🛑 The Problem
Right now, ForgeLens uses a single global Personal Access Token (PAT). This means it can only analyze public open-source repositories. If a company wants to use ForgeLens to measure their private internal repositories, our system simply cannot access them.
💡 The Solution
We must upgrade our architecture from a script-like PAT approach to a full GitHub App installation flow. Users will authenticate via OAuth and grant ForgeLens access to specific private repos.
🛠️ Implementation Details
- Register a GitHub App in the developer portal.
- Implement the OAuth callback endpoint in Next.js.
- Store the User-to-Server token or Installation ID securely in the database.
- Refactor the Octokit client initialization to use
@octokit/auth-app or @octokit/auth-oauth-user depending on the context.
- Ensure Row Level Security (RLS) guarantees users cannot query repositories they didn't authorize.
✅ Acceptance Criteria
Ready to tackle this? Comment .take below to get automatically assigned!
🛑 The Problem
Right now, ForgeLens uses a single global Personal Access Token (PAT). This means it can only analyze public open-source repositories. If a company wants to use ForgeLens to measure their private internal repositories, our system simply cannot access them.
💡 The Solution
We must upgrade our architecture from a script-like PAT approach to a full GitHub App installation flow. Users will authenticate via OAuth and grant ForgeLens access to specific private repos.
🛠️ Implementation Details
@octokit/auth-appor@octokit/auth-oauth-userdepending on the context.✅ Acceptance Criteria
Ready to tackle this? Comment
.takebelow to get automatically assigned!