Please see this Issue as an example: buhtz/hyperorg#124
I was not notified via email about the modification of the "dependency" in this Issue. I am the owner of the repo and I am the opener of that Issue, so I am subscribed.
The person (@l-x) set this dependency don't have any permissons on my repo or my team. Why is she/he able to do something like this? Of course if my Issue is a dependency on some of his/her own repos Issues I have no problem. But this connection shouldn't be bidirectional. Persons other then repo owners should be able to modify dependencies.
No one was harmed. I just try to understand.
### Comment
Please see this Issue as an example: https://codeberg.org/buhtz/hyperorg/issues/124
1.
I was not notified via email about the modification of the "dependency" in this Issue. I am the owner of the repo and I am the opener of that Issue, so I am subscribed.
2.
The person (@l-x) set this dependency don't have any permissons on my repo or my team. Why is she/he able to do something like this? Of course if my Issue is a dependency on some of his/her own repos Issues I have no problem. But this connection shouldn't be bidirectional. Persons other then repo owners should be able to modify dependencies.
No one was harmed. I just try to understand.