Connecting source control

How to connect Seal to GitHub, GitLab, or Azure DevOps so it can read your dependency manifests directly.

Connecting source control is how a Seal Project gets into source code mode, the most accurate of the four package discovery modes. Seal supports three source-control systems:

GitHub uses the Seal GitHub App and an OAuth-style install flow. GitLab and Azure DevOps use a personal access token (PAT) plus the platform URL.

After a system is connected, additional repositories can be imported through the same flow without reconnecting. Existing connections are managed at Settings > Integrations.

Permissions

Inside Seal, you need the Admin or Sealer role to connect or disconnect a source-control system, and to import projects.

On the source-control side, the permission you need depends on the system:

  • GitHub: authority to install GitHub Apps on the organization (typically an org owner or a user with the appropriate org-level permission).

  • GitLab: a personal access token from a user with Developer, Maintainer, or Owner role on the GitLab projects you want to scan, with the api scope.

  • Azure DevOps: a personal access token with full access, or at least Code (Read & Write).

Last updated