CircleCI Ideas

Granular scopes for GitHub

We would like to see CircleCI use the newer GitHub API to lessen the privileges needed for integration.

I see that when linking GitHub with CircleCI you still require write access to pretty much everything in my GitHub account.

I know, that in the past this was do to a limitation of GitHub OAuth scopes, but now that they have GitHub Apps which allows more granular permission, I would appreciate if I could specify a lower privileged access so that CircleCI cannot arbitrarily modify code in GitHub.

New API should allow much more granular access so that by default you don’t get write access. I see this as a real differentiator when picking the most secure CI SAAS.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Nov 20 2017
  • Taking votes
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    29 Mar 16:21
    Yes, please! We would like to use CircleCI but I'm not giving you write-permission to everything I have on GitHub. I don't think CircleCI is malicious, but mistakes happen and I don't see any reason for you to have write-permission in the first place.
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    19 Apr 09:52

    For what it's worth Travis CI has this already

  • Admin
    George Reyes commented
    30 Apr 17:10

    Thank you for all of your feedback. We definitely understand the value that this would give to our customers by adding this. However, supporting granular scopes is a big change for our system and requires significant engineering effort that we are not prioritising right now

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    28 May 16:49

    This issue has come up for us as well. You can find the detailed conversation here:

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    31 Jul 06:14

    I would like to use CircleCI, but I will never ever ever use the service if my only option is to always give you access to ALL repos attached to my GitHub account or all repos belonging to an organization. This is a massive security and privacy risk. I will go create a TravisCI account specifically because they support this feature.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    19 Aug 08:28

    This needs a higher priority. For customers with privacy and security in mind, it's extremely necessary that the permissions are granular. 

    I understand there's no "prioritising right now" because of other features, but you are actually losing  and hurting customers by not adding it.