Allow valid oauth tokens to clone repositories.
What does this MR do?
Make git clone
work with restricted OAuth2 applications. I could not see where else this function is used, so it's possible that it is opening up more than it should, but the additional scopes are more restrictive than the existing one, so it's not adding any privilege at worst.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios. -
Documentation created/updated or follow-up review issue created -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Performance and Testing
not needed
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Note: it looks like I can't do these but they should be done ^
Edited by Florian Margaine