Meercode can only read your GitHub Actions runs data. Meercode only needs run/build metadata from CI/CD services to operate. Source code access is not required we never ask for its permission.
Authorization
Meercode uses a very simple but powerful authorization model.
We always request the CI/CD service with user's own access tokens. As a result, users can only monitor resources which they can access on the service side.
For example, if a user doesn't have access to a specific repository on Github, actions from that repository are not listed on Meercode's dashboard and reports.
Why do we request write permission for actions?Meercode has the one-click functionality to cancel or re-run actions directly from dashboard. This the only reason we need write permissions for actions.