在为 Github.com 授权 CodeCov.io 时如何限制允许访问的组织?

How to limit which organizations to allow access for when oauth'ing CodeCov.io for Github.com?

我有一个属于 https://codecov.io/. The code coverage reports are available at https://codecov.io/gh/myorganization/our-repository 组织设置的私有存储库。但是,当我单击最后一个 link 时,我得到了这个:

尽管我组织中的其他人能够查看报告。好吧,我点击 "Add private scope" 继续并遇到了这个:

底部是我在 GitHub 上加入的三个组织。我的问题是我只想让 codecov 访问其中一个。 是否可以 "uncheck" 其他人,并且只向单个组织授予 codecov 访问权限? 我试过单击绿色复选标记。那只是带我到 this page.

我通过电子邮件向 GitHub 询问了此事,并得到了回复:

It is not currently possible to lock down a Personal Access Token, or an OAuth token generated by an OAuth application, to only have access to specific repositories. When a token is generated with the repo scope, that token grants access to all the repositories, public and private, that the corresponding user has access to.

However, I did want to mention GitHub Apps as a possible option. GitHub Apps offers more detailed control over what repositories the 3rd party application has access to.

因此无法限制 codecov.io 可以访问哪些组织。