alt Hacker News> temporary per-repo permission scope or token that allowed only pull and push to the repo in question
How about pull from the repo but only push to a staging area from which the user, but not the token, can push for real?
Frankly, LLM agents should do this too. Letting your LLM push seems foolhardy to me.
Replies
namibj • today at 6:08 AM
Jules is heavily restricted in what it can do to your repos.
alostpuppy • today at 5:48 AM
Exe.dev has an integrations feature which is similar allowing you to grant access to specific repos without having give the VMs credentials. I think it’s a similar pattern to iron.sh.
I have been thinking more and more about how I might use this pattern.
moi2388 • today at 5:39 AM
That makes so much more sense.
You can just fork the repository, give it access to the fork and then merge what you want