GitLab
The AISafe GitLab integration connects your GitLab groups and personal accounts to AISafe. It provides source access for code audits and automated PR security review.
How it works
AISafe connects to GitLab via OAuth. Authorizing the AISafe GitLab application gives AISafe read access to your repositories, so AISafe can clone source code for code audit assessments. The integration supports both GitLab.com (SaaS) and self-hosted GitLab instances.
Connecting GitLab
- Navigate to Integrations in the AISafe dashboard.
- Under Personal Integrations, click Connect GitLab.
- GitLab redirects you to authorize AISafe. Choose which projects to grant access to.
- After authorization, your GitLab repositories appear in the Available repositories table alongside any GitHub repositories.
Source access for code audits
For a code audit assessment against a connected GitLab repository, AISafe uses the OAuth token to clone the code. The token's scope covers the repositories you authorized, and AISafe uses it for the duration of the scan.
PR review
GitLab repositories bound to a project support PR review. AISafe receives merge request webhooks and posts security review comments on the merge request, mirroring the GitHub PR review flow.