GitHub Integration
The GitHub integration connects your repositories to the platform through a GitHub App. It handles authentication, repository discovery, and webhook delivery so the platform can clone code, run scans, and deliver remediation pull requests on your behalf.
One-click setup
The GitHub integration is automatically added when you first sign in with GitHub. No manual configuration is required - the platform installs the GitHub App on your account or organization and starts syncing repository metadata immediately.
If you need to connect additional GitHub organizations or reinstall the integration later, you can do so from the Integrations page in the dashboard with a single click.
Permissions
The GitHub App requests the minimum permissions needed to operate. The platform only requires write access for creating remediation pull requests - all other access is read-only.
Repository permissions
Contents
Repository contents, commits, branches, downloads, releases, and merges.
Metadata
Search repositories, list collaborators, and access repository metadata.
Pull requests
Create and manage pull requests for automated remediation of security vulnerabilities.
Account permissions
Email addresses
View a user's email addresses for identity and notification purposes.
Events
The integration subscribes to repository events so the platform stays in sync with your GitHub organization. When a repository is created, deleted, archived, unarchived, made public, made private, renamed, or transferred, the platform updates its internal inventory automatically.
This means new repositories appear in the dashboard without any manual action, and removed or renamed repositories are reflected immediately.