Skip to main content
When Qlty runs a build for a project, it clones the repository using a short-lived GitHub App installation access token. Build Repository Access controls which repositories that token is allowed to read, so you can give each project’s builds least-privilege access to your code. This matters when a build needs to clone more than just the project’s own repository — for example a private dependency, a Git submodule, or another repository in a monorepo workflow.

Configuring access

Open Project Settings → General and find the GitHub section. Set Build Access Token Scope to one of:
OptionThe build token can clone…
All RepositoriesEvery repository the Qlty GitHub App can access in your workspace. Least restrictive.
This Repository OnlyOnly this project’s repository. Most restrictive.
Selected RepositoriesThis project’s repository, plus a list of additional repositories you choose.
Only workspace admins can view or change Build Repository Access.

Selected repositories

When you choose Selected Repositories, pick the additional repositories the build may clone.
  • This project’s own repository is always included and cannot be removed.
  • You can add up to 5 additional repositories.
  • You can select any repository in your workspace that has been added to Qlty as a project. Use the search box to find a repository by name.

Defaults

  • New projects default to This Repository Only.
  • Projects created before this setting was introduced keep All Repositories, so their existing builds are unaffected. Narrow the scope at any time from the project’s settings.

Behavior notes

  • Pull requests from forks are always scoped to the project’s own repository, regardless of this setting.
  • If a selected repository is later deleted or removed from the Qlty GitHub App installation, it is automatically dropped from the build token so your builds keep working. Re-add an accessible repository from settings to restore it.