Bret Comnes
January 9, 2023
If you use Socket for GitHub and you're a GitHub organization admin, you will receive a permissions update email from Socket today.
We are preparing to launch a new dashboard feature on the Socket website and we need one new permission, "Members", which gives us access to the list of members in the organization. This helps ensure GitHub app installations are accurately represented in the dashboard, and to also ease the onboarding flow of organization members into the Socket dashboard if they don't have a Socket account.
Additionally, we took this as an opportunity to remove some permissions we no longer rely on, specifically the "Single file" permission. The Socket app continues to only read package manifest files (e.g. package.json) and never sends source code to our servers.
When you get a moment, please review the new permissions and click accept on the permission request!
If you have any questions about this change, please reach out to us at support@socket.dev and we'll be happy to help!
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Try it now
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.
Product
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
