Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

GitHub PowerUp permissions

drozendaal
drozendaal November 20, 2020

We are using Trello and we would like to use the GitHub PowerUp to integrate pull requests and issues into our Trello board. However, when linking my GitHub account, the PowerUp seems to require a lot of permissions: 

 

Organizations and teams Read-only access

This application will be able to read your organization, team membership, and private project boards.

 

Repositories Public and private

This application will be able to read and write all public and private repository data. This includes the following:

  • Code
  • Issues
  • Pull requests
  • Wikis
  • Settings
  • Webhooks and services
  • Deploy keys
  • Collaboration invites

 

At this point we are reluctant to use the GitHub PowerUp because it seems to require read/write access to our code.

Why would Trello need read/write access to our code (for both public and private repos)?

 

Thanks in advance!

Answer
Watch
Like # people like this
845 views

1 answer

1 accepted

0 votes
Answer accepted
Ryan
Ryan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 25, 2020

Hi there,

We make sure that we only ask for permissions that are the minimum necessary to enable the functionality of the Power-up. This question has been asked before and we created a help article which answers this here: https://help.trello.com/article/1023-using-the-github-power-up

Thanks!

Ryan

View More Comments
drozendaal
drozendaal November 27, 2020

Thanks for pointing that out, have a great day!

Like
P
P March 31, 2022

It appears like GitHub now supports a lot more granular permissions. Can you update your GitHub App to only request the permissions it actually needs?

https://docs.github.com/en/developers/apps/managing-github-apps/editing-a-github-apps-permissions

For us, permitting write access to code or any access to deploy keys is completely out of the question, which makes this Trello plug-in unusable.

Like # people like this
Fried Khan
Fried Khan April 2, 2022

Agreed... doing it manually cause it asks for to much.

Like gbihet likes this
Darin Morris
Darin June 29, 2022

I agree with @P, AFAIK more granular permissions are supported now

There is no way for me to use this plugin as it currently works.

Like gbihet likes this
Reply

Suggest an answer

Log in or Sign up to answer
Trello
Trello
TAGS
AUG Leaders

Atlassian Community Events

    See all events