Show HN: Shrink, a free menu bar app for your GitHub issues
shrink.alasdairmonk.comBeware, granting access to this app (or others like it) will mean it will have access to everything including your private repos' source code. This is pretty bad. If you are going to use this to access your company/startup repo, you should probably get approval from your lead or manager before installing it.
Unfortunately, Github, for all it's security efforts, still does not offer token permissions to be limited to "Issues" only. It's all or nothing when it comes to repos. Github's own native client/app doesn't have issue tracking either. This means there are lots of people installing these kind of apps for issue tracking and inevitably the security is as good as the weakest link in this chain. I wish someone at Github could remedy this.
IssuePost http://issuepostapp.com/ is a similar app. However, the developer has revoked the app for similar reasons.
> Issuepost is unavailable at the moment. Unfortunately, GitHub's OAuth API authorizes access to the entirety of users' private repos, and does not allow you to only request access to read/write issues. As a result, I have decided to pull the app from the App Store until I can find a better way to make the app more secure.
I tried hailing a random security Githubber or two on Twitter about the lack of an issues-only oauth scope; no response.
I can only conclude they're holding it back deliberately, since it seems both a glaring omission and simple fix. GitHub, prove me wrong..
Ahh, that's disappointing. I guess for now I'll just stick with https://github.com/stephencelis/ghi.
One thing that I discovered after seeing that Shrink lists "Subscribed" issues is that ghi has an option '-f' which lets you filter by 'all', 'assigned', 'created', 'mentioned', or 'subscribed', which is all I need for my purposes.
Well, you can at least limit it to only seeing your public repos and not the private ones[0]. Of course, that doesn't negate the fact that should the developer have coded the app to modify your code, you can't do anything to stop them.
There appears to be no way to quit the app & get it out of your menubar without resorting to `kill`. That's annoying and lazy.
I don't know if it's lazy, but it's certainly annoying.
What are your experiences using Github issues?
I can only imagine so given that tools like this exist, and that Github continue to maintain Issues that people like it, but I personally don't love them. I honestly cannot put my finger on what I don't like but i've never been able to stick to it. In /real life/ I am using Jira or Redmine on a regular basis, maybe I'm just broken from their heavy and complex UI's.
That's exactly what I need. I would probably pay for something crafted well that does this.
This is great, allow users to create issues for a repo too and I'd use this everyday!
How does it compare to Trailer [0]?
Really nice work -- Is this opensource? I want to build a similar menubar application and would love to know how!
It doesn't appear to be open source since it's not on the authors Github. However if you're looking for a menubar app example with custom views, here is one: https://github.com/phranck/CCNStatusItem. The example in that repo is what was used for this app (presumably, since the binary in the package shows as CCNStatusItem)
I saw you got two responses, one with a custom view and one with the standard OSX implementation. So I'll throw in another one of the old standard one, that I made: https://github.com/jontelang/WakaLet
I wrote a Github menu bar app for pull requests. Code is here: https://github.com/aleffert/PullRequestMenu
This looks really useful. Thanks for sharing
There was a missed opportunity to name the app 'Shirk', though
Anyone know of something (remotely) like this for (self-hosted) GitLab?