Data handling
GitHub Links for Jira is built on the Atlassian Forge platform:
-
App code runs inside Atlassian's own infrastructure. No data is routed through Move Work Forward servers for the core enrichment flow.
-
GitHub data is fetched on demand and rendered directly in the Jira panel. It is not stored persistently outside of Atlassian Forge's secure storage.
-
GitHub credentials (App installation tokens) are stored in Forge's encrypted
storage:appscope and are never exposed to the browser.
GitHub App permissions
The GitHub App requests the minimum read-only permissions required to fetch the data shown in the panel. Default permissions cover code, pull requests, issues, commits, and repository metadata. Optional permissions for Discussions, Code scanning, and Security advisories are requested separately and are not enabled by default.
EULA and Privacy Policy
The End User Licence Agreement and Privacy Policy are available from the Move Work Forward website and from the Atlassian Marketplace app listing. Please review these documents before using GitHub Links for Jira Cloud.
Bug Bounty
Move Work Forward operates a responsible disclosure and bug bounty programme. If you discover a security vulnerability in GitHub Links for Jira Cloud, please report it through the official programme rather than publicly disclosing it. Contact details are available from the support documentation.
For full details on security practices, EULA, and Privacy Policy, visit help.moveworkforward.com.
Updated: