GitHub proof types
Note
Hyperproof connects to many third-party systems that frequently change, including the system interface. Contact your System Administrator or the third-party provider for assistance meeting the requirements to integrate with Hyperproof and collect the proof you need.
When you create a Hypersync between Hyperproof and GitHub, you can automatically collect proof based on:
Branch Protection
Requires admin access to the repo in addition to either write or maintain roles
Commits
Commit Details
External Repository Members
Requires push access to the repo
Issue Details
Member Repository Access
Requires admin access to the repo
List of Issues
Organization Members
Pull Requests
Repository Admins
Requires admin access to the repo
Repository Members
Requires push access to the repo
Repository Workflows
Requires admin access to the repo in addition to either write or maintain roles
Team Members
Additional documentation
Note
You only need to connect Hyperproof to the app once, and then you can create as many Hypersyncs as you need. Additionally, you can create multiple Hypersyncs for a single control or label.
Tip
If you accidentally click Authorize Hyperproof during the connection process, and your organization doesn’t have a green check next to it, go to your GitHub settings and revoke permissions for Hyperproof. Once the permissions are revoked, follow the steps to reconnect Hyperproof to GitHub.
Requesting organizational approval for using third-party apps in GitHub
If your organization is using a service account to connect GitHub to Hyperproof, and the account has restricted third-party apps, you’ll need to request approval for Hyperproof.
Once the request is approved by the organization’s owner, the GitHub organization should appear in the Owner drop-down menu within the Set up Hypersync window.
Log in to GitHub with the service account.
In the upper-right corner of any page, click your profile photo, then click Settings.
From the left menu, below Integrations, click Applications.
Select the Authorized OAuth Apps tab.
In the list of applications, click Hyperproof.
Below Organization access, click Request for each organization that needs authorization.
Click Request approval from owners.
Full instructions can be found in the GitHub documentation.
A note about using 2FA with the GitHub Hypersync
If you experience an issue with establishing a service account connection to the GitHub Hypersync, it's more than likely due to having 2FA (Two-Factor Authentication) configured for your GitHub instance.
It is possible to create a service account in GitHub with 2FA. Refer to this GitHub article for more information. For reference, Hyperproof uses Bitwarden’s TOTP key generator for similar 2FA scenarios.