[pytest-dev] Disabling third-party application access on GitHub
Florian Bruhin
me at the-compiler.org
Thu Sep 10 17:05:36 CEST 2015
Hi,
currently, if I enable an application to access my GitHub account,
it'll also have the same access to all pytest-dev repositories.
This is obviously... not so cool.
I'd like to change[1] that, however that comes with a few caveats[2]
unfortunately.
The most important is probably this one:
- SSH keys created before February 2014 immediately lose access to the
organization's resources (this includes user and deploy keys).
When an SSH key created before February 2014 loses access to an
organization with third-party application restrictions enabled,
subsequent SSH access attempts will fail. Users will encounter an
error message directing them to a URL where they can approve the key
or upload a trusted key in its place.
I'm guessing the reason for this is (random guess) because there
wasn't any distinction between user- and application-keys before then.
I'm not 100% sure what exactly the impact will be, but this might
impact pushing until the key is re-approved for everyone with a key
older than that.
Any objections? If not, I'd like to flip the switch on Saturday.
Florian
[1] https://help.github.com/articles/disabling-third-party-application-restrictions-for-your-organization/
[2] https://help.github.com/articles/about-third-party-application-restrictions/
--
http://www.the-compiler.org | me at the-compiler.org (Mail/XMPP)
GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc
I love long mails! | http://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/pytest-dev/attachments/20150910/29034c98/attachment.sig>
More information about the pytest-dev
mailing list