At VersionEye we provide a login with your GitHub Account. Initially we implemented the GitHub login with the “repo” scope. That means that you give VersionEye read and write access to ALL your repositories, even your private ones. Many people asked me why VersionEye needs read and write access to private repositories. Well. VersionEye don’t need write access to your repositories because VersionEye never will change your source code. But currently the GitHub API doesn’t provide a “read-only” scope for private repositories. I talked to the GitHub guys at the GitMerge Conf. in Berlin and I know they are working on more scopes for the GitHub API.
The 2nd question is why VersionEye needs read access to private repositories. Well. We just need that if you want that we monitor your private Repositories.
Because so many people complaint about this scope, we did some refactoring. If you now login in via GitHub, VersionEye will only ask for read access to your public repositories.
If you want to create a new project at VersionEye, we will only fetch your public repositories.
But if you want that VersionEye is monitoring your private repositories, you can afterwards grand VersionEye access to your private repositories. You just have to click the link “Grand access to private repositories” in the GitHub tab. Than this dialog will appear.
And again. VersionEye will never do write operations on your repositories. We use that scope only for reading and monitoring your private repositories.
In the settings area you can click on the link “Connect”, to see your connections to other social networks. Here we display you also the GitHub API scope we have for your account.
You can every time use the “disconnect” link. That will delete the GitHub token for your Account in the VersionEye database.