What permissions does the GitHub App need?

FlagShark requires minimal permissions: read access to code and pull requests, and write access to pull request comments. We follow the principle of least privilege for security.

Can I use FlagShark with GitHub Enterprise?

Yes, FlagShark supports both GitHub.com and GitHub Enterprise Server. Enterprise installations can be configured for on-premises deployments.

Seamless Integration

GitHub Integration for Automated Feature Flag Detection

Automatically detect and track feature flags in every GitHub pull request. Get instant visibility into flag changes with automated PR comments and comprehensive reporting.

Start Free

Learn More

SOC 2 Compliant

Trusted by 500+ Teams

Pull Request #142

Open

FlagShark Analysis

🚩 Found 3 new feature flags and 2 stale flags ready for removal

NEW_CHECKOUT_FLOW

LEGACY_PAYMENT_SYSTEM(100% rollout, 6 months old)

How FlagShark GitHub Integration Works

Simple setup, powerful automation. Start detecting feature flags in minutes with our secure GitHub App.

1. Install GitHub App

One-click installation from GitHub Marketplace. Select repositories and configure permissions.

2. Open Pull Request

Create or update a pull request. FlagShark automatically triggers analysis on PR events.

3. Automatic Detection

AI-powered analysis scans code changes for feature flags across multiple languages.

4. PR Comments

Get detailed comments with flag analysis, stale flag alerts, and removal suggestions.

Powerful Features for GitHub Teams

Everything you need to manage feature flags directly in your GitHub workflow

Automated PR Comments

Detailed analysis comments on every pull request showing new flags, stale flags, and removal opportunities.

Multi-Language Support

Detect feature flags in TypeScript, JavaScript, Python, Go, and more. Support for LaunchDarkly, Unleash, Split.io.

Real-Time Analysis

Instant flag detection on PR creation and updates. No delays, no manual triggers required.

Secure by Design

Minimal permissions, encrypted data, SOC 2 compliant. Your code never leaves GitHub's infrastructure.

Historical Tracking

Track flag lifecycle from creation to removal. Identify long-lived flags and technical debt accumulation.

Smart PR Generation

Automatically create pull requests to remove stale flags with safe code transformations.

Enterprise Security

Secure GitHub Integration You Can Trust

Built with security-first principles, FlagShark follows GitHub's best practices for app development and data protection.

Minimal Permissions

Only requests necessary permissions: read code/PRs, write PR comments. No access to sensitive data.

SOC 2 Type II Compliant

Annual security audits ensure we meet the highest standards for data protection and privacy.

GitHub Enterprise Ready

Support for GitHub.com and GitHub Enterprise Server with on-premises deployment options.

Required Permissions

Repository ContentsRead

Pull RequestsRead

Issues & PR CommentsWrite

WebhooksWrite

Privacy First: FlagShark never stores your source code. Analysis happens in real-time and only metadata is retained.

Frequently Asked Questions

Everything you need to know about FlagShark's GitHub integration

How does FlagShark integrate with GitHub?

FlagShark uses a secure GitHub App that monitors your pull requests. When a PR is opened or updated, FlagShark automatically scans the code changes for feature flags and posts a detailed comment with findings. The entire process is automated and requires no manual intervention.

What programming languages are supported?

FlagShark supports TypeScript, JavaScript, Python, Go, Java, and C#. We detect flags from popular feature flag services including LaunchDarkly, Unleash, Split.io, Flipt, and custom implementations. New languages and services are added regularly based on user feedback.

Can I customize which flags to ignore?

Yes! You can configure FlagShark to ignore specific flags, flag patterns, or entire files. Configuration is done through a `.flagshark.yml` file in your repository root, giving you full control over the detection process.

How long does analysis take?

FlagShark typically completes analysis within 10-30 seconds of a PR being opened or updated. Larger PRs may take slightly longer, but we optimize for speed to avoid blocking your development workflow. You'll see the comment appear automatically once analysis is complete.

Is my code safe with FlagShark?

Absolutely. FlagShark never stores your source code. We analyze code in real-time and only retain metadata about detected flags. All data transmission is encrypted, and we're SOC 2 Type II compliant. Your code never leaves GitHub's infrastructure during analysis.

Ready to Automate Feature Flag Detection in GitHub?

Join hundreds of teams using FlagShark to eliminate feature flag debt directly in their GitHub workflow.

Start Free

Calculate Your ROI

No credit card required • 14-day free trial • Cancel anytime

Related Resources

LaunchDarkly Integration →

Automated cleanup for LaunchDarkly feature flags with specialized detection.

Manual vs Automated →

See why automated flag detection saves 85% more time than manual processes.

Feature Flag Debt Guide →

Learn why feature flag debt costs teams $125,000+ annually.