Why integrate Devin into GitHub?

Integrating Devin into your GitHub organization allows Devin to create pull requests, read and respond to your PR comments, etc. This lets Devin be a true collaborator on your engineering team.

The setup is easy! If you did not connect your GitHub during onboarding, go to app.devin.ai > Settings > Integrations, click Connect your GitHub and follow the GitHub app integration steps on the screen.

  • Make sure to select access to the relevant repos and review permissions
  • Once the set up is done, you should be able to view all the repos Devin now has access to in the Library > Devin’s Workspace section of your settings page.

Setting up the Integration

Having trouble? Check out our Common Issues page for solutions to common problems.
  1. In your Devin account at app.devin.ai, go to Settings > Integrations, and click the “Connect to GitHub” button to integrate your organization with the Devin GitHub app.

  1. This will redirect you to GitHub where you can select the GitHub account and repositories to connect Devin, and review the relevant permissions.
    1. If you’re setting up the GitHub integration on behalf of your organization, make sure to select your company’s account. Note that you will not be able to set up a simultaneous personal Devin-GitHub integration.

  1. Once you’ve completed all the set up steps in Github, you will be directed to the Devin account settings page where you can confirm the integration is set up.

  1. [For Enterprise customers only] Add the cognition-team GitHub account to the relevant repositories. This gives us the ability to help onboard Devin onto your codebase and monitor Devin’s activity.
We recommend enabling branch protections on master to ensure checks are enforced before Devin can merge any changes.

Using Devin with the GitHub Integration

Once the integration is set up, you can go to the Devin web application and you should be able to see all the connected and configured repositories in the ‘Choose Machine’ drop-down menu on the bottom of the new Session dialog. If you are using a repository for the first time, we recommend going through the development environment setup process in the onboarding flow to ensure that Devin has the most accurate and up to date information about working with your codebase.

You can now start running a session and Devin should be able to access your connected GitHub repositories!

Just start a new session, select your pre-configured machine, and tell Devin the name of the repo to clone.

Devin will automatically respond to any PR comments as long as the session has not ended and Devin is awake.

Setting Devin’s Permissions

Managing Permissions

You need to be an admin of the Github organiation where the Devin integration is installed to manage permissions
When setting up the integration, you can choose to grant permissions such that Devin can access all the organization’s repositories or only a selected subset of repos.

You can always adjust permissions through the Integration configuration page in Github once the app is connected:

  • Step 1: Go to the GitHub Integration settings
  • Step 2: Navigate to Devin.ai Integration and click “Configure”
  • Step 3: Scroll to the “Repository access” section to manage permissions

Devin requires the following permissions:

Read access to:

PermissionDescription
`dependabot alertsAllows Devin to resolve dependabot alerts on your behalf (i.e. bumping dependency versions)
actionsAllows Devin to view the actions configured for a repository in order to understand if Devin’s changes pass CI
checksAllows Devin to view the checks configured for a repository in order to understand if Devin’s changes pass CI
commit statusesAllow Devin to view if a commit passes CI
deploymentsAllow Devin to view which versions of a repository were deployed
metadataAllow Devin to view crucial metadata about a repository such as who owns it
packagesAllow Devin to view which versions of a repository were shipped as a package
pagesAllow Devin to consult pages associated with a repository, e.g. to view documentation
repository advisoriesAllow Devin to view security advisories related to a repo in order to help fix security issues
repository hooksAllow Devin to view the hooks configured for a repository, e.g. linting and type checking
repository projectsAllow Devin to view projects associated with a repository, e.g. to retrieve information about a task

Read and write access to:

PermissionDescription
codeAllow Devin to contribute to the codebase
discussionsAllow Devin to contribute to discussions
issuesAllow Devin to open new issues
pull requestsAllow Devin to create new PRs
workflowsAllow Devin to set up new workflows, e.g. to help configure CI/CD

We request these permissions so that Devin can work in your repository just as a regular contributor. Specifically, we permit Devin to push new branches, open PRs, and contribute to PR discussions, which is essential for Devin to productively contribute to your codebase.

Security Considerations

Some additional information regarding Devin’s permissions in GitHub:

  • We recommend enabling branch protections on master to ensure checks are enforced before Devin can merge any changes.
  • If Devin is connected to your organization’s GitHub account then it will have the same permissions for any user with access to the GitHub and Devin organizations.
  • Devin will not mirror the permissions of the user running a session with Devin, it will retain the permissions granted at the org-level.
  • Devin cannot create new repos in your GitHub account.

GitHub Integration FAQs