You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: PRIVACY.md
+21-11Lines changed: 21 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,19 +2,24 @@
2
2
3
3
## DevHub
4
4
5
+
5
6
### Personal user information
6
-
This app requires GitHub authentication.<br/>
7
-
DevHub requests access to the user's profile data, e-mail and notifications.
7
+
DevHub requires a basic GitHub OAuth authentication.<br/>
8
+
DevHub requests access to the user's profile, e-mail and public notifications.
8
9
9
-
We might contact you via e-mail (rarely) to share things like big updates or important announcements, with the option to unsubscribe any time.
10
10
11
-
### Repository and org access
12
-
You have the option to install DevHub's GitHub App in some specific orgs and repositories.
13
-
This is required to enable access to activities from private repositories.
11
+
### Personal Access Token (PAT)
12
+
You have the option to add a PAT to have access to private repositories.
13
+
The token created will be stored locally and will never be sent to DevHub or any server other than GitHub.
14
+
DevHub servers will not have access to this token nor the resources it allows access to.
14
15
15
-
DevHub will have access to issues, pull requests, comments, labels, assignees, milestones, merges, collaborators and some other metadata (e.g. repository name).
16
+
### GitHub App permissions
17
+
You have the option to install DevHub's GitHub App in some specific repositories.
18
+
This is one of the ways to enable access to private repositories.
19
+
The main difference from PAT is that PATs quietly give access to all repositories while GitHub Apps are opt-in per repository and may require admin approval.
16
20
17
-
DevHub does not have access to any code from any repository.
21
+
DevHub will have access to issues, pull requests, comments, labels, assignees, milestones, merges, collaborators and some other metadata (e.g. repository name).
22
+
The token may or may not include access to code to be able to return some types of activities, like commits. For that reason, we currently recommend using PAT instead, which is local-only (safer).
18
23
19
24
20
25
### Diagnostics information
@@ -24,17 +29,22 @@ No personal information is ever sent to third parties, only an anonymous id. Ser
24
29
25
30
### Security & Limited Liability
26
31
27
-
DevHub follows good practices of security, but 100% security can't be granted in software. DevHub is provided as is without any warranty. Use at your own risk.
32
+
DevHub follows good practices of security, but 100% security can't be granted in software.
33
+
DevHub is provided as is without any warranty. Use at your own risk.
28
34
29
35
Client-side communication is encrypted using HTTPS. Server-side tokens are encrypted or behind environment variables.
30
-
31
36
We recommend being extra careful with which browser extensions you have installed to avoid token exposure to third parties.
32
37
33
38
39
+
### Marketing
40
+
41
+
We might contact you (very rarely) via e-mail to share things like big updates or important announcements, with the option to unsubscribe any time.
42
+
43
+
34
44
### Support
35
45
Feel free to open an issue or contact us via e-mail ([support@devhubapp.com](mailto:support@devhubapp.com)).<br/>
36
46
If you find any bug, please contribute by opening an issue or sending a pull request with the fix.
0 commit comments