VersionEye refactored the usage of GitHub API scopes

Did you know that VersionEye provides login with your GitHub account? Initially we implemented the GitHub login with the “repo” scope. This implies that VersionEye obtains access privileges (reading and writing) to ALL your repositories, even your private ones. You may ask yourself, why does VersionEye need access privileges to my private repositories? The answer is simple: VersionEye doesn’t need writing authorization. We will never touch your source code. Promise! Unfortunately GitHub API currently doesn’t provide a “read-only” scope. But we were talking to the GitHub guys at the GitMerge Conference in Berlin and they told us that more scopes for the GitHub API are in progress.

You may be also interested to know, why VersionEye even needs read access to your private repositories? Well, there is no way around it, if you want us to monitor your private repositories.

Many people complained about this scope. So, we did some refactoring, since VersionEye likes to help. If you’ve ever tried to login via GitHub, you know that VersionEye only asks for read access to your public repositories.

ImageGood to know: VersionEye will only convey your public repositories, when you create a new project.

ImageBut you’ll be able to grand VersionEye access to your private repositories retrospectively, if you want us to monitor those. Just click the link “Grand access to private repositories” on the GitHub tab and you’re going to see this:

ImageAnd keep in mind, VersionEye will never change your repositories! All we do is reading and monitoring your private repositories.

Click on the “Connect” link in the preference window, to see your connections to other social networks. Here you can also see the GitHub API scope that we have set for your account.

ImageUse the “disconnect” link anytime and your GitHub token in the VersionEye database will be deleted.

2 thoughts on “VersionEye refactored the usage of GitHub API scopes

  1. I typically use the URL of the pom.xml BLOB. That way I can specify a branch, I can link to all public repos without any authentication and I can even track other projects dependencies.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s