To what information does CatLIght cloud service store?

Hi,

I have come across catlight which suits our current requirement. But there are lot of security related restrictions on using a TPA.

Please find the attachment for the access requested by catlight.

Can you please help me with the following?

Here read access is requested for code and build artifacts, Is this information stored in CatLIght cloud service?

Can you please elaborate more on this? I did come across this question (link), but it doesn't seem to have the complete information when compared with above access requests.

catlight-service azure-devops privacy security

Saikumar Kolisetty

Posted

2 replies

Votes Newest Oldest

catlight ·

CatLight does not read or search code, and it does not access the build artifacts.

Azure DevOps permissions are not very granular, and unfortunately, we have to request more than necessary. We want to request permission to read the list of pull requests, so the app can show notifications about them. However, the minimum permission to do that is to request read access to the code. The same situation is for builds.

After authentication happens, CatLight stores the access token in an encrypted form locally on the user's computer, and all the data processing is happening locally.

Comment

Saikumar Kolisetty ·

Also Can you please let me know that with the ability to read and search the code, how does catlight protect the customer proprietary data? does it process the source code like code search, version control artifacts, etc. on their own servers?

Comment

Confirmation

Confirmation

To what information does CatLIght cloud service store?

2 replies

Your Reply

Dialog Caption