Is there a way I could let some CI service like Travis CI to ONLY publish the pa... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

vladimir-y on May 10, 2019 | parent | context | favorite | on: GitHub Package Registry

Is there a way I could let some CI service like Travis CI to ONLY publish the packages to this GitHub Package Registry? ONLY means I don't want to expose the entire GitHub account to Travis CI but allow only publishing to the registry. So if the GitHub key/access-token leaks somehow the possible damage would be limited by registry publishing scope. So something like scoped access tokens.

rustyfe on May 10, 2019 [–]

Yes. They showed in the demo that there will be a new scope for read/publish packages. So you can create a personal access token for Travis with only that scope.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact