Skip to content
  • Docs
  • Pricing
  • FAQ
Run Free Audit Log In

Security

repod is built for GitHub organization metadata and access-control operations. It does not clone repositories or process source code contents in normal operation.

Access Model

repod supports PAT auth and GitHub App beta. For PAT auth, repod only accepts fine-grained GitHub personal access tokens beginning with github_pat_ for new connections, token rotation, and public access audits. GitHub App beta stores encrypted app credentials and mints short-lived installation tokens when needed.

  • Audit/read mode: uses read-oriented access to organization settings, repository metadata, members, teams, and repo-team permission state.
  • Write mode: is only needed when a customer asks repod to apply repo-team permission changes, repository metadata changes, repository renames, or team-management changes.
  • Customer control: customers can rotate or revoke GitHub tokens, GitHub App private keys, or GitHub App installations at any time from GitHub. repod sync and apply operations pause until valid credentials are restored.

Data Handled

  • Account and authentication records, including email addresses and password hashes.
  • GitHub organization metadata, repository metadata, teams, members, and permission history.
  • GitHub credential configuration, including encrypted PATs or encrypted GitHub App private keys and installation metadata.
  • Audit logs for access changes, org lifecycle events, and security-relevant account activity.
  • Operational telemetry and logs that exclude plaintext PAT values, GitHub App private keys, and installation tokens.

Credential Protection

GitHub PATs and GitHub App private keys are encrypted at rest and are decrypted only in process when repod calls GitHub APIs. GitHub App installation tokens are short-lived. Plaintext PATs, GitHub App private keys, and installation tokens are not written to application logs or audit details.

Tenant Isolation And Roles

Domain data is account-scoped. Users receive account roles such as owner, admin, maintainer, viewer, or audit, and those roles map to application capabilities for org management, reporting, member management, and write operations.

Auditability

Material org lifecycle and security events create audit entries. Access changes are designed to be previewed before apply and then recorded after execution.

Retention And Backups

Org-history and audit data are retained while an account is active. Customers can request deletion through support@repod.dev; backup retention specifics depend on the active deployment runbook and can be confirmed during vendor review.

Compliance Status

repod does not currently hold SOC 2, ISO 27001, or Cyber Essentials accreditation. Formal attestations are not part of the current zero-revenue phase; this page documents the current security posture instead.

Security Contact

Report security issues to support@repod.dev. See the Vulnerability Disclosure page for reporting guidance, or review our Subprocessors page.

Buyer Trust Pack

For a concise buyer-facing summary of the security model, see the repod Trust Pack.