You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
// Exemptions are only defined at the org level because they should be made
// obvious to org security managers.
But this makes AllStar hard to scale for organizations that loosely federated, and it's not possible for each product team to necessarily have their own GitHub organization. And I think the needs for org security managers might be better met by #524 which would provide some reporting about where/how overrides are occurring.
I hope next time I can open PRs instead of tickets, but trying to capture some friction points while I can.
The text was updated successfully, but these errors were encountered:
I understand the reasoning behind https://github.com/ossf/allstar/blob/main/pkg/policies/outside/outside.go#L70-L71
But this makes AllStar hard to scale for organizations that loosely federated, and it's not possible for each product team to necessarily have their own GitHub organization. And I think the needs for org security managers might be better met by #524 which would provide some reporting about where/how overrides are occurring.
I hope next time I can open PRs instead of tickets, but trying to capture some friction points while I can.
The text was updated successfully, but these errors were encountered: