Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automation to enforce repository permissions are by github team only and not individuals #86

Open
zkoppert opened this issue Apr 10, 2024 · 2 comments
Open

Automation to enforce repository permissions are by github team only and not individuals #86

zkoppert opened this issue Apr 10, 2024 · 2 comments
Labels
enhancement New feature or request new-action

Comments

@zkoppert
Copy link
Member

Is your feature request related to a problem?

To ensure that permissions are easier to maintain and keep updated, its a best practice to give permission to a GitHub team and then instead of removing them from a large number of repos, you can just remove them from the team. Well maintained permissions improves security posture.

The task here would be to create a/utilize an existing GitHub action or App to accomplish this.
@zkoppert zkoppert added the enhancement New feature or request label Apr 10, 2024
@ljharb
Copy link

ljharb commented Apr 10, 2024

The problem with this restriction - and the only reason i'd never want to enable it - is that I can't put non-org-members on teams.

with this capability, i would always want this for org-owned repos.

@zkoppert
Copy link
Member Author

Great feedback @ljharb, appreciate it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request new-action
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ljharb @zkoppert