Skip to main content

Audit log events for your enterprise

In this article

Learn about audit log events recorded for your enterprise.

Enterprise owners can interact with the audit log.

artifact category actions

ActionDescription
artifact.destroyA workflow run artifact was manually deleted.

business category actions

ActionDescription
business.add_adminAn enterprise owner was added to an enterprise.
business.add_organizationAn organization was added to an enterprise.
business.advanced_security_policy_updateAn enterprise owner created, updated, or removed a policy for GitHub Advanced Security. For more information, see "Enforcing policies for Advanced Security in your enterprise."
business.clear_default_repository_permissionAn enterprise owner cleared the base repository permission policy setting for an enterprise. For more information, see "Enforcing a policy for base repository permissions."
business.clear_members_can_create_reposAn enterprise owner cleared a restriction on repository creation in organizations in the enterprise. For more information, see "Enforcing repository management policies in your enterprise."
business.createAn enterprise was created.
business.disable_two_factor_requirementThe requirement for members to have two-factor authentication enabled to access an enterprise was disabled.
business.enable_two_factor_requirementThe requirement for members to have two-factor authentication enabled to access an enterprise was enabled.
business.members_can_update_protected_branches.clearAn enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization administrators can choose whether to allow updating protected branches settings.
business.members_can_update_protected_branches.disableThe ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches.
business.members_can_update_protected_branches.enableThe ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches.
business.remove_adminAn enterprise owner was removed from an enterprise.
business.remove_organizationAn organization was removed from an enterprise.
business.rename_slugThe slug for the enterprise URL was renamed.
business.set_actions_retention_limitThe retention period for GitHub Actions artifacts and logs was changed for an enterprise. For more information, see "Enforcing policies for GitHub Actions in an enterprise."
business.update_default_repository_permissionThe base repository permission setting was updated for all organizations in an enterprise. For more information, see "Enforcing a policy for base repository permissions."
business.update_member_repository_creation_permissionThe repository creation setting was updated for an enterprise. For more information, see "Enforcing a policy for repository creation."
business.update_member_repository_invitation_permissionThe policy setting for enterprise members inviting outside collaborators to repositories was updated. For more information, see "Enforcing a policy for inviting outside collaborators to repositories."

checks category actions

ActionDescription
checks.auto_trigger_disabledAutomatic creation of check suites was disabled on a repository in the organization or enterprise. For more information, see "Update repository preferences for check suites."
checks.auto_trigger_enabledAutomatic creation of check suites was enabled on a repository in the organization or enterprise. For more information, see "Update repository preferences for check suites."

dependabot_alerts category actions

ActionDescription
dependabot_alerts.disableAn enterprise owner disabled Dependabot alerts for all existing repositories. For more information, see "Managing security and analysis settings for your organization."
dependabot_alerts.enableAn enterprise owner enabled Dependabot alerts for all existing repositories.

dependabot_alerts_new_repos category actions

ActionDescription
dependabot_alerts_new_repos.disableAn enterprise owner disabled Dependabot alerts for all new repositories. For more information, see "Managing security and analysis settings for your organization."
dependabot_alerts_new_repos.enableAn enterprise owner enabled Dependabot alerts for all new repositories.

dependabot_repository_accesscategory actions

ActionDescription
dependabot_repository_access.repositories_updatedThe repositories that Dependabot can access were updated.

dependency_graph category actions

ActionDescription
dependency_graph.disableAn enterprise owner disabled the dependency graph for all existing repositories. For more information, see "Managing security and analysis settings for your organization."
dependency_graph.enableAn enterprise owner enabled the dependency graph for all existing repositories.

dependency_graph_new_repos category actions

ActionDescription
dependency_graph_new_repos.disableAn enterprise owner disabled the dependency graph for all new repositories. For more information, see "Managing security and analysis settings for your organization."
dependency_graph_new_repos.enableAn enterprise owner enabled the dependency graph for all new repositories.

enterprise category actions

ActionDescription
enterprise.config.disable_anonymous_git_accessAn enterprise owner disabled anonymous Git read access for repositories in the enterprise. For more information, see "Enforcing repository management policies in your enterprise."
enterprise.config.enable_anonymous_git_accessAn enterprise owner enabled anonymous Git read access for repositories in the enterprise. For more information, see "Enforcing repository management policies in your enterprise."
enterprise.config.lock_anonymous_git_accessAn enterprise owner locked anonymous Git read access to prevent repository admins from changing existing anonymous Git read access settings for repositories in the enterprise. For more information, see "Enforcing repository management policies in your enterprise."
enterprise.config.unlock_anonymous_git_accessAn enterprise owner unlocked anonymous Git read access to allow repository admins to change existing anonymous Git read access settings for repositories in the enterprise. For more information, see "Enforcing repository management policies in your enterprise."
enterprise.register_self_hosted_runnerA new GitHub Actions self-hosted runner was registered. For more information, see "Adding a self-hosted runner to a repository."
enterprise.remove_self_hosted_runnerA GitHub Actions self-hosted runner was removed. For more information, see "Removing a runner from a repository."
enterprise.runner_group_createdA GitHub Actions self-hosted runner group was created. For more information, see "Creating a self-hosted runner group for an organization."
enterprise.runner_group_removedA GitHub Actions self-hosted runner group was removed. For more information, see "Removing a self-hosted runner group."
enterprise.runner_group_renamedA GitHub Actions self-hosted runner group was renamed. For more information, see "Changing the access policy of a self-hosted runner group."
enterprise.runner_group_updatedThe configuration of a GitHub Actions self-hosted runner group was changed. For more information, see "Changing the access policy of a self-hosted runner group."
enterprise.runner_group_runner_removedThe REST API was used to remove a GitHub Actions self-hosted runner from a group. For more information, see "Remove a self-hosted runner from a group for an organization."
enterprise.runner_group_runners_addedA GitHub Actions self-hosted runner was added to a group. For more information, see Moving a self-hosted runner to a group.
enterprise.runner_group_runners_updatedA GitHub Actions runner group's list of members was updated. For more information, see "Set self-hosted runners in a group for an organization."
enterprise.self_hosted_runner_onlineThe GitHub Actions runner application was started. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "Checking the status of a self-hosted runner."
enterprise.self_hosted_runner_offlineThe GitHub Actions runner application was stopped. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "Checking the status of a self-hosted runner."

external_group category actions

ActionDescription
external_group.deleteAn Okta group was deleted. For more information, see "Mapping Okta groups to teams."
external_group.linkAn Okta group was mapped to a GitHub AE team. For more information, see "Mapping Okta groups to teams."
external_group.provisionAn Okta group was mapped to a team on GitHub AE. For more information, see "Mapping Okta groups to teams."
external_group.unlinkAn Okta group was unmapped from a GitHub AE team. For more information, see "Mapping Okta groups to teams."
external_group.updateAn Okta group's settings were updated. For more information, see "Mapping Okta groups to teams."

external_identity category actions

ActionDescription
external_identity.deprovisionA user was removed from an Okta group and was subsequently deprovisioned from GitHub AE. For more information, see "Mapping Okta groups to teams."
external_identity.provisionAn Okta user was added to an Okta group and was subsequently provisioned to the mapped team on GitHub AE. For more information, see "Mapping Okta groups to teams."
external_identity.updateAn Okta user's settings were updated. For more information, see "Mapping Okta groups to teams."

gist category actions

ActionDescription
gist.createA gist is created.
gist.destroyA gist is deleted.
gist.visibility_changeThe visibility of a gist is changed.

hook category actions

ActionDescription
hook.active_changedA hook's active status was updated.
hook.config_changedA hook's configuration was changed.
hook.createA new hook was added.
hook.destroyA hook was deleted.
hook.events_changedA hook's configured events were changed.

integration category actions

ActionDescription
integration.createAn integration was created.
integration.destroyAn integration was deleted.
integration.manager_addedA member of an enterprise or organization was added as an integration manager.
integration.manager_removedA member of an enterprise or organization was removed from being an integration manager.
integration.transferOwnership of an integration was transferred to another user or organization.
integration.remove_client_secretA client secret for an integration was removed.
integration.revoke_all_tokensAll user tokens for an integration were requested to be revoked.
integration.revoke_tokensToken(s) for an integration were revoked.

integration_installationcategory actions

ActionDescription
integration_installation.contact_email_changedA contact email for an integration was changed.
integration_installation.createAn integration was installed.
integration_installation.destroyAn integration was uninstalled.
integration_installation.repositories_addedRepositories were added to an integration.
integration_installation.repositories_removedRepositories were removed from an integration.
integration_installation.version_updatedPermissions for an integration were updated.

integration_installation_request category actions

ActionDescription
integration_installation_request.createAn member requested that an owner install an integration for use in an enterprise or organization.
integration_installation_request.closeA request to install an integration for use in an enterprise or organization was either approved or denied by an owner, or canceled by the member who opened the request.

ip_allow_list category actions

ActionDescription
ip_allow_list.enableAn IP allow list was enabled.
ip_allow_list.enable_for_installed_appsAn IP allow list was enabled for installed GitHub Apps.
ip_allow_list.disableAn IP allow list was disabled.
ip_allow_list.disable_for_installed_appsAn IP allow list was disabled for installed GitHub Apps.

ip_allow_list_entry category actions

ActionDescription
ip_allow_list_entry.createAn IP address was added to an IP allow list.
ip_allow_list_entry.updateAn IP address or its description was changed.
ip_allow_list_entry.destroyAn IP address was deleted from an IP allow list.

issue category actions

ActionDescription
issue.destroyAn issue was deleted from the repository. For more information, see "Deleting an issue."
issue.pinnedAn issue was pinned to a repository. For more information, see "Pinning an issue to your repository."
issue.transferAn issue was transferred to another repository. For more information, see "Transferring an issue to another repository."
issue.unpinnedAn issue was unpinned from a repository. For more information, see "Pinning an issue to your repository."

issue_comment category actions

ActionDescription
issue_comment.destroyA comment on an issue was deleted from the repository.
issue_comment.pinnedA comment on an issue was pinned to a repository.
issue_comment.unpinnedA comment on an issue was unpinned from a repository.
issue_comment.updateA comment on an issue (other than the initial one) changed.

issues category actions

ActionDescription
issues.deletes_disabledThe ability for enterprise members to delete issues was disabled. Members cannot delete issues in any organizations in an enterprise. For more information, see "Enforcing a policy for deleting issues."
issues.deletes_enabledThe ability for enterprise members to delete issues was enabled. Members can delete issues in any organizations in an enterprise. For more information, see "Enforcing a policy for deleting issues."
issues.deletes_policy_clearedAn enterprise owner cleared the policy setting for allowing members to delete issues in an enterprise. For more information, see "Enforcing a policy for deleting issues."

members_can_create_pages category actions

ActionDescription
members_can_create_pages.disableThe ability for members to publish GitHub Pages was disabled. Members cannot publish GitHub Pages in an organization. For more information, see "Managing the publication of GitHub Pages sites for your organization."
members_can_create_pages.enableThe ability for members to publish GitHub Pages was enabled. Members can publish GitHub Pages in an organization. For more information, see "Managing the publication of GitHub Pages sites for your organization."

members_can_create_private_pages category actions

ActionDescription
members_can_create_private_pages.disableThe ability for members to publish private GitHub Pages was disabled. Members cannot publish private GitHub Pages in an organization. For more information, see "Managing the publication of GitHub Pages sites for your organization."
members_can_create_private_pages.enableThe ability for members to publish private GitHub Pages was enabled. Members can publish private GitHub Pages in an organization. For more information, see "Managing the publication of GitHub Pages sites for your organization."

members_can_create_public_pages category actions

ActionDescription
members_can_create_public_pages.disableThe ability for members to publish public GitHub Pages was disabled. Members cannot publish public GitHub Pages in an organization. For more information, see "Managing the publication of GitHub Pages sites for your organization."
members_can_create_public_pages.enableThe ability for members to publish public GitHub Pages was enabled. Members can publish public GitHub Pages in an organization. For more information, see "Managing the publication of GitHub Pages sites for your organization."

members_can_delete_repos category actions

ActionDescription
members_can_delete_repos.clearAn enterprise owner cleared the policy setting for deleting or transfering repositories in any organizations in an enterprise. For more information, see "Enforcing a policy for repository deletion and transfer."
members_can_delete_repos.disableThe ability for enterprise members to delete repositories was disabled. Members cannot delete or transfer repositories in any organizations in an enterprise. For more information, see "Enforcing a policy for repository deletion and transfer."
members_can_delete_repos.enableThe ability for enterprise members to delete repositories was enabled. Members can delete or transfer repositories in any organizations in an enterprise. For more information, see "Enforcing a policy for repository deletion and transfer."

members_can_view_dependency_insights category actions

ActionDescription
members_can_view_dependency_insights.clearAn enterprise owner cleared the policy setting for viewing dependency insights in any organizations in an enterprise.
members_can_view_dependency_insights.disableThe ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise.
members_can_view_dependency_insights.enableThe ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise.

migration category actions

ActionDescription
migration.createA migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.
migration.destroy_fileA migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was deleted.
migration.downloadA migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was downloaded.

oauth_access category actions

ActionDescription
oauth_access.createAn OAuth access token was generated for a user account. For more information, see "Creating a personal access token."
oauth_access.destroyAn OAuth access token was deleted from a user account.

oauth_application category actions

ActionDescription
oauth_application.createAn OAuth application was created for a user or organization account.
oauth_application.destroyAn OAuth application was deleted from a user or organization account.
oauth_application.reset_secretAn OAuth application's secret key was reset.
oauth_application.revoke_tokensToken(s) for an OAuth application were revoked.
oauth_application.transferAn OAuth application was transferred from one user or organization account to another.
oauth_application.unsuspendAn OAuth application was unsuspended for a user or organization account.

org category actions

ActionDescription
org.accept_business_invitationAn invitation sent to an organization to join an enterprise was accepted.
org.add_billing_managerA billing manager was added to an organization.
org.add_memberA user joined an organization.
org.advanced_security_disabled_for_new_reposGitHub Advanced Security was disabled for new repositories in an organization.
org.advanced_security_disabled_on_all_reposGitHub Advanced Security was disabled for all repositories in an organization.
org.advanced_security_enabled_for_new_reposGitHub Advanced Security was enabled for new repositories in an organization.
org.advanced_security_enabled_on_all_reposGitHub Advanced Security was enabled for all repositories in an organization.
org.advanced_security_policy_selected_member_disabledAn enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization. For more information, see "Enforcing policies for Advanced Security in your enterprise."
org.advanced_security_policy_selected_member_enabledAn enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization. For more information, see "Enforcing policies for Advanced Security in your enterprise."
org.advanced_security_policy_updateAn organization owner updated polices for GitHub Advanced Security in an enterprise. For more information, see "Enforcing policies for Advanced Security in your enterprise."
org.async_deleteA user initiated a background job to delete an organization.
org.block_userAn organization owner blocked a user from accessing the organization's repositories.
org.cancel_business_invitationAn invitation for an organization to join an enterprise was revoked.
org.cancel_invitationAn invitation sent to a user to join an organization was revoked.
org.clear_actions_settingsAn organization owner cleared GitHub Actions policy settings for an organization. For more information, see "Managing GitHub Actions permissions for your organization."
org.clear_default_repository_permissionAn organization owner cleared the base repository permission policy setting for an organization. For more information, see "Setting base permissions."
org.clear_member_team_creation_permissionAn organization owner cleared the new teams creation setting for an organization. For more information, see "Setting team creation permissions in your organization."
org.clear_reader_discussion_creation_permissionAn organization owner cleared the new discussion creation setting for an organization.
org.clear_members_can_create_reposAn organization owner cleared a restriction on repository creation in an organization. For more information, see "Restricting repository creation in your organization."
org.clear_members_can_invite_outside_collaboratorsAn organization owner cleared the outside collaborators invitation policy for an organization. For more information, see "Setting permissions for adding outside collaborators."
org.clear_new_repository_default_branch_settingAn organization owner cleared the default branch name for new repositories setting for an organization. For more information, see "Setting the default branch name."
org.config.disable_collaborators_onlyThe interaction limit for collaborators only for an organization was disabled.
org.config.disable_contributors_onlyThe interaction limit for prior contributors only for an organization was disabled.
org.config.disable_sockpuppet_disallowedThe interaction limit for existing users only for an organization was disabled.
org.config.enable_collaborators_onlyThe interaction limit for collaborators only for an organization was enabled.
org.config.enable_contributors_onlyThe interaction limit for prior contributors only for an organization was enabled.
org.config.enable_sockpuppet_disallowedThe interaction limit for existing users only for an organization was enabled.
org.confirm_business_invitationAn invitation for an organization to join an enterprise was confirmed.
org.createAn organization was created. For more information, see "Creating a new organization from scratch."
org.create_integration_secretA Dependabot integration secret was created for an organization.
org.deleteAn organization was deleted by a user-initiated background job.
org.disable_member_team_creation_permissionAn organization owner limited team creation to owners. For more information, see "Setting team creation permissions in your organization."
org.disable_reader_discussion_creation_permissionAn organization owner limited discussion creation to users with at least triage permission in an organization.
org.display_commenter_full_name_disabledAn organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name.
org.display_commenter_full_name_enabledAn organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name.
org.enable_member_team_creation_permissionAn organization owner allowed members to create teams. For more information, see "Setting team creation permissions in your organization."
org.enable_reader_discussion_creation_permissionAn organization owner allowed users with read access to create discussions in an organization.
org.integration_manager_addedAn organization owner granted a member access to manage all GitHub Apps owned by an organization.
org.integration_manager_removedAn organization owner removed access to manage all GitHub Apps owned by an organization from an organization member.
org.invite_memberA new user was invited to join an organization.
org.invite_to_businessAn organization was invited to join an enterprise.
org.members_can_update_protected_branches.clearAn organization owner unset a policy for whether members of an organization can update protected branches on repositories in an organization. Organization administrators can choose whether to allow updating protected branches settings.
org.members_can_update_protected_branches.disableThe ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches.
org.members_can_update_protected_branches.enableThe ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches.
org.recreateAn organization was restored.
org.register_self_hosted_runnerA new self-hosted runner was registered. For more information, see "Adding a self-hosted runner to an organization."
org.remove_actions_secretA GitHub Actions secret was removed.
org.remove_integration_secretA Dependabot integration secret was removed from an organization.
org.remove_billing_managerAn owner removed a billing manager from an organization.
org.remove_memberAn owner removed a member from an organization. Also an organization member removed themselves from an organization.
org.remove_outside_collaboratorAn owner removed an outside collaborator from an organization.
org.remove_self_hosted_runnerA self-hosted runner was removed. For more information, see "Removing a runner from an organization."
org.renameAn organization was renamed.
org.restore_memberAn organization member was restored. For more information, see "Reinstating a former member of your organization."
org.runner_group_createdA self-hosted runner group was created. For more information, see "Creating a self-hosted runner group for an organization."
org.runner_group_removedA self-hosted runner group was removed. For more information, see "Removing a self-hosted runner group."
org.runner_group_updatedThe configuration of a self-hosted runner group was changed. For more information, see "Changing the access policy of a self-hosted runner group."
org.runner_group_runner_removedThe REST API was used to remove a self-hosted runner from a group. For more information, see "Remove a self-hosted runner from a group for an organization."
org.runner_group_runners_addedA self-hosted runner was added to a group. For more information, see Moving a self-hosted runner to a group.
org.runner_group_runners_updatedA runner group's list of members was updated. For more information, see "Set self-hosted runners in a group for an organization."
org.self_hosted_runner_onlineThe runner application was started. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "Checking the status of a self-hosted runner."
org.self_hosted_runner_offlineThe runner application was stopped. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "Checking the status of a self-hosted runner."
org.set_actions_retention_limitThe retention period for GitHub Actions artifacts and logs in an organization was changed. For more information, see "Configuring the retention period for GitHub Actions artifacts and logs in your organization."
org.unblock_userAn organization owner unblocked a user from an organization.
org.update_integration_secretA Dependabot integration secret was updated for an organization.
org.update_default_repository_permissionAn organization owner changed the default repository permission level for organization members.
org.update_memberAn organization owner changed a person's role from owner to member or member to owner.
org.update_member_repository_creation_permissionAn organization owner changed the create repository permission for organization members.
org.update_member_repository_invitation_permissionAn organization owner changed the policy setting for organization members inviting outside collaborators to repositories. For more information, see "Setting permissions for adding outside collaborators."
org.update_new_repository_default_branch_settingAn organization owner changed the name of the default branch for new repositories in the organization. For more information, see "Managing the default branch name for repositories in your organization."
org.update_saml_provider_settingsAn organization's SAML provider settings were updated.
org.update_terms_of_serviceAn organization changed between the Standard Terms of Service and the Corporate Terms of Service.

org_credential_authorization category actions

ActionDescription
org_credential_authorization.deauthorizedA member deauthorized credentials for use with SAML single sign-on. For more information, see "Authenticating with SAML single sign-on."
org_credential_authorization.grantA member authorized credentials for use with SAML single sign-on. For more information, see "Authenticating with SAML single sign-on."
org_credential_authorization.revokeAn owner revoked authorized credentials.

organization_default_label category actions

ActionDescription
organization_default_label.createA default label for repositories in an organization was created. For more information, see "Creating a default label."
organization_default_label.updateA default label for repositories in an organization was edited. For more information, see "Editing a default label."
organization_default_label.destroyA default label for repositories in an organization was deleted. For more information, see "Deleting a default label."

packages category actions

ActionDescription
packages.insecure_hashMaven published an insecure hash for a specific package version.
packages.package_deletedA package was deleted from an organization.
packages.package_publishedA package was published or republished to an organization.
packages.package_restoredAn entire package was restored.
packages.package_version_deletedA specific package version was deleted.
packages.package_version_publishedA specific package version was published or republished to a package.
packages.package_version_restoredA specific package version was deleted.
packages.part_uploadA specific package version was partially uploaded to an organization.
packages.upstream_package_fetchedA specific package version was fetched from the npm upstream proxy.
packages.version_downloadA specific package version was downloaded.
packages.version_uploadA specific package version was uploaded.

private_repository_forking category actions

ActionDescription
private_repository_forking.clearAn enterprise owner cleared the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. For more information, see "Managing the forking policy for your repository, "Managing the forking policy for your organization and for enterprises "Enforcing a policy for forking private or internal repositories."
private_repository_forking.disableAn enterprise owner disabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are never allowed to be forked. For more information, see "Managing the forking policy for your repository, "Managing the forking policy for your organization and for enterprises "Enforcing a policy for forking private or internal repositories."
private_repository_forking.enableAn enterprise owner enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked. For more information, see "Managing the forking policy for your repository, "Managing the forking policy for your organization and for enterprises "Enforcing a policy for forking private or internal repositories."

project category actions

ActionDescription
project.accessA project board visibility was changed. For more information, see "Changing project board visibility."
project.closeA project board was closed. For more information, see "Closing a project board."
project.createA project board was created. For more information, see "Creating a project board."
project.deleteA project board was deleted. For more information, see "Deleting a project board."
project.linkA repository was linked to a project board. For more information, see "Linking a repository to a project board."
project.openA project board was reopened. For more information, see "Reopening a closed project board."
project.renameA project board was renamed. For more information, see "Editing a project board."
project.unlinkA repository was unlinked from a project board. For more information, see "Linking a repository to a project board."
project.update_org_permissionThe project's base-level permission for all organization members was changed or removed. For more information, see "Managing access to a project board for organization members."
project.update_team_permissionA team's project board permission level was changed or when a team was added or removed from a project board. For more information, see "Managing team access to an organization project board."
project.update_user_permissionAn organization member or outside collaborator was added to or removed from a project board or had their permission level changed. For more information, see "Managing an individual’s access to an organization project board."

protected_branch category actions

ActionDescription
protected_branch.create Branch protection was enabled on a branch.
protected_branch.destroyBranch protection was disabled on a branch.
protected_branch.dismiss_stale_reviews Enforcement of dismissing stale pull requests was updated on a branch.
protected_branch.policy_override A branch protection requirement was overridden by a repository administrator.
protected_branch.rejected_ref_update A branch update attempt was rejected.
protected_branch.required_status_overrideThe required status checks branch protection requirement was overridden by a repository administrator.
protected_branch.review_policy_and_required_status_overrideThe required reviews and required status checks branch protection requirements were overridden by a repository administrator.
protected_branch.review_policy_overrideThe required reviews branch protection requirement was overridden by a repository administrator.
protected_branch.update_admin_enforced Branch protection was enforced for repository administrators.
protected_branch.update_pull_request_reviews_enforcement_level Enforcement of required pull request reviews was updated on a branch. Can be one of 0(deactivated), 1(non-admins), 2(everyone).
protected_branch.update_require_code_owner_review Enforcement of required code owner review was updated on a branch.
protected_branch.update_required_approving_review_countEnforcement of the required number of approvals before merging was updated on a branch.
protected_branch.update_required_status_checks_enforcement_level Enforcement of required status checks was updated on a branch.
protected_branch.update_signature_requirement_enforcement_level Enforcement of required commit signing was updated on a branch.
protected_branch.update_strict_required_status_checks_policyEnforcement of required status checks was updated on a branch.
protected_branch.update_nameA branch name pattern was updated for a branch.

public_key category actions

ActionDescription
public_key.createAn SSH key was added to a user account or a deploy key was added to a repository.
public_key.deleteAn SSH key was removed from a user account or a deploy key was removed from a repository.
public_key.updateA user account's SSH key or a repository's deploy key was updated.
public_key.unverification_failureA user account's SSH key or a repository's deploy key was unable to be unverified.
public_key.unverifyA user account's SSH key or a repository's deploy key was unverified.
public_key.verification_failureA user account's SSH key or a repository's deploy key was unable to be verified.
public_key.verifyA user account's SSH key or a repository's deploy key was verified.

pull_request category actions

ActionDescription
pull_request.closeA pull request was closed without being merged. For more information, see "Closing a pull request."
pull_request.converted_to_draftA pull request was converted to a draft. For more information, see "Changing the stage of a pull request."
pull_request.createA pull request was created. For more information, see "Creating a pull request."
pull_request.create_review_requestA review was requested on a pull request. For more information, see "About pull request reviews."
pull_request.in_progressA pull request was marked as in progress.
pull_request.indirect_mergeA pull request was considered merged because the pull request's commits were merged into the target branch.
pull_request.mergeA pull request was merged. For more information, see "Merging a pull request."
pull_request.ready_for_reviewA pull request was marked as ready for review. For more information, see "Changing the stage of a pull request."
pull_request.remove_review_requestA review request was removed from a pull request. For more information, see "About pull request reviews."
pull_request.reopenA pull request was reopened after previously being closed.
pull_request_review.deleteA review on a pull request was deleted.
pull_request_review.dismissA review on a pull request was dismissed. For more information, see "Dismissing a pull request review."
pull_request_review.submitA review was submitted for a pull request. For more information, see "About pull request reviews."

pull_request_review category actions

ActionDescription
pull_request_review.deleteA review on a pull request was deleted.
pull_request_review.dismissA review on a pull request was dismissed. For more information, see "Dismissing a pull request review."
pull_request_review.submitA review on a pull request was submitted. For more information, see "Submitting your review."

pull_request_review_comment category actions

ActionDescription
pull_request_review_comment.createA review comment was added to a pull request. For more information, see "About pull request reviews."
pull_request_review_comment.deleteA review comment on a pull request was deleted.
pull_request_review_comment.updateA review comment on a pull request was changed.

repo category actions

ActionDescription
repo.accessThe visibility of a repository changed to private or internal.
repo.actions_enabledGitHub Actions was enabled for a repository.
repo.add_memberA collaborator was added to a repository.
repo.add_topicA topic was added to a repository.
repo.advanced_security_disabledGitHub Advanced Security was disabled for a repository.
repo.advanced_security_enabledGitHub Advanced Security was enabled for a repository.
repo.advanced_security_policy_selected_member_disabledA repository administrator prevented GitHub Advanced Security features from being enabled for a repository.
repo.advanced_security_policy_selected_member_enabledA repository administrator allowed GitHub Advanced Security features to be enabled for a repository.
repo.archivedA repository was archived. For more information, see "Archiving a GitHub repository."
repo.code_scanning_analysis_deletedCode scanning analysis for a repository was deleted. For more information, see "Delete a code scanning analysis from a repository."
repo.change_merge_settingPull request merge options were changed for a repository.
repo.clear_actions_settingsA repository administrator cleared GitHub Actions policy settings for a repository.
repo.configA repository administrator blocked force pushes. For more information, see Blocking force pushes to a repository to a repository.
repo.createA repository was created.
repo.create_actions_secretA GitHub Actions secret was created for a repository. For more information, see "Creating encrypted secrets for a repository."
repo.create_integration_secretA Dependabot integration secret was created for a repository.
repo.destroyA repository was deleted.
repo.download_zipA source code archive of a repository was downloaded as a ZIP file.
repo.pages_cnameA GitHub Pages custom domain was modified in a repository.
repo.pages_createA GitHub Pages site was created.
repo.pages_destroyA GitHub Pages site was deleted.
repo.pages_https_redirect_disabledHTTPS redirects were disabled for a GitHub Pages site.
repo.pages_https_redirect_enabledHTTPS redirects were enabled for a GitHub Pages site.
repo.pages_sourceA GitHub Pages source was modified.
repo.pages_privateA GitHub Pages site visibility was changed to private.
repo.pages_publicA GitHub Pages site visibility was changed to public.
repo.register_self_hosted_runnerA new self-hosted runner was registered. For more information, see "Adding a self-hosted runner to a repository."
repo.remove_self_hosted_runnerA self-hosted runner was removed. For more information, see "Removing a runner from a repository."
repo.remove_actions_secretA GitHub Actions secret was deleted for a repository.
repo.remove_integration_secretA Dependabot integration secret was deleted for a repository.
repo.remove_memberA collaborator was removed from a repository.
repo.remove_topicA topic was removed from a repository.
repo.renameA repository was renamed.
repo.set_actions_retention_limitThe retention period for GitHub Actions artifacts and logs in a repository was changed. For more information, see "Configuring the retention period for GitHub Actions artifacts and logs in your repository."
repo.self_hosted_runner_onlineThe runner application was started. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "Checking the status of a self-hosted runner."
repo.self_hosted_runner_offlineThe runner application was stopped. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "Checking the status of a self-hosted runner."
repo.self_hosted_runner_updatedThe runner application was updated. Can be viewed using the REST API and the UI; not visible in the JSON/CSV export. For more information, see "About self-hosted runners."
repo.staff_unlockAn enterprise administrator or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.
repo.transferA user accepted a request to receive a transferred repository.
repo.transfer_outgoingA repository was transferred to another repository network.
repo.transfer_startA user sent a request to transfer a repository to another user or organization.
repo.unarchivedA repository was unarchived. For more information, see "Archiving a GitHub repository."
repo.update_actions_settingsA repository administrator changed GitHub Actions policy settings for a repository.
repo.update_actions_secretA GitHub Actions secret was updated.
repo.update_actions_access_settingsThe setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.
repo.update_default_branchThe default branch for a repository was changed.
repo.update_integration_secretA Dependabot or Codespaces integration secret was updated for a repository.
repo.update_memberA user's permission to a repository was changed.

repository_image category actions

ActionDescription
repository_image.createAn image to represent a repository was uploaded.
repository_image.destroyAn image to represent a repository was deleted.

repository_invitation category actions

ActionDescription
repository_invitation.acceptAn invitation to join a repository was accepted.
repository_invitation.createAn invitation to join a repository was sent.
repository_invitation.rejectAn invitation to join a repository was canceled.

repository_projects_change category actions

ActionDescription
repository_projects_change.clearThe repository projects policy was removed for an organization, or all organizations in the enterprise. Organization admins can now control their repository projects settings. For more information, see "Enforcing project board policies in your enterprise."
repository_projects_change.disableRepository projects were disabled for a repository, all repositories in an organization, or all organizations in an enterprise.
repository_projects_change.enableRepository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise.

repository_secret_scanning category actions

ActionDescription
repository_secret_scanning.disableA repository owner or administrator disabled secret scanning for a repository. For more information, see "About secret scanning."
repository_secret_scanning.enableA repository owner or administrator enabled secret scanning for a repository.

repository_visibility_change category actions

ActionDescription
repository_visibility_change.clearThe repository visibility change setting was cleared for an organization or enterprise. For more information, see "Restricting repository visibility changes in your organization" and "Enforcing a policy for changes to repository visibility for an enterprise."
repository_visibility_change.disableThe ability for enterprise members to update a repository's visibility was disabled. Members are unable to change repository visibilities in an organization, or all organizations in an enterprise.
repository_visibility_change.enableThe ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise.

repository_vulnerability_alert category actions

ActionDescription
repository_vulnerability_alert.createGitHub AE created a Dependabot alert for a repository that uses a vulnerable dependency. For more information, see "About alerts for vulnerable dependencies."
repository_vulnerability_alert.dismissAn organization owner or repository administrator dismissed a Dependabot alert about a vulnerable dependency.
repository_vulnerability_alert.resolveSomeone with write access to a repository pushed changes to update and resolve a vulnerability in a project dependency.

required_status_check category actions

ActionDescription
required_status_check.createA status check was marked as required for a protected branch. For more information, see "Require status checks before merging."
required_status_check.destroyA status check was no longer marked as required for a protected branch. For more information, see "Require status checks before merging."

secret_scanning category actions

ActionDescription
secret_scanning.disableAn organization owner disabled secret scanning for all existing repositories. For more information, see "About secret scanning."
secret_scanning.enableAn organization owner enabled secret scanning for all existing repositories.

secret_scanning_new_repos category actions

ActionDescription
secret_scanning_new_repos.disableAn organization owner disabled secret scanning for all new repositories. For more information, see "About secret scanning."
secret_scanning_new_repos.enableAn organization owner enabled secret scanning for all new repositories.

security_key category actions

ActionDescription
security_key.registerA security key was registered for an account.
security_key.removeA security key was removed from an account.

ssh_certificate_authority category actions

ActionDescription
ssh_certificate_authority.createAn SSH certificate authority for an organization or enterprise was created. For more information, see "Managing your organization's SSH certificate authorities" and "Managing SSH certificate authorities for your enterprise."
ssh_certificate_authority.destroyAn SSH certificate authority for an organization or enterprise was deleted. For more information, see "Managing your organization's SSH certificate authorities" and "Managing SSH certificate authorities for your enterprise."

ssh_certificate_requirement category actions

ActionDescription
ssh_certificate_requirement.enableThe requirement for members to use SSH certificates to access an organization resources was enabled. For more information, see "Managing your organization's SSH certificate authorities" and "Managing SSH certificate authorities for your enterprise."
ssh_certificate_requirement.disableThe requirement for members to use SSH certificates to access an organization resources was disabled. For more information, see "Managing your organization's SSH certificate authorities" and "Managing SSH certificate authorities for your enterprise."

staff category actions

ActionDescription
staff.disable_repoAn organization or repository administrator disabled access to a repository and all of its forks.
staff.enable_repoAn organization or repository administrator re-enabled access to a repository and all of its forks.
staff.exit_fake_loginAn enterprise owner ended an impersonation session on GitHub AE.
staff.fake_loginAn enterprise owner signed into GitHub AE as another user.
staff.repo_lockAn organization or repository administrator locked (temporarily gained full access to) a user's private repository.
staff.repo_unlockAn organization or repository administrator unlocked (ended their temporary access to) a user's private repository.
staff.set_domain_token_expirationGitHub staff set the verification code expiry time for an organization or enterprise domain.
staff.unverify_domainGitHub staff unverified an organization or enterprise domain.
staff.verify_domainGitHub staff verified an organization or enterprise domain.

team category actions

ActionDescription
team.add_memberA member of an organization was added to a team. For more information, see "Adding organization members to a team."
team.add_repositoryA team was given access and permissions to a repository.
team.change_parent_teamA child team was created or a child team's parent was changed. For more information, see "Moving a team in your organization’s hierarchy."
team.change_privacyA team's privacy level was changed. For more information, see "Changing team visibility."
team.createA user account or repository was added to a team.
team.deleteA user account or repository was removed from a team.
team.destroyA team was deleted.
team.demote_maintainerA user was demoted from a team maintainer to a team member.
team.promote_maintainerA user was promoted from a team member to a team maintainer. For more information, see "Promoting an organization member to team maintainer."
team.remove_memberA member of an organization was removed from a team. For more information, see "Removing organization members from a team."
team.remove_repositoryA repository was no longer under a team's control.
team.renameA team's name was changed.
team.update_permissionA team's access was changed.
team.update_repository_permissionA team's permission to a repository was changed.

team_discussions category actions

ActionDescription
team_discussions.clearAn organization owner cleared the setting to allow team discussions for an organization or enterprise.
team_discussions.disableAn organization owner disabled team discussions for an organization. For more information, see "Disabling team discussions for your organization."
team_discussions.enableAn organization owner enabled team discussions for an organization.

user category actions

ActionDescription
user.add_emailAn email address was added to a user account.
user.async_deleteAn asynchronous job was started to destroy a user account, eventually triggering a user.delete event.
user.audit_log_exportAudit log entries were exported.
user.block_userA user was blocked by another user.
user.change_passwordA user changed his or her password.
user.createA new user account was created.
user.creation_rate_limit_exceededThe rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.
user.deleteA user account was destroyed by an asynchronous job.
user.destroyA user deleted his or her account, triggering user.async_delete.
user.failed_loginA user tries to sign in with an incorrect username, password, or two-factor authentication code.
user.flag_as_large_scale_contributorA user account was flagged as a large scale contributor. Only contributions from public repositories the user owns will be shown in their contribution graph, in order to prevent timeouts.
user.forgot_passwordA user requested a password reset via the sign-in page.
user.hide_private_contributions_countA user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden. For more information, see "Publicizing or hiding your private contributions on your profile."
user.lockoutA user was locked out of their account.
user.loginA user signed in.
user.mandatory_message_viewedA user viewed a mandatory message. For more information see "Customizing user messages for your enterprise" for details."
user.minimize_commentA comment made by a user was minimized.
user.recreateA user's account was restored.
user.remove_emailAn email address was removed from a user account.
user.remove_large_scale_contributor_flagA user account was no longer flagged as a large scale contributor.
user.renameA username was changed.
user.reset_passwordA user reset their account password.
user.show_private_contributions_countA user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown. For more information, see "Publicizing or hiding your private contributions on your profile."
user.sign_in_from_unrecognized_deviceA user signed in from an unrecognized device.
user.sign_in_from_unrecognized_device_and_locationA user signed in from an unrecognized device and location.
user.sign_in_from_unrecognized_locationA user signed in from an unrecognized location.
user.suspendA user account was suspended by an enterprise owner .
user.two_factor_challenge_failureA 2FA challenge issued for a user account failed.
user.two_factor_challenge_successA 2FA challenge issued for a user account succeeded.
user.two_factor_recoverA user used their 2FA recovery codes.
user.two_factor_recovery_codes_downloadedA user downloaded 2FA recovery codes for their account.
user.two_factor_recovery_codes_printedA user printed 2FA recovery codes for their account.
user.two_factor_recovery_codes_viewedA user viewed 2FA recovery codes for their account.
user.two_factor_requestedA user was prompted for a two-factor authentication code.
user.unblock_userA user was unblocked another user.
user.unminimize_commentA comment made by a user was unminimized.
user.unsuspendA user account was unsuspended by an enterprise owner .

workflows category actions

ActionDescription
workflows.approve_workflow_jobA workflow job was approved. For more information, see "Reviewing deployments."
workflows.cancel_workflow_runA workflow run was cancelled. For more information, see "Canceling a workflow."
workflows.delete_workflow_runA workflow run was deleted. For more information, see "Deleting a workflow run."
workflows.disable_workflowA workflow was disabled.
workflows.enable_workflowA workflow was enabled, after previously being disabled by disable_workflow.
workflows.reject_workflow_jobA workflow job was rejected. For more information, see "Reviewing deployments."
workflows.rerun_workflow_runA workflow run was re-run. For more information, see "Re-running a workflow."