Skip to content

add security for calls to claude, use PAT instead of github token for commits #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
phernandez wants to merge 14 commits into
base: main
Choose a base branch
from
Open

add security for calls to claude, use PAT instead of github token for commits #8

phernandez wants to merge 14 commits into from

Conversation

@phernandez
Copy link

@phernandez phernandez commented Apr 5, 2025

Organization Membership Check

  • Added verification of organization membership for issue requests
  • Prevents API usage from random internet users
  • Configurable with require-org-membership and organization parameters
  • Default setting requires membership but can be disabled

Personal Access Token Support

  • Added support for using a personal access token for commits
  • Enables proper attribution in contributor graphs
  • Bypasses CLA requirements when using personal credentials
  • Set via the new personal-access-token parameter

Documentation

  • Updated README with new parameters
  • Added example configurations for both features
  • Added security considerations section

phernandez and others added 14 commits April 4, 2025 21:17
@phernandez
Update README.md
bf86772
@phernandez @claude
Add organization membership check and PAT support
417d881 
- Added organization membership verification for issue requests
- Added personal access token support for custom commit attribution
- Updated documentation with new features
- Bumped version to 0.6.0

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <[email protected]>
@phernandez
Update organization references to basicmachines-co and prepare for v0…
8e9ccb6 
….7.0 release
@phernandez
Add PERSONAL_ACCESS_TOKEN to claude-full.yml workflow
7de3ac5
@phernandez
Fix organization membership check to use PERSONAL_ACCESS_TOKEN
decced3
@phernandez
Check comment author for organization membership in both issue-fix an…
6efa839 
…d issue-analyze modes
@phernandez
Update README with public org membership requirement and v0.10.0 refe…
f49da5c 
…rences
@phernandez
Fix backtick handling in issue-fix-mode.sh and bump version to 0.11.0
1f4a5ce
@phernandez
Update workflows to use v0.11.0
e9ffeb2
@phernandez
Fix special character handling in workflow scripts
d3c93da
@phernandez
Update issue-fix-mode.sh to check comment author instead of issue cre…
7c8a192 
…ator for org membership
@phernandez
Stop using personal access token for organization membership checks
b348721
@phernandez
Add --sign-off to git commits for DCO checks
ee0551c
@phernandez
Update PR title format to use lowercase fix: for semantic commits
cff3056
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@phernandez