hubot-heroku - npm Package Compare versions

Comparing version 0.1.14 to 0.1.15

package.json

 {
   "name": "hubot-heroku",
-  "version": "0.1.14",
+  "version": "0.1.15",
   "description": "Run heroku commands via hubot without direct access to Heroku",
   "main": "index.js",
   "scripts": {
-    "test": "node_modules/.bin/mocha"
+    "test": "HUBOT_HEROKU_USE_AUTH=true node_modules/.bin/mocha"
   },
@@ -35,2 +35,3 @@ "repository": {
     "hubot": "^2.9.3",
+    "hubot-auth": "^1.2.0",
     "hubot-scripts": "^2.5.16",
@@ -37,0 +38,0 @@ "hubot-test-helper": "0.0.2",

README.md

@@ -26,2 +26,12 @@ hubot-heroku
 
+## Auth
+You can restrict command usage to specific roles using the [hubot-auth](https://github.com/hubot-scripts/hubot-auth) package. Role names take the form `heroku-<app>`.
+
+To enable auth:
+
+1. `npm install hubot-auth --save`
+2. Add `hubot-auth` to `external-scripts.json` (e.g. `["hubot-auth", "some-other-plugin"]`)
+3. Set `HUBOT_HEROKU_USE_AUTH` to `true`.
+4. Assign roles: `hubot <user> has heroku-<app> role`
+
 ## Security
@@ -35,2 +45,4 @@ You can set config variables using this. Hence the Heroku API key used should not have access to your hubot instance on Heroku. For example:
 
+You can also avoid this if you are using auth as described above, in which case you can ensure only admins have the role necessary to set config variables on the hubot instance.
+
 ## Installation
@@ -37,0 +49,0 @@ 1. `npm install hubot-heroku --save`

No alert changes

Improved metrics

Total package byte prevSize

32624

increased by12.24%

Number of lines in readme file

109

increased by12.37%

Worsened metrics

Dev dependency count

9

increased by12.5%

No dependency changes