Security
      Back to home
      1. Help Center
      2. Security

      Data Access

      What data do we access?

      GitHub integration

      The GitHub integration is implemented as a Marketplace App. You can configure which repositories it has access to.

      In the selected repositories, the app can access:

      • checks (read-only)

      • Git contents (read-only)

      • deployments (read-only)

      • issues (read-only)

      • repository metadata (read-only)

      • projects (read-only)

      • commit statuses (read-only)

      • pull requests (read-write) – currently to be able to comment pull requests

      In the organizational level the app has read-only access to organization members, teams, and blocked users.

      From each authenticated user, the app gets read-only access to their email.

      We subscribe to webhooks related to most of these same events.

      We request a permission to access source code, but we never store it. For each commit, we store the size of the change per file. This allows us to estimate the complexity of the change, and also to ignore changes to automatically generated files (such as package-lock.json or Gemfile.lock). The source code is processed in an isolated codebase.

      Jira integration

      The Jira integration is implemented as an Atlassian Connect application. The scope of the integration is:

      • Read (issues, comments and projects)

      • Write (but not delete) – used for creating webhooks

      • Read user names and emails

      Linear integration

      For the Linear integration we request the following data access scope:

      • User emails and names

      • Teams

      • Projects

      • Issues

      • Comments

      Slack integration

      The Slack integration is implemented as a Slack marketplace application. The scope we request is:

      • channels:join – join public channels

      • channels:read – view basic information about public channels

      • chat:write – send messages as @swarmia

      • groups:read – view basic information about private channels that @swarmia has been added to

      • incoming-webhook – post messages to specific channels on Slack

      • users:read – view people in a workspace

      • users:read.email – view email addresses of people in a workspace

      On behalf of individual users who connect Slack notifications, we request an identity.basic permission.