LabelCollaboratorRoster returns the IFC label for a repository's collaborator list (list_repository_collaborators). Integrity is trusted: the roster is GitHub-maintained membership data, not attacker-authored content. Confidentiality is always private. Listing collaborators requires push access to
()
| 201 | // for public repositories. This mirrors LabelTeam: membership data is |
| 202 | // restricted regardless of the repository's own visibility. |
| 203 | func LabelCollaboratorRoster() SecurityLabel { |
| 204 | return PrivateTrusted() |
| 205 | } |
| 206 | |
| 207 | // LabelCommitContents returns the IFC label for committed repository content |
| 208 | // reachable from the default branch and its history: commits, commit diffs, |