github

package
v3.80.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2024 License: AGPL-3.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Random values for testing
	RANDOM_STRING   = "FQ2pR.4voZg-gJfsqYKx_eLDNF_6BYhw8RL__"
	RANDOM_USERNAME = "d" + "ummy" + "acco" + "untgh" + "2024"
	RANDOM_REPO     = "te" + "st"
	RANDOM_INTEGER  = 4294967289

	// Permissions
	NO_ACCESS       = "No access"
	READ_ONLY       = "Read-only"
	READ_WRITE      = "Read and write"
	ERROR           = "Error"
	UNKNOWN         = "Unknown"
	NOT_IMPLEMENTED = "Not implemented"

	// Repo Permission Types
	ACTIONS              = "Actions"
	ADMINISTRATION       = "Administration"
	CODE_SCANNING_ALERTS = "Code scanning alerts"
	CODESPACES           = "Codespaces"
	CODESPACES_LIFECYCLE = "Codespaces lifecycle admin"
	CODESPACES_METADATA  = "Codespaces metadata"
	CODESPACES_SECRETS   = "Codespaces secrets"
	COMMIT_STATUSES      = "Commit statuses"
	CONTENTS             = "Contents"
	CUSTOM_PROPERTIES    = "Custom properties"
	DEPENDABOT_ALERTS    = "Dependabot alerts"
	DEPENDABOT_SECRETS   = "Dependabot secrets"
	DEPLOYMENTS          = "Deployments"
	ENVIRONMENTS         = "Environments" // Note: Addt'l permissions are not required (despite documentation).
	ISSUES               = "Issues"
	MERGE_QUEUES         = "Merge queues"
	METADATA             = "Metadata"
	PAGES                = "Pages"
	PULL_REQUESTS        = "Pull requests"
	REPO_SECURITY        = "Repository security advisories"
	SECRET_SCANNING      = "Secret scanning alerts"
	SECRETS              = "Secrets"
	VARIABLES            = "Variables"
	WEBHOOKS             = "Webhooks"
	WORKFLOWS            = "Workflows"

	// Account Permission Types
	BLOCK_USER             = "Block another user"
	CODESPACE_USER_SECRETS = "Codespace user secrets"
	EMAIL                  = "Email Addresses"
	FOLLOWERS              = "Followers"
	GPG_KEYS               = "GPG Keys"
	GISTS                  = "Gists"
	GIT_KEYS               = "Git SSH keys"
	LIMITS                 = "Interaction limits"
	PLAN                   = "Plan"
	PRIVATE_INVITES        = "Private invitations"
	PROFILE                = "Profile"
	SIGNING_KEYS           = "SSH signing keys"
	STARRING               = "Starring"
	WATCHING               = "Watching"
)

Variables

View Source 
var SCOPE_ORDER = [][]string{
	{"repo", "repo:status", "repo_deployment", "public_repo", "repo:invite", "security_events"},
	{"workflow"},
	{"write:packages", "read:packages"},
	{"delete:packages"},
	{"admin:org", "write:org", "read:org", "manage_runners:org"},
	{"admin:public_key", "write:public_key", "read:public_key"},
	{"admin:repo_hook", "write:repo_hook", "read:repo_hook"},
	{"admin:org_hook"},
	{"gist"},
	{"notifications"},
	{"user", "read:user", "user:email", "user:follow"},
	{"delete_repo"},
	{"write:discussion", "read:discussion"},
	{"admin:enterprise", "manage_runners:enterprise", "manage_billing:enterprise", "read:enterprise"},
	{"audit_log", "read:audit_log"},
	{"codespace", "codespace:secrets"},
	{"copilot", "manage_billing:copilot"},
	{"project", "read:project"},
	{"admin:gpg_key", "write:gpg_key", "read:gpg_key"},
	{"admin:ssh_signing_key", "write:ssh_signing_key", "read:ssh_signing_key"},
}
View Source 
var SCOPE_TO_SUB_SCOPE = map[string][]string{
	"repo":                      {"repo:status", "repo_deployment", "public_repo", "repo:invite", "security_events"},
	"write:pakages":             {"read:packages"},
	"admin:org":                 {"write:org", "read:org", "manage_runners:org"},
	"write:org":                 {"read:org"},
	"admin:public_key":          {"write:public_key", "read:public_key"},
	"write:public_key":          {"read:public_key"},
	"admin:repo_hook":           {"write:repo_hook", "read:repo_hook"},
	"write:repo_hook":           {"read:repo_hook"},
	"user":                      {"read:user", "user:email", "user:follow"},
	"write:discussion":          {"read:discussion"},
	"admin:enterprise":          {"manage_runners:enterprise", "manage_billing:enterprise", "read:enterprise"},
	"manage_billing:enterprise": {"read:enterprise"},
	"audit_log":                 {"read:audit_log"},
	"codespace":                 {"codespace:secrets"},
	"copilot":                   {"manage_billing:copilot"},
	"project":                   {"read:project"},
	"admin:gpg_key":             {"write:gpg_key", "read:gpg_key"},
	"write:gpg_key":             {"read:gpg_key"},
	"admin:ssh_signing_key":     {"write:ssh_signing_key", "read:ssh_signing_key"},
	"write:ssh_signing_key":     {"read:ssh_signing_key"},
}

Functions

func AnalyzeAndPrintPermissions added in v3.80.3 

func AnalyzeAndPrintPermissions(cfg *config.Config, key string)

Types

type Analyzer added in v3.80.3 

type Analyzer struct {
	Cfg *config.Config
}

func (Analyzer) Analyze added in v3.80.3 

func (a Analyzer) Analyze(_ context.Context, credInfo map[string]string) (*analyzers.AnalyzerResult, error)

func (Analyzer) Type added in v3.80.3 

func (Analyzer) Type() analyzerpb.AnalyzerType

type SecretInfo added in v3.80.3 

type SecretInfo struct {
	Metadata *TokenMetadata
	Repos    []*gh.Repository
	Gists    []*gh.Gist
	// AccessibleRepos, RepoAccessMap, and UserAccessMap are only set if
	// the token has fine-grained access.
	AccessibleRepos []*gh.Repository
	RepoAccessMap   map[string]string
	UserAccessMap   map[string]string
}

func AnalyzePermissions 

func AnalyzePermissions(cfg *config.Config, key string) (*SecretInfo, error)

type TokenMetadata added in v3.80.3 

type TokenMetadata struct {
	Type        string
	FineGrained bool
	User        *gh.User
	Expiration  time.Time
	OauthScopes []analyzers.Permission
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.