Security and permissions
GitHub permissions
We require some permissions from oyur organization's GitHub repositories in order to generate development metrics and send code review comments as well as relevant alerts to the corresponding PR channel (such as new commits, review approvals, workflow run results, etc.). Understand why and how we use these OAuth scopes below:
Application scopes
Repository and Organization scopes
| Scope | Permission | Reason |
|---|---|---|
| Actions | Read | Check workflow results to update the PR channel's associated bookmark. |
| Administration | Read | Obtain GitHub teams to easily import them as Squads for Pullpo - Insights. |
| Contents | Read | Obtain the diff contents of a PR to generate an AI Review and Sumary of the changes in English. Deactivating this feature will prevent Pullpo from accesssing your code. |
| Dependabot alerts | Read | Send relevant alerts through the corresponding PR channel in Slack. |
| Discussions | Read & Write | Synchronize messages with the correspondig PR channel in Slack. |
| Issues | Read & Write | Synchronize messages with the correspondig PR channel in Slack. |
| Pull requests | Read | Send relevant alerts related to the pull request to the corresponing PR channel. |
| Members | Read | Obtain organization members so that they can be linked to Slack users. |
| Team discussions | Read & Write | Synchronize messages with the correspondig PR channel in Slack. |
| Email addresses | Read | Pullpo user creation. |
Events
| Subscriptions | Reason |
|---|---|
| Meta | Detect when Pullpo is deleted from an organization. |
| Discussion comment | Synchronize a new message with the correspondig PR channel in Slack. |
| Dependabot alert | Send relevant alerts through the corresponding PR channel in Slack. |
| Issue comment | Synchronize a new message with the correspondig PR channel in Slack. |
| Organization | Detect when a new member enters the organization so that it can be linked to a Slack user. |
| Pull request | Create a PR channel when a new pull request is opened and archive them when it's merged or closed. |
| Pull request review | Send a review approved alert through the corresponding PR channel in Slack. |
| Pull request review comment | Synchronize a new code-related message with the correspondig PR channel in Slack. |
| Pull request review thread | Send responses to code-review threads on the corresponding PR channel in Slack. |
| Workflow run | Send workflow results through the corresponding PR channel in Slack. |