Is there a plan to *stop* Travis requesting read / write access on login?


At the moment have oauth scopes that require read / write access to all repos which is a risky thing to give to a third party. worked without this scope.

Is there a plan and timeline to remove this scope from

1 Like privacy concerns

Yes. We will be moving to integration via GitHub Apps, which provides more granular permissions. See


FYI, the “Set up your open source project now” button on leads people into this “risky” situation.

It seems like that link should direct to until the open source permissions are fixed on


This has nothing to do with open source. Open source is about software license and source code availability.


To clarify…if you want to “set up your open source project now”, consider NOT clicking the “Set up your open source project now” button, because it takes you to which requests read/write permissions for ALL repos in your github account. Instead, consider going to sign up at

1 Like

Any updates on this? still requires GitHub “Third Party Access” with access to all my private repos to operate.

1 Like

Polite bump for an update here. The sign-in permissions should not need write access. This is not very clear on sign-in, and some users are granting this write permission without understanding what they’re doing.

1 Like