Skip to content

Commit b7ec629

Browse files
ian-oneleetian-oneleet
committed
Split GitHub integration into Cloud Security and Code Security; document permissions update for Code Security
1 parent db7c143 commit b7ec629

File tree

2 files changed

+49
-9
lines changed

2 files changed

+49
-9
lines changed

pages/integrations/github-code-security.mdx

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
---
2+
title: GitHub (Code Security)
3+
---
4+
5+
# GitHub
6+
7+
This integration supports Code Security scanning for GitHub. For other GitHub integration features, use the **GitHub (Cloud Security)** integration.
8+
9+
## Setup
10+
11+
To setup the GitHub (Code Security) integration, navigate to the **Integrations > Add integration > GitHub (Code Security)** and click **Continue**.
12+
13+
### Which permissions does Oneleet require?
14+
15+
Oneleet Code Security currently requires the following permissions on GitHub:
16+
17+
- Repository metadata (read)
18+
- Repository contents (read)
19+
- Repository checks (read and write)
20+
- Repository pull requests (read and write)
21+
22+
## Updates
23+
24+
### 2025-10-14
25+
26+
#### What's changing?
27+
28+
We’ll soon be adding support for running Oneleet Code Security scanning as a continuous integration check on your GitHub pull requests, so you can find and remediate security issues before they're even introduced.
29+
30+
As part of this change, you should have received a message from GitHub to review and accept the following new permissions for the **Oneleet Code Security** app:
31+
32+
- Read and write access to **Checks** on repositories
33+
- Read and write access to **Pull requests** on repositories
34+
35+
Once you've accepted the new permissions, you should be ready to go for pull request scanning. We'll have more to share about this feature very soon!

pages/integrations/github.mdx

Lines changed: 14 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,30 +1,35 @@
11
---
2-
title: GitHub
2+
title: GitHub (Cloud Security)
33
---
44

5-
# GitHub
5+
# GitHub (Cloud Security)
6+
7+
This integration supports Cloud Security monitoring for GitHub. You can use it to monitor your GitHub configuration, user access, and Dependabot vulnerabilities. It does not require access to repository contents.
68

79
## Setup
810

9-
To setup the GitHub integration, navigate to the **Integrations > Add integration > GitHub** and click **Continue**.
11+
To setup the GitHub (Cloud Security) integration, navigate to the **Integrations > Add integration > GitHub (Cloud Security)** and click **Continue**.
1012

1113
### Which permissions does Oneleet require?
1214

13-
Oneleet currently requests the following read-only permissions within GitHub:
15+
Oneleet currently requires the following read-only permissions on GitHub:
1416

15-
- Administration
16-
- Code
17-
- Metadata
17+
- Repository administration
18+
- Repository Dependabot alerts
19+
- Repository metadata
20+
- Repository webhooks
1821
- Organization administration
19-
- Organization hooks
20-
- Repository hooks
22+
- Organization members
23+
- Organization webhooks
2124

2225
### Which resources does Oneleet monitor?
2326

2427
Oneleet currently monitors the following on GitHub:
2528

2629
- Organizations
2730
- Repositories
31+
- Branch protection rules
32+
- Dependabot alerts
2833

2934
## Common Issues
3035

0 commit comments

Comments
 (0)