From b7ec629f18d24439fd7009ecc68ea133f5ebfb00 Mon Sep 17 00:00:00 2001 From: Ian Gregory Date: Tue, 14 Oct 2025 12:45:28 -0400 Subject: [PATCH 1/5] Split GitHub integration into Cloud Security and Code Security; document permissions update for Code Security --- pages/integrations/github-code-security.mdx | 35 +++++++++++++++++++++ pages/integrations/github.mdx | 23 ++++++++------ 2 files changed, 49 insertions(+), 9 deletions(-) create mode 100644 pages/integrations/github-code-security.mdx diff --git a/pages/integrations/github-code-security.mdx b/pages/integrations/github-code-security.mdx new file mode 100644 index 0000000..494ae8c --- /dev/null +++ b/pages/integrations/github-code-security.mdx @@ -0,0 +1,35 @@ +--- +title: GitHub (Code Security) +--- + +# GitHub + +This integration supports Code Security scanning for GitHub. For other GitHub integration features, use the **GitHub (Cloud Security)** integration. + +## Setup + +To setup the GitHub (Code Security) integration, navigate to the **Integrations > Add integration > GitHub (Code Security)** and click **Continue**. + +### Which permissions does Oneleet require? + +Oneleet Code Security currently requires the following permissions on GitHub: + +- Repository metadata (read) +- Repository contents (read) +- Repository checks (read and write) +- Repository pull requests (read and write) + +## Updates + +### 2025-10-14 + +#### What's changing? + +We’ll soon be adding support for running Oneleet Code Security scanning as a continuous integration check on your GitHub pull requests, so you can find and remediate security issues before they're even introduced. + +As part of this change, you should have received a message from GitHub to review and accept the following new permissions for the **Oneleet Code Security** app: + +- Read and write access to **Checks** on repositories +- Read and write access to **Pull requests** on repositories + +Once you've accepted the new permissions, you should be ready to go for pull request scanning. We'll have more to share about this feature very soon! diff --git a/pages/integrations/github.mdx b/pages/integrations/github.mdx index 64c85d3..a942262 100644 --- a/pages/integrations/github.mdx +++ b/pages/integrations/github.mdx @@ -1,23 +1,26 @@ --- -title: GitHub +title: GitHub (Cloud Security) --- -# GitHub +# GitHub (Cloud Security) + +This integration supports Cloud Security monitoring for GitHub. You can use it to monitor your GitHub configuration, user access, and Dependabot vulnerabilities. It does not require access to repository contents. ## Setup -To setup the GitHub integration, navigate to the **Integrations > Add integration > GitHub** and click **Continue**. +To setup the GitHub (Cloud Security) integration, navigate to the **Integrations > Add integration > GitHub (Cloud Security)** and click **Continue**. ### Which permissions does Oneleet require? -Oneleet currently requests the following read-only permissions within GitHub: +Oneleet currently requires the following read-only permissions on GitHub: -- Administration -- Code -- Metadata +- Repository administration +- Repository Dependabot alerts +- Repository metadata +- Repository webhooks - Organization administration -- Organization hooks -- Repository hooks +- Organization members +- Organization webhooks ### Which resources does Oneleet monitor? @@ -25,6 +28,8 @@ Oneleet currently monitors the following on GitHub: - Organizations - Repositories + - Branch protection rules + - Dependabot alerts ## Common Issues From 977cae13f88d6e3a32f2da6e870080a9758fd344 Mon Sep 17 00:00:00 2001 From: Ian Gregory Date: Tue, 14 Oct 2025 13:13:28 -0400 Subject: [PATCH 2/5] Wording update --- pages/integrations/github-code-security.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/integrations/github-code-security.mdx b/pages/integrations/github-code-security.mdx index 494ae8c..834fbd2 100644 --- a/pages/integrations/github-code-security.mdx +++ b/pages/integrations/github-code-security.mdx @@ -25,7 +25,7 @@ Oneleet Code Security currently requires the following permissions on GitHub: #### What's changing? -We’ll soon be adding support for running Oneleet Code Security scanning as a continuous integration check on your GitHub pull requests, so you can find and remediate security issues before they're even introduced. +We’ll soon be adding support for running Oneleet Code Security scanning as a continuous integration check on your GitHub pull requests, so you can find and remediate security issues before they're introduced to production. As part of this change, you should have received a message from GitHub to review and accept the following new permissions for the **Oneleet Code Security** app: From 9ad554acc22f2900e5b6078feaddd9a488756adc Mon Sep 17 00:00:00 2001 From: Ian Gregory Date: Tue, 14 Oct 2025 13:23:13 -0400 Subject: [PATCH 3/5] Update h1 --- pages/integrations/github-code-security.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/integrations/github-code-security.mdx b/pages/integrations/github-code-security.mdx index 834fbd2..efb2a45 100644 --- a/pages/integrations/github-code-security.mdx +++ b/pages/integrations/github-code-security.mdx @@ -2,7 +2,7 @@ title: GitHub (Code Security) --- -# GitHub +# GitHub (Code Security) This integration supports Code Security scanning for GitHub. For other GitHub integration features, use the **GitHub (Cloud Security)** integration. From dae67c1d2a6be1927ffd52becf301b0ccc336020 Mon Sep 17 00:00:00 2001 From: Ian Gregory Date: Tue, 14 Oct 2025 13:23:30 -0400 Subject: [PATCH 4/5] Grammar fixes --- pages/integrations/github-code-security.mdx | 2 +- pages/integrations/github.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pages/integrations/github-code-security.mdx b/pages/integrations/github-code-security.mdx index efb2a45..5a95e57 100644 --- a/pages/integrations/github-code-security.mdx +++ b/pages/integrations/github-code-security.mdx @@ -8,7 +8,7 @@ This integration supports Code Security scanning for GitHub. For other GitHub in ## Setup -To setup the GitHub (Code Security) integration, navigate to the **Integrations > Add integration > GitHub (Code Security)** and click **Continue**. +To set up the GitHub (Code Security) integration, navigate to the **Integrations > Add integration > GitHub (Code Security)** and click **Continue**. ### Which permissions does Oneleet require? diff --git a/pages/integrations/github.mdx b/pages/integrations/github.mdx index a942262..694e606 100644 --- a/pages/integrations/github.mdx +++ b/pages/integrations/github.mdx @@ -8,7 +8,7 @@ This integration supports Cloud Security monitoring for GitHub. You can use it t ## Setup -To setup the GitHub (Cloud Security) integration, navigate to the **Integrations > Add integration > GitHub (Cloud Security)** and click **Continue**. +To set up the GitHub (Cloud Security) integration, navigate to the **Integrations > Add integration > GitHub (Cloud Security)** and click **Continue**. ### Which permissions does Oneleet require? From fabb7839a5bbed978cd9450fccd1e86e44bdf66f Mon Sep 17 00:00:00 2001 From: Ian Gregory Date: Mon, 3 Nov 2025 17:58:24 -0500 Subject: [PATCH 5/5] Change date for GitHub (Code Security) permissions update --- pages/integrations/github-code-security.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/integrations/github-code-security.mdx b/pages/integrations/github-code-security.mdx index 5a95e57..570beee 100644 --- a/pages/integrations/github-code-security.mdx +++ b/pages/integrations/github-code-security.mdx @@ -21,7 +21,7 @@ Oneleet Code Security currently requires the following permissions on GitHub: ## Updates -### 2025-10-14 +### 2025-11-03 #### What's changing?