fix(dev-infra): merge script should not always require full repo permissions (#37718)

We recently added OAuth scope checking to the dev-infra Git client and started leveraging it for the merge script. We set the `repo` scope as required for running the merge script. We can loosen this requirement as in the Angular org where the script is consumed, only pull requests on public repositories are merged through the script. This should help with reducing the risk with compromised tokens as no access had to be granted on `repo:invite`, `repo_deployment` etc. PR Close #37718
2020-06-25 00:40:15 +02:00
parent dbc2364d16
commit 3ee666580a
3 changed files with 22 additions and 12 deletions
--- a/dev-infra/utils/config.ts
+++ b/dev-infra/utils/config.ts
@ -21,6 +21,8 @@ export interface GitClientConfig {
  name: string;
  /** If SSH protocol should be used for git interactions. */
  useSsh?: boolean;
+  /** Whether the specified repository is private. */
+  private?: boolean;
 }

 /**