Skip to content

Avoid unadvertised OAuth identity scopes#1426

Merged
RhysSullivan merged 1 commit into
mainfrom
rs/figma-oauth-identity-scopes
Jul 16, 2026
Merged

Avoid unadvertised OAuth identity scopes#1426
RhysSullivan merged 1 commit into
mainfrom
rs/figma-oauth-identity-scopes

Conversation

@RhysSullivan

Copy link
Copy Markdown
Collaborator

OpenAPI-derived OAuth methods now request only scopes advertised by the provider or configured explicitly. This prevents plain OAuth providers from receiving synthesized OpenID Connect identity scopes.

Validated with the OpenAPI test suite, repository typecheck, lint, and formatting checks.

@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
executor-marketing ddd8425 Commit Preview URL

Branch Preview URL
Jul 16 2026, 10:46 PM

@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs
executor-cloud ddd8425 Jul 16 2026, 10:47 PM

@pkg-pr-new

pkg-pr-new Bot commented Jul 16, 2026

Copy link
Copy Markdown

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@1426

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@1426

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@1426

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@1426

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@1426

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@1426

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@1426

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@1426

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@1426

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@1426

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@1426

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@1426

executor

npm i https://pkg.pr.new/executor@1426

commit: ddd8425

@RhysSullivan
RhysSullivan marked this pull request as ready for review July 16, 2026 23:17
@RhysSullivan
RhysSullivan merged commit 171de20 into main Jul 16, 2026
32 of 36 checks passed
@RhysSullivan
RhysSullivan deleted the rs/figma-oauth-identity-scopes branch July 16, 2026 23:18
@RhysSullivan RhysSullivan mentioned this pull request Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant