Privacy

GRA Release Radar is designed as a client-only static web application. Repository input is processed in the browser. The app calls GitHub REST API endpoints directly from the user's device and does not send repository queries, release results, or optional GitHub tokens to a first-party GRA backend.

The public pages load Google Analytics through measurement ID G-X6JPNX7342 to understand aggregate site usage. Google Analytics may receive standard page-view metadata from the user's browser, such as the visited URL, referrer, user agent, approximate location derived from network information, and event timing. Repository input, release API responses, and optional GitHub tokens are not intentionally sent to Google Analytics by the application code.

If the user chooses to remember a GitHub token, the token is stored in localStorage on that device. If the user does not choose the remember option, the token is kept only in the current browser session state. Users should create fine-grained tokens with the smallest repository access they need, and should revoke tokens from GitHub if they suspect exposure.

The site is hosted as static files. Standard hosting and browser infrastructure may still process normal request metadata such as IP address, user agent, requested URL, and cache headers. GitHub receives API requests made by the user's browser and applies GitHub's own API limits and policies.