Codegrip allows the user to connect their public and private repositories of GitHub with appropriate authorizations. Users need not compromise on the security and secrecy of their projects. Unless the users authorize “teamCodegrip” to access the required information, Codegrip will not be reading any data of the user’s Source Code.
Steps for adding Public repositories from GitHub:
- On the log-in page, there is a button that the user can use to log-in to the GitHub source control.
- This button will redirect the user to the log-in page of GitHub where the user should log-in using his credentials.
- On the first successful log-in, the user should grant read-only access to the following information to Codegrip.
| User email addresses | Codegrip will have read-only access to user email |
Organization webhooks (Admin access) | Codegrip will have full access to organization webhooks (no direct code access). |
| Repositories (Public repositories)
| Codegrip will be able to read and write all public repository data. This includes the following:
|
| Organizations and teams | Codegrip will be able to read users organization, team membership, and private project boards. |
- Finally, authorize Codegrip with all the required access by entering the password will then redirect the user to “https://app.Codegrip.tech/add-repository”.
(Note: Above authorization will only allow the Codegrip to access the content of public repositories. If the user wants to assess his private repositories, Codegrip will need additional access as stated below. If the user doesn’t want to provide the said access he will have to make the repositories “Public” to be assessed and analyzed by Codegrip.)
Steps for adding Private repositories from GitHub:
- Users will be able to add the private repositories only after finishing up all the above steps for logging in.
- Once the user has successfully connected GitHub to Codegrip, Under the Add Repositories→GitHub.
- User has an option to add Private repositories.
- On clicking the “View Private Projects” button, the user should grant read-only access to the following information to Codegrip.
Public SSH keys (Admin access) | Codegrip will have full access to your public SSH keys. Public keys provide SSH access to repository content. |
Repository webhooks and services (Admin access) | Codegrip will have full access to repository webhooks and services (no direct code access). |
| Repositories (Public and private) | This application will be able to read and write all public and private repository data. This includes the following:
|
