Documentation

GitHub App — Installation

Install the CodeSentinel GitHub App on your repository.

Install from GitHub Marketplace

  1. 1

    Go to the CodeSentinel listing on GitHub Marketplace.

  2. 2

    Click Install it for free (or your plan's install button).

  3. 3

    Choose Only select repositories and pick the repos to protect.

  4. 4

    Click Install & Authorize.

Required permissions

The App requests read access to code, read/write access to Checks, read/write to Pull Requests (for inline comments), and read access to repository metadata. No write access to code is ever requested.

Connect to your CodeSentinel account

After installation, GitHub redirects you to the CodeSentinel dashboard. Sign in (or create an account) to complete the link. The dashboard shows all connected repositories and their scan history.

Enable branch protection

To block merges on failed scans, add the CodeSentinel status check to your branch protection rules:

  1. 1

    In GitHub, go to your repository Settings → Branches.

  2. 2

    Edit or create a protection rule for your main branch.

  3. 3

    Under Require status checks to pass before merging, search for CodeSentinel Security Scan and enable it.

  4. 4

    Enable Require branches to be up to date before merging.

  5. 5

    Save.

Test the installation

Open a pull request against your protected branch. Within seconds, a CodeSentinel Security Scan check appears on the PR. If there are no issues, it shows Passed. If issues are found, inline comments are added to the affected lines.

Previous

Overview

Next

PR Scanning