GitHub Permissions
GitHub apps like Crocodile request permissions when they are installed. These permissions control what resources in your GitHub account the app can access and how they can be accessed (read vs. write).
The table below describes what permissions Crocodile requests and how they are used.
| Permission | Access | Why this is needed |
|---|---|---|
| Contents / Code | Read and write |
Crocodile needs read access to code so that it can display code diffs in reviews. Write access is also needed due to a quirk in the GitHub API where it is required to resolve comment threads via the GitHub API. This is the only reason write access is needed. Crocodile never modifies your code. |
| Issues | Read and write |
Crocodile does not access normal issues. However, in GitHub pull requests are issues. Crocodile needs read and write access so that it can synchronize comments in a pull request's conversation tab to and from GitHub. |
| Pull requests | Read and write |
Crocodile needs read and write access so that it can create reviews from pull requests and synchronize line comments to and from GitHub. |
| Membership | Read |
Crocodile uses read access to verify that users have access to the GitHub repo before allowing them to view reviews in Crocodile. |
| Metadata | Read |
This is required by GitHub and cannot be removed. |