Skip to content
  • Docs
  • Pricing
  • FAQ
Run Free Audit Log In

repod Trust Pack

A concise summary for buyers reviewing repod before a pilot.

What repod Does

repod helps teams review and manage GitHub repository access using organization metadata, repository metadata, teams, members, and repo-team permission state.

What repod Does Not Do In Normal Operation

  • Does not clone repositories.
  • Does not process source code contents.
  • Does not require write permissions for the public access health check or audit/read mode.

GitHub Permission Modes

repod supports two connection models: fine-grained GitHub PAT auth and GitHub App beta. For PAT auth, submitted tokens must begin with github_pat_. GitHub App beta uses encrypted app credentials and short-lived installation tokens.

  • Audit/read mode: read-oriented access for org settings, repository metadata, members, teams, and repo-team permission state.
  • Write mode: additional permissions only when repod applies repo-team permission changes, repository metadata changes, repository renames, or team-management actions.

Security Controls

  • Fine-grained GitHub PATs only for PAT-auth submitted tokens.
  • PATs and GitHub App private keys encrypted at rest and never logged in plaintext.
  • GitHub App beta mints short-lived installation tokens when calling GitHub APIs.
  • Account-scoped data model and role-based access controls.
  • Audit logs for org lifecycle, token rotation, sync, account, and access-change events.

Vendor Review Links

  • Security overview
  • Subprocessors
  • Privacy Policy
  • Terms of Service
  • Vulnerability Disclosure

Compliance Status

repod does not currently hold SOC 2, ISO 27001, or Cyber Essentials accreditation. Formal external attestation is deferred until buyer demand justifies the cost.