Skip to Content

Security & Compliance

Lynx Compliance - GitHub Connector

Pulls compliance evidence from GitHub - repository inventory, branch protection, signed-commit ratio, PR-review coverage, CODEOWNERS, secret-scanning alerts, Actions workflows - via the GitHub REST API.

Talk to sales See pricing

lynx_compliance_connector_github · v19.0.1.0.0 · Premium

What this solves

Lynx Compliance - GitHub Connector

Companion to the Northstar connector — same 10 resource types, GitHub-specific HTTP plumbing. For customers running their primary source-control on GitHub (cloud or Enterprise Server), this connector mechanises the same auditor-loved evidence: who can push to main, are commits signed, are PRs reviewed, are secrets ever committed.

Authentication is a personal access token or a fine-grained PAT with read scopes for the orgs / repos in scope. GitHub Enterprise Server customers point config_json.endpoint at their instance; the default is https://api.github.com for GitHub Cloud.

Key Features

  • GitHub connector type - configure with the API endpoint + a personal access token (read-only scopes are enough).

  • Ten resource pulls - repositories, branch protection rules, CODEOWNERS files, signed-commit percentages, code-review coverage, secret-scanning alerts, Actions workflows, webhooks, org admin members, signed releases.

  • Pre-seeded collectors - five evidence collectors covering software inventory (ID.AM-02), change management (PR.PS-02), code-signing (PR.PS-01), privileged-user inventory (PR.AA-05), and CI configuration (A.8.9).

  • GitHub Enterprise Server support - point endpoint at https://github.example.com/api/v3 to use a private GitHub Enterprise Server install.

  • Rate-limit aware - test_connection surfaces the remaining-requests count; pulls back off cleanly on 403 secondary rate-limit responses.

Integrates With

  • lynx_compliance_connectors - registers under the connector framework.

  • lynx_compliance_evidence_collectors - shipped collectors use the standard schedule.

  • GitHub via the requests HTTP client.

Depends on

base lynx_compliance lynx_license_enforcer lynx_base lynx_compliance_evidence_collectors lynx_compliance_connectors lynx_compliance_certification

Try Lynx Compliance - GitHub Connector on your team.

Free trial, no credit card. Talk to sales when you're ready.

Start free trial Browse all modules