Merge pull request 'docs: add read:user to required token scopes' (#67) from issue-66 into main
CI / test (push) Successful in 16s
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (push) Has been skipped
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (push) Has been skipped
CI / review (gpt-5, security, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (push) Has been skipped
CI / test (push) Successful in 16s
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (push) Has been skipped
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (push) Has been skipped
CI / review (gpt-5, security, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (push) Has been skipped
Reviewed-on: #67 Reviewed-by: security-review-bot <10+security-review-bot@noreply.gitea.weiker.me>
This commit was merged in pull request #67.
This commit is contained in:
@@ -329,11 +329,12 @@ All flags have environment variable equivalents:
|
||||
### Token Scopes Required
|
||||
|
||||
| Scope | Purpose |
|
||||
|-------|---------|
|
||||
|-------|--------|
|
||||
| `write:issue` | Post and delete reviews |
|
||||
| `write:repository` | Read PR diffs, file content, commit statuses |
|
||||
| `read:user` | Self-request as reviewer (optional but recommended) |
|
||||
|
||||
No `read:user` scope needed — the bot identifies itself from the review response.
|
||||
Without `read:user`, the bot still works but cannot add itself to the PR's reviewer list.
|
||||
|
||||
## Development
|
||||
|
||||
|
||||
Reference in New Issue
Block a user