Why Code Repositories Matter
Your source code is one of your most valuable assets — and it’s also a major focus area in most security compliance frameworks. Ensuring that your code is properly hosted, access-controlled, and monitored is key to protecting your software and demonstrating strong security practices to auditors.
That’s why ComplyJet automatically pulls in all your repositories from connected version control systems like GitHub, GitLab, or Bitbucket — giving you a centralized view to manage them with compliance in mind.
Reviewing Your Repositories
Visit the Code Repositories page under the Engineering section. Here, you’ll see a full list of repositories pulled from the version control systems you've connected via the Integrations page.
Start by scanning through the list and verifying that the repositories shown match your actual production codebase. If you spot something that doesn’t belong (like a test or personal repo), you can mark it as Out of Scope and provide a short reason.
Cleaning Up and Assigning Ownership
For each in-scope repository, you should:
Assign an Owner — typically the engineer or team responsible for maintaining the code.
Add a Clear Description — briefly explain what the repository does (e.g., “Frontend for customer dashboard”).
You can click into any repository to view and edit these details. ComplyJet may pre-fill some fields like owner and description based on metadata from your VCS — but you can always update them.
Final Goal
By the end of this process, your In Scope tab should contain only your actual production repositories — each with a description and an assigned owner. This not only helps you stay compliant, but also gives auditors confidence that your code is properly tracked and governed.