PerfCopilot
Get started

GitHub

GitHub tracks the three things that matter most for engineering output: what you shipped (PRs merged), how you supported the team (reviews given), and how consistently you were active (commit cadence). All three flow into the [GITHUB DATA] block of every generated review.

What we pull

The ingester runs three queries in parallel per employee per cycle:

  • Pull requests — all PRs authored by the employee in the org, scoped to the cycle window by created date. Each PR lands as a pull_request_merged or pull_request_opened event with title, state, repo name, labels, and comment count. Headline metric: total_prs_opened.
  • Code reviews given — PRs where the employee left a review (via reviewed-by: search). Stored as code_review_given events, one per PR reviewed. Signals mentorship and collaboration.
  • Commit cadence — aggregate commit counts per ISO week, bucketed in the org's local timezone so cycle weeks align correctly. Stored as a single commit_cadence_summary row with total_commits, active_weeks, avg_per_week, and max_in_one_week.

We pull metadata only — PR titles, review states, commit messages. No code diffs, no file contents.

Note: GitHub caps its search API at 1,000 results per query. Employees with extremely high commit volume in a cycle may hit this limit; the ingester pages up to 1,000 results and then stops.

Connecting

Two paths, both configured at /admin?tab=integrations under GitHub:

Org-wide GitHub App (recommended)

  1. Click Connect on the GitHub card. You're redirected to install the PerfCopilot GitHub App in your GitHub organization.
  2. Grant repository access — at minimum read access to issues, pull requests, and commit search.
  3. Back in PerfCopilot, map each employee's GitHub login in the GitHub card's unmapped-employees list. The ingester queries by author:<login> and reviewed-by:<login>, so a missing login means zero data for that employee.

Per-employee OAuth

Employees can also authorize their own GitHub account from their profile settings. This works alongside the org-wide app — whichever token is found first is used.

Service account fallback

If neither is configured, the ingester falls back to a GITHUB_TOKEN env var. Useful for self-hosted setups but not recommended for production: a single service account token rate-limits across all employee syncs.

What hits a review

[GITHUB DATA]
total_prs_opened:    12
total_prs_merged:     9
reviews_given:       21
total_commits:       87
active_weeks:         6
avg_commits_per_week: 14.5
max_in_one_week:     31
top_repos:           [{"repo": "backend", "prs": 7}, {"repo": "infra", "prs": 5}]

Plus a [BASELINES] row with the team / department / org cohort medians for total_prs_opened and reviews_given.

Troubleshooting

"GitHub signals show zero PRs"

  1. No GitHub login mapped. The ingester queries by author:<login> — if the login field is blank, nothing is returned. Check the GitHub card on /admin?tab=integrations.
  2. Wrong org name. The query scopes to org:<org_name>. If your org uses a different slug in GitHub than you typed, the search returns empty. Confirm in GitHub under your org's Settings → General.
  3. App not installed on the right repositories. If you granted selective repository access during install, PRs in ungranted repos won't appear. Re-install the app with "All repositories" access, or add the specific repos.
  4. Commits search date filter silently ignored. GitHub's commits search endpoint sometimes ignores the committer-date range query and returns the most recent commits instead. The ingester applies a client-side date filter as a belt-and-suspenders check and sends a Sentry warning when this divergence is detected. If you see unexpectedly low commit counts, check the Sentry dashboard for github.commits filter anomalies.

"Commit week buckets are off by one"

This happens when the org timezone isn't set. The ingester buckets commits in the org's local timezone so "Sunday night" commits land in the correct ISO week. Go to Settings → Organization and set your timezone.

Privacy notes

  • We never read file contents, code diffs, or commit diffs.
  • PR titles and commit messages are stored in raw_signals.payload and visible to managers. If employees include customer names or credentials in commit messages, those will be visible.
  • GitHub's search API rate limit is 30 authenticated requests per minute. PerfCopilot staggers syncs and backs off on 403/429 responses; very large orgs may see syncs take several minutes.