1

New Research Report - Exploring the 2024 State of Software Quality

Group 370
2

Codacy Product Showcase October 8th - Sign Up to Learn About Platform Updates

Group 370
3

Join us at Manchester Tech Festival on October 30th

Group 370

Introducing GitHub Apps for improved user access control

In this article:
Subscribe to our blog:

We are very excited to announce our recent migration to GitHub Apps to improve the experience of GitHub Cloud users. Now, you have better control over the level of access granted to Codacy to your GitHub organizations and repositories. The migration also provides a set-up to add additional functionalities, available exclusively to GitHub Apps users, to Codacy in the future.

GitHub Apps Vs. OAuth Apps integration

GitHub officially recognizes GitHub Apps as the preferred way of building products that work with its repositories. It offers many advantages over pure OAuth-based sign-in, previously used by Codacy. 

OAuth-Based integration

With OAuth-based integration, you must grant Codacy access to everything in your GitHub account. It lacks the ability to exclude Codacy from repositories or organizations that you do not want to use (or would not use) with Codacy’s static analysis tool. 

GitHub Apps integration

However, with GitHub Apps’ targeted permissions, you may allow access to only what is needed, rather than everything your account has access to. Unlike OAuth Apps, you can choose to grant access to specific accounts, organizations and repositories. Also, you can always grant additional access to Codacy later —  it does not need to be upon initial signup. 

This new feature is particularly exciting for those who want to only grant Codacy access to specific GitHub organizations or repositories.

What does the migration mean for Codacy users?

As mentioned, users can now effectively manage Codacy’s access to organizations and repositories on their GitHub account. Upon initial use, be prepared for the following steps related to account permissions:

Initial Sign In

GitHub Cloud users are prompted to use GitHub Apps when they first authenticate with Codacy. 

Upon accessing Codacy, users undertake steps to reflect the change in permissions. These include:

  1. Sign out then sign back in to Codacy 
  2. Select the desired account to install Codacy
  3. Adjust repositories
  4. Accept permissions 

This permissions process applies to both app installation for individual Codacy accounts and admin installations for organizations.

For additional information on permissions, including details related to repositories, users, organizations and email addresses, please see our support documentation

Also, please note, existing integrations will continue to work for users.

Future

The Apps migration also unlocks our ability to access new APIs available almost exclusively to GitHub Apps users.

For Codacy, this includes GitHub Checks, which we are very excited to integrate. For more information on our planned implementation of Checks, please check out the feature on our product roadmap.  

References and documentation 

In addition to the support documentation above, we offer additional reference material regarding the Apps migration. This includes the announcement and troubleshooting articles from the Codacy team:

If you haven’t yet given it a try yet, sign in to Codacy and start using GitHub Cloud with new Apps integration. 

RELATED
BLOG POSTS

Introducing GitHub sync for seamless user management
Announcing GitHub Sync: synced organizations for GitHub We are thrilled to announce “GitHub Sync” — automatic user and repository syncing with GitHub...
7 tools for code review engineers (GitHub edition)
Code reviews are a fundamental part of the software development lifecycle, allowing you to identify bugs early. If you perform code reviews best...
GitHub Marketplace: the perfect fuel for growth
For us, a “shortcut” to Codacy’s success turned out to be GitHub Marketplace.

Automate code
reviews on your commits and pull request

Group 13