Github permissions and organizations


#1

Hi,

One organization I am part of has private repositories integrated with CircleCI.
When I go to sign up, there is this message that CircleCI would like additional permissions to:

“”"
Repositories
Public and private
This application will be able to read and write all public and private repository data. This includes the following:
Code
Issues
etc…
“”

All my organizations are listed with a green checkbox.

Question 1: Does that imply the other unrelated organizations have already agreed to integrate with CircleCI? Or I am going to be causing that integration to occur now by proceeding.

Question 2: Can I pick and choose which organizations are affected?

Question 3: In order for CircleCI to operate effectively, does it really need to be able “write Code” in private repositories? When it comes to items such as “Webhooks and services”, that makes a bit more sense. Is CircleCI modifying code in the repositories?

Thanks,
Sam


#2

Circle has never written any changes to my BitBucket repos, and I’ve been using them for 6+ months. I suspect the granularity of these permissions is because GitHub doesn’t offer sufficiently fine-grained permissions. Maybe it needs write access to Issues to be able to paste CI reports?

If you are worried about the destruction or modification of code, you could get yourself a “backup repo” that Circle does not have access to, set up a second remote in your Git repo(s), and push to your backup (additionally) when you wish.


#3

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.