Getting Started
Installing the App
To install the GitHub App, open https://github.com/apps/precaution. This will take you to GitHub's App installation page for
Precaution.
Repository Selection
After clicking to install, you'll be presented with an option on what repositories to install the App into. CHoose between All repositories or Only select repositories.
If you currently don't have any repositories, you will see just the one option to install into All repositories.
Also, both private and public repositories will show up as selectable. However, Precaution Basic, the free plan, will only perform checks on public open source repositories.
Permissions
Next you'll see a set of permissions for your review.
Repository Permissions
A minimal set of repository permissions are necessary in order for Precaution to run checks against source code of a pull request. Here's a breakdown of the details of what's required:
| Repository Permission | Reasoning |
|---|---|
| Read access to code | Necessary to analyze the code in the repository. |
| Read access to metadata | Necessary in order to receive repository notifications. |
| Read access to checks | Necessary in order to access the check run created when the pull request was opened. |
| Write access to checks | Enables the creation of a check run which is necessary to scan and provide results annotated in the code. |
| Read access to pull requests | Necessary in order to see what code changes are part of the PR. |
| Write access to pull requests | Gives the ability to post review comments of suggested fixes for the vulnerability. |
User Permissions
Similar to repository permissions, a minimal set of user permissions are also necessary.
| User Permission | Reasoning |
|---|---|
| Read access to email addresses | Necessary to inform users of possible outages, new features, and other important changes. |
Website
Finally, after clicking Install & Authorize button, you're taken to the website for your newly created account. Here you can review your plan, billing, and transactions.
Your install is complete and you are now securing your code from potential security vulnerabilies!