Skip to main content
Skip table of contents

Security and Compliance Overview

Jigit integrates Jira Data Center with Git platforms using REST APIs and webhooks. The integration is designed to exchange metadata only and does not transfer or store source code content.

1. Data Handling

  • The plugin retrieves metadata only; no source code is cloned, transferred, or stored in the Jira database.

  • Source code content is never transferred or stored.

2. Metadata Retrieved

The plugin retrieves the following repository-related metadata:

Commits

  • Commit SHA/ID

  • Commit message

  • Commit timestamp

  • Author username

  • Parent commit references

Branches

  • Branch name

  • References to the latest commit

Pull Requests

  • Pull request ID and number

  • Title and description

  • Source and target branches

  • State (open / closed / merged)

  • Author (usernames / IDs)

  • Timestamps (created, updated, merged)

Repository Metadata

  • Repository name

  • Repository ID

  • Organization / owner identifier

  • Default branch

3. Authentication

  • Access to the Git platform is performed using Personal Access Tokens (PATs).

  • Tokens are used exclusively to authenticate API calls to the Git platform.

  • Tokens are never exposed to end users or transmitted to third parties.

4. Network Communication

  • All communication is performed over HTTPS (port 443).

Outbound Communication (required): Jira Data Center → Git platform

  • Initiated exclusively by Jira Data Center

  • Used for:

    • Repository indexing

    • Fetching commits, branches, and pull requests

    • Validating repository and organization access

Inbound Communication (optional but recommended): Git platform → Jira Data Center

  • Webhooks improve data freshness but are not mandatory.

  • If webhooks are disabled, the plugin relies on scheduled polling.

  • Used for:

    • New commits

    • Branch creation/deletion

    • Pull request events

5. Personally Identifiable Information (PII)

The plugin only handles PII inherently included in Git metadata returned by the Git platform, such as:

  • Git commit author usernamename

  • Git platform usernames involved in pull requests

No additional PII is collected, enriched, or transmitted beyond what the Git platform provides through its APIs.

Updated:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close