Catana requires a few permissions on your GitHub organization and repository for its core features to work.
Granting access to a new GitHub application comes with rightful concerns.
To be fully transparent, you’ll find below a comprehensive list of permissions Catana requests and why they are needed.
This permission is likely the most sensible, therefore has a
detailed blog post
explaining how Catana handles your data and why this permission is needed.
TL;DR: Catana never stores any of your source code on its server. Catana retrieves its data from parsing git diffs on the fly. This permission is required for Catana to fetch those diffs.
Catana has the ability to remove a TODO from your code if a user requests it.
This permission allows Catana to create a commit (and later on open a Pull Request using another permission). Catana will never push changes directly on your main branch.
This permission allows Catana to check if a user is a collaborator of your repository on GitHub and reflect the authorization to access the Catana dashboard.
When a user opens a Pull Request with TODOs, Catana will create a GitHub Check to provide visual feedback (successful if TODOs pass validations , failure otherwise).
Catana can expire your TODO when a GitHub issue is closed. This permission grants us access to receive a GitHub webhook when Issues in your repository get closed.
GitHub issues are the main medium for notifying users when their TODOs become addressable. Catana uses this permission to create a GitHub Issue or write a comment on an already opened Issue.
Similar to the Repository Issue#read permission. Catana can expire your TODO when a GitHub PR is closed. This permission grants us access to receive a GitHub webhook when a PR in your repository gets closed.
This permission is used altogether with the Content#write one. Catana uses this permission to open a Pull Request when a user requests to remove a TODO from the repository.
This permission is requested when you install Catana on a GitHub organization account. It allows Catana to check if a user is a member of the organization on GitHub and reflect the authorization to access the Catana dashboard.