🚀 How do we use this integration?
Connecting GitHub allows us to deliver key insights in three areas:
- DORA Metrics (Software Delivery Performance):
Measure software delivery efficiency across Lead Time, Deployment Frequency, Mean Time to Recovery, and Change Failure Rate. These metrics are industry standards for evaluating and improving engineering performance. - Team Collaboration:
Visualise how teams interact around PRs and reviews, identifying collaboration bottlenecks, response times, and workload balance. - Team Activity:
Break down activity at the member level (commits, PRs created, reviews, comments) to gain a clear view of contributions and working dynamics.
🔐 Permissions Requested
All permissions are read-only. We never request write or admin access.
- Metadata (read-only): to list repositories and access basic information.
- Pull requests (read-only): to retrieve PRs, commits, reviews, and comments.
- Contents (read-only): only required if commits exist that are not linked to Pull Requests.
📌 Endpoints Used
| Endpoint | Permission | Purpose |
|---|---|---|
/user/repos | Metadata: read | List user repositories for mapping in Leanmote. |
/repos/{owner}/{repo}/commits | Contents: read | Retrieve commit history for metrics and timeline tracking. |
/repos/{owner}/{repo}/pulls | Pull requests: read | List repository pull requests for workflow analysis. |
/repos/{owner}/{repo}/pulls/{pr}/reviews | Pull requests: read | Retrieve reviews of each PR to assess participation and review times. |
/repos/{owner}/{repo}/pulls/{pr}/commits | Pull requests: read | Link commits to PRs for detailed tracking. |
/repos/{owner}/{repo}/pulls/{pr}/comments | Pull requests: read | Retrieve PR comments to analyze team discussions. |
✅ Principle of Minimal Scope
At Leanmote we follow the principle of least privilege:
- We only request read-only permissions.
- We never request write or admin-level access.
- Each permission is tied to a specific endpoint and a clear purpose.
