Why integrate Devin into GitHub?

Integrating Devin into your GitHub organization allows Devin to create pull requests, read and respond to your PR comments, etc. This lets Devin be a true collaborator on your engineering team.

The setup is easy! Go to preview.devin.ai > Settings > Integrations, Connect your GitHub and follow the GitHub app integration steps on the screen.

  • Make sure to select access to the relevant repos and review permissions
  • Once the set up is done, you should be able to view all the repos Devin now has access to in the top right corner of the Devin homepage.

Setting up the Integration

  1. In your Devin account at preview.devin.ai, go to Settings > Integrations, and click the “Connect” button to integrate your organization with the Devin GitHub app.

Devin

  1. This will redirect you to GitHub where you can select the GitHub account and repositories to connect Devin, and review the relevant permissions.
    1. If you’re setting up the GitHub integration on behalf of your organization, make sure to select your company’s account. Note that you will not be able to set up a simultaneous personal Devin-GitHub integration.

Devin

  1. Once you’ve completed all the set up steps in Github, you will be directed to the Devin account settings page where you can confirm the integration is set up.

Devin

  1. [For Enterprise customers only] Add the cognition-team GitHub account to the relevant repositories. This gives us the ability to help onboard Devin onto your codebase and monitor Devin’s activity.
We recommend enabling branch protections on master to ensure checks are enforced before Devin can merge any changes.

Using Devin with the GitHub Integration

Once the integration is set up, you can go to the Devin web application and you should be able to see all the connected repositories on the right-hand side.

You can now start running a session and Devin should be able to access your connected GitHub repositories!

Just start a new session and tell Devin the name of the repo to clone.

Devin will automatically respond to any PR comments as long as the session has not ended and Devin is awake.

Setting Devin’s Permissions

Managing Permissions

When setting up the integration, the user can choose to grant permissions such that Devin can access all the organization’s repositories or only a selected subset of repos as determined during the GitHub installation process.

Permissions are set when you install the GitHub Devin app, and can always be adjusted through the App Settings in the GitHub account once the app is connected.

Devin

Devin requires the following permissions:

Read access to:

PermissionDescription
`dependabot alertsAllows Devin to resolve dependabot alerts on your behalf (i.e. bumping dependency versions)
actionsAllows Devin to view the actions configured for a repository in order to understand if Devin’s changes pass CI
checksAllows Devin to view the checks configured for a repository in order to understand if Devin’s changes pass CI
commit statusesAllow Devin to view if a commit passes CI
deploymentsAllow Devin to view which versions of a repository were deployed
metadataAllow Devin to view crucial metadata about a repository such as who owns it
packagesAllow Devin to view which versions of a repository were shipped as a package
pagesAllow Devin to consult pages associated with a repository, e.g. to view documentation
repository advisoriesAllow Devin to view security advisories related to a repo in order to help fix security issues
repository hooksAllow Devin to view the hooks configured for a repository, e.g. linting and type checking
repository projectsAllow Devin to view projects associated with a repository, e.g. to retrieve information about a task

Read and write access to:

PermissionDescription
codeAllow Devin to contribute to the codebase
discussionsAllow Devin to contribute to discussions
issuesAllow Devin to open new issues
pull requestsAllow Devin to create new PRs
workflowsAllow Devin to set up new workflows, e.g. to help configure CI/CD

We request these permissions so that Devin can work in your repository just as a regular contributor. Specifically, we permit Devin to push new branches, open PRs, and contribute to PR discussions, which is essential for Devin to productively contribute to your codebase.

Security Considerations

Some additional information regarding Devin’s permissions in GitHub:

  • We recommend enabling branch protections on master to ensure checks are enforced before Devin can merge any changes.
  • If Devin is connected to your organization’s GitHub account then it will have the same permissions for any user with access to the GitHub and Devin organizations.
  • Devin will not mirror the permissions of the user running a session with Devin, it will retain the permissions granted at the org-level.
  • Devin cannot create new repos in your GitHub account.

GitHub Integration FAQs

Devin's Tool KitSlack Integration Guide