LabelRepoUserContent returns the IFC label for user-authored content scoped to a repository when that tool has not opted into a more specific integrity policy. Public repository content is untrusted because it may be authored by outside contributors. Private repository content is trusted because use
(isPrivate bool)
| 91 | // outside contributors. Private repository content is trusted because users who |
| 92 | // can read it are trusted collaborators. |
| 93 | func LabelRepoUserContent(isPrivate bool) SecurityLabel { |
| 94 | if isPrivate { |
| 95 | return PrivateTrusted() |
| 96 | } |
| 97 | return PublicUntrusted() |
| 98 | } |
| 99 | |
| 100 | // LabelGetFileContents returns the IFC label for a get_file_contents result. |
| 101 | // Public repository file contents may be authored by anyone via pull requests |