- netlify site name:
- DNS issues: none.
- Build problems: None
- Did you try Ask Netlify: YES.
I’m following the instructions at Hugo blox, and Decap CMS (2. Choosing a Backend | Decap CMS | Open-Source Content Management System) to allow editors by invitation to edit pages in this site.
Even after reading the docs on how git gateway interacts with github and requests permissions (Git Gateway | Netlify Docs) , it is fearsome to go ahead and click on “Authorize Netlify”.
The Decap CMS page did not alert me that more privileges would be required from my Github account.
Neither does the Netlify page.
And the Ask Netlify bot did answer that some permissions were required to read and write the repo (obviously).
But upon clicking on the ‘Enable Git Gateway’ button in my site configuration, I am being requested basically to access to all my repos at Github (not just the one for this site). Screenshot attached.
Or maybe I am reading this with too much paranoia?
- Repositories Public and Private?
- it is not apparent that this is scoped to a single repo
- Read and write all public and private repository data
- again maybe I’m being too paranoid
- But the final note puts me in the Danger zone
- “In addition to repository related resources” the scope grants access to manage organization attributes? organization-owned resources? projects?
- So here it is really not apparent that permissions are requested in the scope of a single repository
Can you help me understand this policy and how I may be opening my whole Github account to Netlify?
Is the wording and phrasing of this additional permission request correct? Shoult it be made more clear?