tag:help.appveyor.com,2012-11-13:/discussions/questions/999-terms-of-service-pertaining-to-accessing-a-users-githubAppVeyor: Discussion 2018-08-25T01:54:26Ztag:help.appveyor.com,2012-11-13:Comment/360764232015-02-18T18:38:52Z2015-02-18T18:38:52ZTerms of Service pertaining to accessing a User's Github?<div><p>Hi Val,</p>
<p>We are currently working on improvements into AppVeyor ToC.</p>
<p>Addressing your concern regarding AppVeyor accessing GitHub
account and handling your code:</p>
<ol>
<li>AppVeyor uses OAuth token to access your GitHub account using
GitHub REST API. OAuth token is stored in AppVeyor database in
encrypted form. Requested scopes are required to list your
repositories, organization repositories, manage repository webhooks
and SSH keys.<br></li>
<li>AppVeyor uses SSH key to clone your GitHub repository.<br></li>
<li>Repository is cloned to build worker only.<br></li>
<li>Every build runs on a fresh virtual machine which is not shared
with other builds and the state of which is not preserved between
consequent builds. After the build is finished its virtual machine
is decommissioned.<br></li>
<li>Build worker VMs are firewalled and there is no way to access
them from outside (unless you allow certain rules on
firewall).<br></li>
<li>AppVeyor staff does not look into your build VMs, sources,
build configurations, logs without your permission.</li>
</ol>
<p>Please let me know if you have any questions.</p></div>Feodor Fitsner