Frequently Asked Questions
FAQ for the Step Security GitHub App
Where do I report bugs/ issues with the GitHub app?#
Please create an issue here https://github.com/step-security/feedback/issues
What permissions does the App need on my repo?#
| Permissions | Reason |
|---|---|
| Actions: Read | To check if the workflow failed after the permission change |
| Code: Write | To create a new branch with fixes to workflow files |
| Pull Requests: Write | To create a pull request with the fixes |
| Workflows: Write | To read and write to workflow files (under ./github/workflows) |
Is the App available on the GitHub App marketplace?#
It is not available on the marketplace as of now.
Does the App store workflow files on the backend?#
No. The App fetches the workflow files to analyze them. It does not store the workflow files on the backend. After the analysis is done, it creates a pull request, and stores the pull request information on the backend.
info
If you have a question not listed below, feel free to create an issue here or email info@stepsecurity.io