Integration with GitLab
Code Inspector is integrated with gitlab so that:
- users can authenticate using their gitlab user
- users can link their gitlab accounts to their code inspector accounts
- users can checkout private repositories from their gitlab account.
Note that Code Inspector is a GitLab technology partner
Integration with GitHub
We integrate in different ways with GitHub:
- Regular accounts: can link their GitHub account. They are integrated as a GitHub OAuth app. The OAuth token generated from GitHub does not expire and is used to access your GitHub data.
- GitHub accounts: these accounts are when you log using GitHub. GitHub accounts use a GitHub app, which limits the access scope to a defined number of repositories and use short-lived access token, reducing the attack surface.
Integration when logging with GitHub
When logging with GitHub, you are using the GitHub App integration. That means that the list of projects are being defined on the GitHub app itself. When using the GitHub app, it means that the scope of data being accessed by Code Inspector is restricted to the data listed in the application installation.
Extensive documentation on the GitHub App integration is also available.
Integration with regular accounts.
Code Inspector is integrated with GitHub so that:
- users can authenticate using their GitHub user
- users can link their GitHub accounts to their code inspector accounts
- users can checkout private repositories from their GitHub account.
When you link your GitHub account on a regular account, this is done through an OAuth application. This type of integration has the drawback to give access to all your repositories. If you want to restrict scope of data available to Code Inspector, consider using a GitHub App, as described above.
We have a Chrome Extension that let’s you see analysis results directly on GitHub. See the dedicated documentation page for more information.
Integration with Bitbucket
Code Inspector is integrated with bitbucket so that:
- users can authenticate using their bitbucket user
- users can link their bitbucket accounts to their code inspector accounts
- users can checkout private repositories from their bitbucket account.