
Show HN: Shrink, a free menu bar app for your GitHub issues - sgottit
http://shrink.alasdairmonk.com
======
aleem
Beware, granting access to this app (or others like it) will mean it will have
access to everything including your private repos' source code. This is pretty
bad. If you are going to use this to access your company/startup repo, you
should probably get approval from your lead or manager before installing it.

Unfortunately, Github, for all it's security efforts, still does not offer
token permissions to be limited to "Issues" only. It's all or nothing when it
comes to repos. Github's own native client/app doesn't have issue tracking
either. This means there are lots of people installing these kind of apps for
issue tracking and inevitably the security is as good as the weakest link in
this chain. I wish someone at Github could remedy this.

IssuePost [http://issuepostapp.com/](http://issuepostapp.com/) is a similar
app. However, the developer has revoked the app for similar reasons.

> Issuepost is unavailable at the moment. Unfortunately, GitHub's OAuth API
> authorizes access to the entirety of users' private repos, and does not
> allow you to only request access to read/write issues. As a result, I have
> decided to pull the app from the App Store until I can find a better way to
> make the app more secure.

~~~
mik3y
I tried hailing a random security Githubber or two on Twitter about the lack
of an issues-only oauth scope; no response.

I can only conclude they're holding it back deliberately, since it seems both
a glaring omission and simple fix. GitHub, prove me wrong..

------
bobwaycott
There appears to be no way to quit the app & get it out of your menubar
without resorting to `kill`. That's annoying and lazy.

~~~
gee_totes
I don't know if it's lazy, but it's certainly annoying.

------
verelo
What are your experiences using Github issues?

I can only imagine so given that tools like this exist, and that Github
continue to maintain Issues that people like it, but I personally don't love
them. I honestly cannot put my finger on what I don't like but i've never been
able to stick to it. In /real life/ I am using Jira or Redmine on a regular
basis, maybe I'm just broken from their heavy and complex UI's.

------
ahmetmsft
That's exactly what I need. I would probably pay for something crafted well
that does this.

------
PeterBarrett
This is great, allow users to create issues for a repo too and I'd use this
everyday!

------
kolev
How does it compare to Trailer [0]?

[0]
[https://github.com/ptsochantaris/trailer](https://github.com/ptsochantaris/trailer)

------
joshcrowder
Really nice work -- Is this opensource? I want to build a similar menubar
application and would love to know how!

~~~
tjsix
It doesn't appear to be open source since it's not on the authors Github.
However if you're looking for a menubar app example with custom views, here is
one:
[https://github.com/phranck/CCNStatusItem](https://github.com/phranck/CCNStatusItem).
The example in that repo is what was used for this app (presumably, since the
binary in the package shows as CCNStatusItem)

------
scottostler
This looks really useful. Thanks for sharing

There was a missed opportunity to name the app 'Shirk', though

------
matrixagent
Anyone know of something (remotely) like this for (self-hosted) GitLab?

