GitHub Permissions

GitHub apps like Crocodile request permissions when they are installed. These permissions control what resources in your GitHub account the app can access and how they can be accessed (read vs. write).

The table below describes what permissions Crocodile requests and how they are used.

Permission Access Why this is needed
Contents / Code Read and write

Crocodile needs read access to code so that it can display code diffs in reviews.

Write access is also needed due to a quirk in the GitHub API where it is required to resolve comment threads via the GitHub API. This is the only reason write access is needed. Crocodile never modifies your code.

Issues Read and write

Crocodile does not access normal issues. However, in GitHub pull requests are issues. Crocodile needs read and write access so that it can synchronize comments in a pull request's conversation tab to and from GitHub.

Pull requests Read and write

Crocodile needs read and write access so that it can create reviews from pull requests and synchronize line comments to and from GitHub.

Membership Read

Crocodile uses read access to verify that users have access to the GitHub repo before allowing them to view reviews in Crocodile.

Metadata Read

This is required by GitHub and cannot be removed.