`2025-12-05`'s `38955399/permissions/update` requests R&W permission. Can this be rejected for new installations?

[roke-julian-lockhart]

Like atlassian/github-for-jira/issues/1728 explains, at 2025-12-05T15:20+00:00, ¹ github.com/settings/installations/38955399/permissions/update requested write permission for repository content:

Socket requires the above permissions to scan pull requests, commits, bot commands, directory listings, supported manifests and the socket.yml configuration file. Write permissions are required for applying Certified Patches.

I've yet to require the socket.yml file, so can I not disable this? I see:

The Socket Security app will retain its current permissions if you choose not to accept the new permissions.

However, that shan't persist across reinstallations.

Footnotes

1. Message-Id: <6932f8434aca0_fe1110719a7@sharedworker-5b8f858ff4-6kf7v.mail> ↩

[PowerKiKi]

I uninstalled the app because of the new Certified Patch feature that requires write access to my code. While the intent behind Certified Patch is commendable, giving write access to all our code is a risk that is absolutely unacceptable for us.