Description
What’s missing?
An app can only subscribe to events based on the permissions it requested. For example, an app will not receive push events if it does not at least have read access for the contents permission.
I am not sure if that relation is documented anywhere though. What we could do is maintain this list manually. When creating / updating a GitHub App registration, the events show up at the bottom of the Options page when enabling / disabling permissions. We could write a script that we can just run in the browser to toggle the permissions one-by-one and read out the events that are displayed. Then at the end spit out a JSON object that we can paste back into our code base.
Why?
See probot/probot#1317. We could validate the app.yml file locally, without relying on GitHub's server response, and provide a error message / user experience.
Alternatives you tried
Activity