To continue using automated code review, and receive checks on your Pull Requests, please install the GitHub App on this repository.

Thanks, The LGTM Team

[mtrojnar]

Any idea how to unsubsribe the project from LGTM?

[s0]

@mtrojnar If you don't install the GitHub App, then LGTM will automatically be disabled for you over the next couple of days. Otherwise if you want to do it now, @frankmorgner can revoke the OAuth access for this application from his account, and statuses will stop being posted on your PRs.

[mtrojnar]

@s0 Thank you. The GitHub App requests write access to the repository. This is outrageous.

[s0]

Do you mean the OAuth App? As far as I can tell, the GitHub App does not require write permissions to the repo, only write permissions to checks and PRs:

[mtrojnar]

@s0 I guess it's possible I misunderstood it. Honestly, I'm not sure what "write access to checks and pull requests" actually means.

[s0]

You can find more information on what this allows access to here:

• https://developer.github.com/v3/apps/permissions/#permission-on-checks
• https://developer.github.com/v3/apps/permissions/#permission-on-pull-requests

For what it's worth, LGTM (and Semmle) are now owned and operated by GitHub, if that influences your decision.

[mtrojnar]

https://github.com/apps/lgtm-com/installations/new says: "This action must be performed by an organization owner". This is not something I can do.

[frankmorgner]

I've installed the app to the libp11 repository just now. However, I wonder why LGTM has actually analyzed the incoming PRs even before that...