Github Education pack claim asks for a lot of Github permissions


#1

I just got an email from the Github education pack that Sentry is now included. I’m already using Sentry for some project and would like to make use of the offer by Github Education. While claiming the pack Sentry verifies that you actually have the pack by asking access to your Github account, which I understand, but it asks for way too much permissions in my opinion: read and write for public and private repositories, plus the same access for all organizations.

Could anyone explain why it needs these permissions? Even though I trust Sentry, I would not like to give these permissions.

Requested permissions:


#2

#3

Thanks for your answer, that indeed explains why it needs these permissions. I did not think about this because the reason for linking my Github account is only for verifying that I have the Github Education pack, but I see now that this leads to the same ‘Link your Github to Sentry’ flow.


#4

@MeredithAnya Is there any further information on switching to the Github integrations API? Potentially opening up write access to all our repositories is quite a big step.


#5

@garethadams there is some ground work needed before making that switch. However, it’s still on our radar.