Security
      Back to home
      1. Help Center
      2. Getting Started
      3. Security

      Data access

      What data do we access?

      GitHub integration

      The GitHub integration is implemented as a Marketplace App. You can configure which repositories it has access to.

      In the selected repositories, the app can access:

      • checks (read-only)

      • Git contents (read-only)

      • deployments (read-only)

      • issues (read-only)

      • repository metadata (read-only)

      • repository administration (read-only) Added: Dec 9, 2022

        • Used to read the repository's branch protection rules

      • projects (read-only)

      • commit statuses (read-only)

      • pull requests (read-write)

        • Used to be able to comment on pull requests

      At the organizational level, the app has read-only access to organization members, teams, and blocked users.

      From each authenticated user, the app gets read-only access to their email.

      We subscribe to webhooks related to most of these same events.

      We request permission to access source code, but we never store it. For each commit, we store the size of the change per file. This allows us to estimate the complexity of the change, and also to ignore changes to automatically generated files (such as package-lock.json or Gemfile.lock). The source code is processed in an isolated codebase.

       

      image (4)

      At the user level, the Swarmia app requests permission to Act on your behalf. Swarmia uses this permission to reply to comments and post emoji reactions to GitHub as the user via our Slack bot.

       

      Jira integration

      The Jira integration is implemented as an Atlassian Connect application. The scope of the integration is:

      • Read (issues, comments, and projects)

      • Write (but not delete) – used for creating webhooks

      • Read user names and emails

      Linear integration

      For the Linear integration we request the following data access scope:

      • User emails and names

      • Teams

      • Projects

      • Issues

      • Comments

      Slack integration

      The Slack integration is implemented as a Slack marketplace application. The scope we request is:

      • channels:join – join public channels

      • channels:read – view basic information about public channels

      • chat:write – send messages as @swarmia

      • groups:read – view basic information about private channels that @swarmia has been added to

      • incoming-webhook – post messages to specific channels on Slack

      • users:read – view people in a workspace

      • users:read.email – view email addresses of people in a workspace

      On behalf of individual users who connect Slack notifications, we request an identity.basic permission.