Why do you need such broad access to my GitHub account?
RetroGit requests access for a couple of kinds of data from your GitHub account:
- Personal user data: Needed in order to determine which email address to send your digest to (I did not want to build my own email address validation infrastructure).
- Repositories: Needed to get at historical commits used to generate your digest. The authentication scopes that GitHub's API offers are quite coarse-grained, so there is no narrower option. This means that RetroGit also has access to the read-write contents of your source files, even though it does not need (or use) it. The one mitigating option is to only request this level of access for public repositories — this can be done in RetroGit by unchecking the "Include private repositories" checkbox when signing in.
How much data can you see about my account?
RetroGit has access to the following data about your GitHub account and repositories:
- Email addresses
- Commit history
- Source code
- Pull requests
- Deploy keys
However it only uses the data in bold
, everything else is provided as a side effect of the scope
that it uses with the GitHub API.
What is is stored in your servers?
RetroGit does not
persist any commit messages or source code from your repositories on its servers (GitHub API responses may be cached in memory for a short period). Digests are generated dynamically when they need to be sent out. What ends up being stored is (see the
struct for details):
- OAuth token enabling RetroGit to query data for your account.
- Which email address to receive your digests at.
- Timezone, digest frequency and other settings.
There is also a per-user map
of the timestamp of the oldest commit for each repository, since this is expensive to compute.
Can I run my own instance?
is available and it runs on the App Engine Go Runtime
, so you can easily start your own instance. It is not very resource intensive -- single user accounts should definitely fit within the free daily quota.
Can I delete my account?