Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: add SECURITY_WG_GITHUB_TOKEN request #950

Merged
merged 3 commits into from
Feb 6, 2025
Merged

doc: add SECURITY_WG_GITHUB_TOKEN request #950

merged 3 commits into from
Feb 6, 2025

Conversation

RafaelGSS
Copy link
Member

@RafaelGSS RafaelGSS commented Feb 5, 2025
edited by aduh95
Loading

Refs: #949

permissions on [`nodejs/security-wg`](https://github.com/nodejs/security-wg):
  contents: write
  pull-requests: write

@aduh95
Copy link
Contributor

aduh95 commented Feb 5, 2025

To whoever who lands this: careful, the token should be saved on the nodejs-private/security-release, not on the public repo – I mean, I guess we can save it on the public repo as well, but currently it's not necessary. @RafaelGSS am I understanding things correctly?

Side node: maybe the current table is not well fitted for this kind of "cross-repo tokens". /cc @legendecas

@RafaelGSS
Copy link
Member Author

To whoever who lands this: careful, the token should be saved on the nodejs-private/security-release, not on the public repo – I mean, I guess we can save it on the public repo as well, but currently it's not necessary. @RafaelGSS am I understanding things correctly?

Side node: maybe the current table is not well fitted for this kind of "cross-repo tokens". /cc @legendecas

Correct

@legendecas
Copy link
Member

Side node: maybe the current table is not well fitted for this kind of "cross-repo tokens".

For additional repo permissions, we can list the request in the PR description. The table should list where the token is installed, so that we can rotate the token by the table.

@RafaelGSS @legendecas
Update request-an-access-token.md
f5bcc91 
Co-authored-by: Chengzhong Wu <cwu631@bloomberg.net>
RafaelGSS
RafaelGSS commented Feb 6, 2025
View reviewed changes
request-an-access-token.md Outdated Show resolved Hide resolved
mhdawson
mhdawson approved these changes Feb 6, 2025
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mhdawson
Copy link
Member

mhdawson commented Feb 6, 2025

I believe I've added the token as requested

@RafaelGSS RafaelGSS merged commit f5bb09b into main Feb 6, 2025
@RafaelGSS RafaelGSS deleted the token-security-wg branch February 6, 2025 22:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legendecas legendecas legendecas left review comments

@mhdawson mhdawson mhdawson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RafaelGSS @aduh95 @legendecas @mhdawson