potpie-ai
🚀 Feature Request: Add Option to Manage Repository Access, Versioning, and Deletion Flow for Enhanced Control and Security
🧾 Description
We need to enhance the current GitHub integration by providing users more control over the repositories they connect — specifically around deletion, versioning, update syncing, and visibility. Below are the proposed improvements:
🛠️ What’s Missing in the Current Implementation
-
No Option to Delete a Connected Repository
Once a repository is connected and cloned, there is currently no way for the user to delete that repository from our system. This limits the user's ability to manage and control which repositories remain accessible or stored within the platform. -
No Control Over Repo Updates
After the initial cloning and storing of a repository into Neo4j, any subsequent updates made to that repository on GitHub are not tracked or fetched. There is no prompt or mechanism to decide whether future updates should be synced.
✅ Proposed Enhancements
-
Access Control During Repo Authorization
When a user grants access to a GitHub repository, we should prompt them with an option:"Do you want to allow access to future updates made to this repository?"
This should be unchecked by default, respecting user consent. -
Repo Versioning Support
- Allow users to choose whether updated versions of the same repository (same branch or multiple branches) should be fetched and stored.
- Each version should be stored in Neo4j as a separate version, enabling a form of repository versioning.
- When accessing a repo, users should be able to view all available versions, along with metadata like:
- Fetch timestamp
- Branch name
- GitHub commit reference
-
Repo Deletion Flow
When a user attempts to delete a repository:- Show them a list of **conversations ** that will be affected.
- Prompt them to confirm deletion, with an option for soft delete (i.e., data is preserved but access is disabled) or else don't allow them to delete , if that repo is being used in any conversation .
- This gives users more clarity and control over the consequences of deleting repos.
-
Full Data Visibility and Control for Users
Given increasing concerns around data security and privacy, especially among enterprise users:- Users should have visibility into all code data stored in the system.
- They should be able to view, manage, and delete their data and associated repositories at any time.
- Ensuring transparency and ownership will improve user trust and facilitate onboarding for security-conscious organizations.
💡 Why This Matters
- Enterprises are especially cautious about who has access to their source code.
- Providing clear visibility, fine-grained control, and the ability to opt in/out of continuous syncing will help address these concerns.
- These changes will make our platform more secure, trustworthy, and user-friendly.
Would love to know your views on this! 🤝
@YashPatrot apologies for the late response
- You're right, the unlinking of a repo from github is not synced. the github app sends webhook notifications on uninstallation which should be consumed and handled by Potpie. Would you like to work on this? 2)This exists but is not proactive - its on demand, every time you click on 'Parse' it checks for the latest commit and updates the knowledge graph
@dhirenmathur I'd be glad to work on this! If anyone else is interested, I'm more than happy to step aside. Otherwise, I'm happy to take it up and will work on it at my own pace alongside my current job responsibilities.
hey @YashPatrot, are you still working on this? Would love to get it off you.
Hey @into-the-night I haven’t had a chance to start on this yet, so feel free to take it over. Appreciate you checking in!
Hi @renuka010 , Sure, you can go ahead and take it up. Thanks for jumping in!
Hey @into-the-night I haven’t had a chance to start on this yet, so feel free to take it over. Appreciate you checking in!
Great! I'll start working on this now