Great work on this app, I look forward to using it! One thing that caught my attention was the required permissions when installing it:
- Read access to code
- Write access to files located at .github/remove-outside-collaborators.yml
- Read access to metadata
- Read and write access to administration, issues, members, repository hooks, and repository projects
Based on the responsibilities of the app, it wasn't clear to me why it needs read access to all code, or write access to the config file. Any chance the scope can be reduced to the following?
- Read access to files located at .github/remove-outside-collaborators.yml
- Read access to metadata
- Read and write access to administration, issues, members, repository hooks, and repository projects
Thanks!
Great work on this app, I look forward to using it! One thing that caught my attention was the required permissions when installing it:
Based on the responsibilities of the app, it wasn't clear to me why it needs read access to all code, or write access to the config file. Any chance the scope can be reduced to the following?
Thanks!