GitHub App Permission Update (Jan 2023)

If you use Socket for GitHub and you're a GitHub organization admin, you will receive a permissions update email from Socket today.

We are preparing to launch a new dashboard feature on the Socket website and we need one new permission, "Members", which gives us access to the list of members in the organization. This helps ensure GitHub app installations are accurately represented in the dashboard, and to also ease the onboarding flow of organization members into the Socket dashboard if they don't have a Socket account.

Additionally, we took this as an opportunity to remove some permissions we no longer rely on, specifically the "Single file" permission. The Socket app continues to only read package manifest files (e.g. package.json) and never sends source code to our servers.

When you get a moment, please review the new permissions and click accept on the permission request!

If you have any questions about this change, please reach out to us at support@socket.dev and we'll be happy to help!