Confirmed users
1,364
edits
GitHub/Repository Security/Problems and Options: Difference between revisions
GitHub/Repository Security/Problems and Options (view source)
Revision as of 16:00, 14 August 2018
, 14 August 2018bot merge issue
(correct link to stack overflow) |
(bot merge issue) |
||
| Line 34: | Line 34: | ||
=== Problem: I can't squash merge PRs generated by 3rd party services === | === Problem: I can't squash merge PRs generated by 3rd party services === | ||
This often occurs with dependency management tools, and is a [https://github.com/renovateapp/renovate/issues/1828 known problem]. The commits in the PR are signed, they just can't be included via any method that modifies that signed commit. Only the "merge" technique meets that requirement. | This often occurs with dependency management tools, and is a [https://github.com/renovateapp/renovate/issues/1828 known problem]. The commits in the PR are signed, they just can't be included via any method that modifies that signed commit. Only the "merge" technique meets that requirement. | ||
=== Problem: I can't use a bot to perform merges, when it uses the GitHub API to merge === | |||
This is a [https://github.com/mozilla-services/kinto-dist/pull/245#issuecomment-412655345 known problem]. We're looking into workarounds, some of which require changes on the GitHub side. | |||
'''''IF''''' you've had a bug opened about this guidance, please reach out to your security team for an appropriate workaround for your project. | |||
= General Notes = | = General Notes = | ||