Security aspect of integrating with private Github repository

Hi dear Crowdin community,
I am working on integrating our Crowdin project with our private git repository so that we can make use of cool automize features of the Crowdin such as file sync, pr auto-generate via ui.
However, this requires us to share authorized a user details with a read/write permission with the Crowdin, as expected for such feature. Nevertheless, this also brings a security concern for our source codes and I am looking for workarounds for such setup.
My questions are, is there anybody out there who also had such concern? If so, did you find a way to only share related source files in convenient setup which does not brakes developer experience?
I am looking forward to hearing your ideas and propositions.

Hi @OnderIlkeSever !

Yes, in order for the integration to work well, we need the read and write permission. If that doesn’t work for you, you may try CLI or GitHub action (some users do that in situations like this)
Will that work for you?

Here’s information:

Hi @Ira,
Thank you for your reply and sharing your ideas.
I can see using cli could help us avoiding to share whole repository for updating files in the Crowdin project. However, unfortunately, I cant see Crowding being able to create pr’s unless we give whole access to the codebase or we somehow seperate our repository from the translation files. Please correct me if I am missing any functionality that could help us achieving what I described.
Looking forward to hear more about it.
Onder Ilke Sever

Hi @OnderIlkeSever,
CLI itself won’t create pull requests, but GitHub action can help with that.

Hi @Ira,
Yes, and that requires a github access token(which can read/write to the repo) to be able to do that, am I wrong saying that?

when using GitHub action, we (Crowdin) won’t have read&write access to your repo, only the GitHub action itself. The GH_TOKEN is generated by GitHub automatically