Error: You do not have permission to view repository collaborators

[peter-evans]

This error has just started happening, probably due to a change with GitHub's API. I'm investigating.

Status:

• Created a GitHub support ticket to confirm if this change is intentional or if it's a bug.
• Tried a test PAT with all possible scopes and it still fails. So the change that GitHub have made doesn't seem to be related to scopes.
• After some testing the change seems to be related to what actions repository collaborators are allowed to do. Previously a repository collaborator could view other collaborators and their permission levels. This now seems to be forbidden.

[peter-evans]

I haven't heard from GitHub yet, but I'm starting to suspect that this change was intentional. I've created a fix for what I believe is the issue.

Please try this version as a workaround until I can confirm the situation and fix the main version. If you try this, please subscribe to this issue for updates.

        uses: peter-evans/slash-command-dispatch@permissions

[clxmstaab]

with the workaround it seem to work for me. thx for the fast fix

[giorio94]

Thanks @peter-evans for this great action and the quick fix. Just tested the workaround in our repo and it worked perfectly.

[palexster]

Thanks for the fix @peter-evans ! It worked fine.

[peter-evans]

I heard back from GitHub support. The change was intentional, but they have now rolled the change back. I'm waiting to hear if this rollback is temporary, or if they have made a decision to keep the original behaviour of the API.

The main version of the action now works fine, but I will keep the @permissions version available for a while until this is fully resolved.

Regardless of whether the rollback is temporary or not, I'm thinking of making a change to the action regarding use of tokens for different purposes. I'll share further updates about that here.

[stefanteixeira]

@peter-evans seems that they reverted the changes today, hence @permissions version stopped working 🤔

I've changed our workflows back to @v2 and it works again.

[peter-evans]

The @permissions version should work regardless. Unless GitHub have made further changes that affect the workaround. 🤔
Are you restricting the permissions that the default GITHUB_TOKEN has in your workflow? The workaround uses the default token. Anyway, feel free to revert back to v2 for now.

I'm still waiting for further information from GitHub. It sounds like the engineering team are deliberating about what access to allow the particular API the action uses.

[stefanteixeira]

@peter-evans no, we even use a PAT for slash commands 🤔
Something definitely was changed on GItHub today, because yesterday was working fine and today we started having this silent issue:

Run peter-evans/slash-command-dispatch@permissions
Using configuration from yaml inputs.
Command 'happo' is not configured for the user's permission level 'none'.

[peter-evans]

@stefanteixeira I think this issue is the same thing you experienced.

[clxmstaab]

any news? the error is rather frustrating :-)

[peter-evans]

@clxmstaab The change that caused this error was rolled back by GitHub. Are you seeing Error: You do not have permission to view repository collaborators again?

Or perhaps you are referring to this error? That one was a different change made by GitHub which I think is still live and hasn't been rolled back.

The ticket I have with GitHub to clarify the behaviour of the API is still open but I've not heard back from them yet. I will chase up.

[clxmstaab]

@peter-evans thx for the hint. I think you are right, our problem is #128

[JCMais]

I just had the same error in a private repository where the permissions are managed through teams. I have not tested the @permissions version yet.

Update: Using the workaround version did not work, as now I am receiving this error:

Using configuration from yaml inputs.
Command 'deploy' to be dispatched.
Error: Not Found

I do have a repository_dispatch with type set to deploy-command

[kritzware]

We're also getting the not configured for the user's permission level 'none' in both the base branch and @permissions branch.

[peter-evans]

The @permissions branch was created as a workaround for an issue that GitHub have now rolled-back. If you are using the @permissions branch, please switch back to v2 for now, because the issue no longer exists.

I'm going to close this issue now so there is no confusion. The issue that still remains is this one: #128

[nishantrepozitory]

It it is working on one of my repository, but in some another repository it is throwing this error. Both are under the same organisation. I am collaborator with Admin Role in both. Is there any repository setting which I need to Change or something else?