We are continuing to work to give you added control over your team's security. Many of the features on the Team Security page were user requests that we have implemented.
First head to My account
and then navigate to the Team security
page under the ACCESS CONTROL
header on the left-hand side of the page.
Hard expiry on session
You can enable this feature that will force all team members to re-authenticate with Gearset every 18 hours.
This is in addition, to any Gearset session expiring after 3 hours of inactivity, whether this option is enabled or not.
Permissions
These have been moved to their own dedicated page.
GitHub App settings
Here you can specify that your team should use a GitHub app when connecting to GitHub through Gearset. There's more details about how to set this up on this page.
Connected Services
Here you can restrict which endpoints your team members can connect to.
Restrict access using patterns including ? and * wildcards, separated by newlines or commas. You can leave it empty to allow connections to any endpoint. Note that this will affect your already established org connections as well.
Source control providers
Choose the source control provider you'd like to add restrictions to from the dropdown.
Restrict access to repositories using patterns including ? and * wildcards, separated by newlines, commas, or spaces.
Note that you need to take the info from the ‘clone’ section on their repo. For example, you need to enter https://gitprovider.com/orgname/reponame.git
instead of just https://gitprovider.com/username/reponame
.
You can also configure commit signing for your team. Read more about this here.