Desktop: Github Desktop App's OAuth login says "Not owned or operated by GitHub"
Description
While I understand that the OAuth page is meant for all uses of the Github SSO, and the text is likely boilerplate, it's slightly inaccurate (and a potential security scare for eagle-eyed users) to suggest that the Github app isn't from Github.
Version
GitHub Desktop version: 1.0.6
OS version: Mac OS X 10.12
Steps to Reproduce
- Open Desktop App for first time
- Auth via browser
- Tada!
Reproduces how often: 100%
Additional Information
sbonami
All 3 comments
Hi @sbonami, thanks for opening this.
While unfortunate and confusing this is currently expected behavior as the logic which determines what is classified as an app owned or operated by GitHub is based on the organization which published the application. In GitHub Desktop's case, being an open-source application, that organization is 'desktop'. The same goes for applications such as Atom.
niik
on 3 Nov 2017
Thanks for responding so quickly @niik. I figured as much!
sbonami
on 3 Nov 2017
Ran into the same and thought it's some kind of compromised build trying to get access to my repos. Spent some time doube-triple-quadruple-checking what's going on.
While I understand the canonical rationale, I thing from experience point of view you might be able to make some kind of internal alias for that, since, the desktop org is truly "owned or operated by GitHub", because… well… it is:)
janbrasna
on 21 Dec 2017
Related issues
griestopf
·
3Comments
shiftkey
·
3Comments
varkor
·
3Comments
AgbajeMike
·
3Comments
beruic
·
3Comments
Most helpful comment
Ran into the same and thought it's some kind of compromised build trying to get access to my repos. Spent some time doube-triple-quadruple-checking what's going on.
While I understand the canonical rationale, I thing from experience point of view you might be able to make some kind of internal alias for that, since, the
desktoporg is truly "owned or operated by GitHub", because… well… it is:)