Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 Token-Permissions: use same text for read token details as write token details #4025

Merged
merged 3 commits into from
Apr 12, 2024
Merged

🐛 Token-Permissions: use same text for read token details as write token details #4025

merged 3 commits into from
Apr 12, 2024

Conversation

spencerschrock
Copy link
Member

What kind of change does this PR introduce?

bug fix? This was an unintentional regression from v4.13.1

What is the current behavior?

The detail used to (v4.13.1) say something like:

"topLevel 'pull-requests' permission set to 'read'"

But the conversion PR (#3816) replaced the individual scopes with a generic message:

"found token with 'read' permissions"

What is the new behavior (if this is a feature change)?**

Read permissions findings use the same text helper function that write permission findings do, which matches what v4.13.1 did.

"topLevel 'pull-requests' permission set to 'read'"
  • Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

NONE (preparing for release)

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

NONE

@spencerschrock
use same text for read token details as write token details
2901011 
This was an unintentional regression from v4.13.1

Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock spencerschrock requested a review from a team as a code owner April 12, 2024 06:48
@spencerschrock spencerschrock requested review from naveensrinivasan and removed request for a team April 12, 2024 06:48
@spencerschrock
Copy link
Member Author

/scdiff generate Token-Permissions

@github-actions GitHub Actions
Copy link

Here's a link to the scdiff run

@codecov Codecov
Copy link

codecov bot commented Apr 12, 2024

Codecov Report

Merging #4025 (0f2be64) into main (b118c19) will decrease coverage by 0.18%.
Report is 13 commits behind head on main.
The diff coverage is 33.33%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4025      +/-   ##
==========================================
- Coverage   66.70%   66.53%   -0.18%     
==========================================
  Files         223      222       -1     
  Lines       16070    16024      -46     
==========================================
- Hits        10719    10661      -58     
- Misses       4688     4691       +3     
- Partials      663      672       +9

@spencerschrock spencerschrock merged commit f4c3025 into ossf:main Apr 12, 2024
37 of 38 checks passed
@spencerschrock spencerschrock deleted the fix-token-permission-detail branch April 12, 2024 17:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@laurentsimon laurentsimon laurentsimon approved these changes

@naveensrinivasan naveensrinivasan Awaiting requested review from naveensrinivasan naveensrinivasan is a code owner automatically assigned from ossf/scorecard-maintainers

Assignees
No one assigned
Labels
None yet
Projects
Scorecard - NEW
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@spencerschrock @laurentsimon