Why we request write permissions for the SSH keys

To provide information regarding why we request write permissions for the SSH keys, we want to let you know that we won’t have access to any of your existing SSH keys, only the ability to add new ones with which to clone repos.

The keys we add are read-only, and these can be revoked at any time.

You have full control over which organizations and repositories Codacy is authorized to access.

We understand the desire for security and privacy. We find that the ssh key method is preferable to https as it separates Codacy’s access rights from the user’s.

We cannot change the code or member privileges of any repo we are authorized to analyze.

You can find information on the permissions Codacy needs from your account here, and more details on why we request write permissions for the SSH keys.

If you need further help, please feel free to reach out to us!