[pytest-dev] Disabling third-party application access on GitHub

Ionel Cristian Mărieș contact at ionelmc.ro
Thu Sep 10 20:26:24 CEST 2015


(I don't really know how github orgs work)

Is there a list of apps that we want to whitelist? What's the process to
whitelist an app later?

-- Ionel Cristian Mărieș, http://blog.ionelmc.ro

On Thu, Sep 10, 2015 at 6:05 PM, Florian Bruhin <me at the-compiler.org> wrote:

> Hi,
> currently, if I enable an application to access my GitHub account,
> it'll also have the same access to all pytest-dev repositories.
> This is obviously... not so cool.
> I'd like to change[1] that, however that comes with a few caveats[2]
> unfortunately.
> The most important is probably this one:
> - SSH keys created before February 2014 immediately lose access to the
>   organization's resources (this includes user and deploy keys).
>   When an SSH key created before February 2014 loses access to an
>   organization with third-party application restrictions enabled,
>   subsequent SSH access attempts will fail. Users will encounter an
>   error message directing them to a URL where they can approve the key
>   or upload a trusted key in its place.
> I'm guessing the reason for this is (random guess) because there
> wasn't any distinction between user- and application-keys before then.
> I'm not 100% sure what exactly the impact will be, but this might
> impact pushing until the key is re-approved for everyone with a key
> older than that.
> Any objections? If not, I'd like to flip the switch on Saturday.
> Florian
> [1]
> https://help.github.com/articles/disabling-third-party-application-restrictions-for-your-organization/
> [2]
> https://help.github.com/articles/about-third-party-application-restrictions/
> --
> http://www.the-compiler.org | me at the-compiler.org (Mail/XMPP)
>    GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc
>          I love long mails! | http://email.is-not-s.ms/
> _______________________________________________
> pytest-dev mailing list
> pytest-dev at python.org
> https://mail.python.org/mailman/listinfo/pytest-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/pytest-dev/attachments/20150910/d5a5cfd9/attachment.html>

More information about the pytest-dev mailing list