diff --git a/docs/release-notes/cloud/cloud-2024-01-DD-gh-repository-ssh-keys-deprecation.md b/docs/release-notes/cloud/cloud-2024-01-DD-gh-repository-ssh-keys-deprecation.md index 8bfa9f54b4..21c86a0d03 100644 --- a/docs/release-notes/cloud/cloud-2024-01-DD-gh-repository-ssh-keys-deprecation.md +++ b/docs/release-notes/cloud/cloud-2024-01-DD-gh-repository-ssh-keys-deprecation.md @@ -3,18 +3,18 @@ rss_title: Codacy release notes RSS feed rss_href: /feed_rss_created.xml --- -# Deprecation of SSH keys for GitHub repositories January DD, 2024 +# Discontinuation of SSH keys for GitHub repositories January DD, 2024 !!! info "This release note applies only to GitHub" -For increased security, Codacy deprecated the usage of **repository SSH keys** for Git operations on GitHub in favor of **installation access tokens**. +For increased security, Codacy is discontinuing the usage of **repository SSH keys** for Git operations on GitHub in favor of **installation access tokens**. This change translates into important security improvements: - It reduces the liability of the Codacy GitHub App, as it no longer requires [read and write repository permissions for Administration](https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-administration). - Contrary to long-living SSH keys, [installation access tokens](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app#about-installation-access-tokens) expire after one hour and Codacy loses access when the GitHub App is uninstalled. -To minimize any impact, Codacy deprecated the usage of repository SSH keys for now but will keep using them as a fallback mechanism at this first stage. At a later stage, Codacy will [delete the repository SSH keys](#timeline) stored in our systems. +To minimize any impact, Codacy is currently discontinuing the usage of repository SSH keys but will keep using them as a fallback mechanism at this first stage. At a later stage, Codacy will [stop using repository SSH keys and delete the keys](#timeline) stored in our systems. ## Changes on the Codacy GitHub App required permissions {: id="changes-permissions"} @@ -45,7 +45,7 @@ To ensure the conditions to use installation access tokens on GitHub organizatio January DD, 2024 - Codacy started using installation access tokens to clone and integrate with your repositories, and deprecated the usage of repository SSH keys + Codacy started using installation access tokens to clone and integrate with your repositories

From this day on, repository SSH keys are used exclusively as a fallback mechanism when the Contents permission is missing.

If not done yet, make sure an organization owner approves Codacy GitHub App updated permissions on your GitHub organization.

@@ -61,10 +61,10 @@ To ensure the conditions to use installation access tokens on GitHub organizatio February 19, 2024 - Codacy will remove repository permissions for Administration from the Codacy GitHub App and drop the usage of repository SSH keys + Codacy will remove repository permissions for Administration from the Codacy GitHub App and stop using repository SSH keys

Codacy will start using installation access tokens to clone and integrate with your repositories, with no fallback mechanisms. Also, repository permissions for Administration will be removed from the Codacy GitHub App.

-

If on this date the Codacy GitHub App updated permissions haven't been approved on your GitHub organization yet, your Codacy quality analysis will fail and you'll not be able to add new repositories to Codacy until an organization owner approves the updated permissions.

+

If on this day the Codacy GitHub App updated permissions haven't been approved on your GitHub organization yet, your Codacy quality analysis will fail and you'll not be able to add new repositories to Codacy until an organization owner approves the updated permissions.