Travis, Organizations and Private Repos


I’m working on an opensource project owned by an organization (Microsemi/switchtec-user). I’d really like to get enabled for this repository but the people in the organization’s IT department who maintain control over it obstinately refuse to turn it on. They are worried that even logging into Travis will give Travis access to their github account or provide a third-party access to their other private repos and data.

All evidence I can find says that this is not the case and enabling a account does not risk account credentials or private data. However, it would be great if someone can give me an official answer which I can point to on what risks there are (if any) to their private repositories when using a third party service.



Does this help?

Thanks, but that applies to and not (the open source version). When you use you do give a third party access to your private data and the document you link to essentially says they can look at your data but won’t do so unless you ask them to.

1 Like