People with admin permissions can manage individual and team access to an organization-owned repository.
You can give organization members, outside collaborators, and teams of people different levels of access to repositories owned by an organization. Each permission level progressively increases access to a repository's content and settings. Choose the level that best fits each person or team's role in your project without giving people more access to the project than they need.
From least access to most access, the permission levels for an organization repository are:
- Read: Recommended for non-code contributors who want to view or discuss your project
- Triage: Recommended for contributors who need to proactively manage issues and pull requests without write access
- Write: Recommended for contributors who actively push to your project
- Maintain: Recommended for project managers who need to manage the repository without access to sensitive or destructive actions
- Admin: Recommended for people who need full access to the project, including sensitive and destructive actions like managing security or deleting a repository
For more information about giving people and teams access to repositories, see "Managing access to your organization's repositories."
Organization owners can set base permissions that apply to all members of an organization when accessing any of the organization's repositories. For more information, see "Setting base permissions for an organization."
Organization owners can also choose to further limit access to certain settings and actions across the organization. For more information on options for specific settings, see "Managing organization settings."
In addition to managing organization-level settings, organization owners have admin permissions for every repository owned by the organization. For more information, see "Permission levels for an organization."
Warning: When someone adds a deploy key to a repository, any user who has the private key can read from or write to the repository (depending on the key settings), even if they're later removed from the organization.
Note: Repository permissions required to use security features are listed in "Permission requirements for security features" below.
|Pull from the person or team's assigned repositories||X||X||X||X||X|
|Fork the person or team's assigned repositories||X||X||X||X||X|
|Edit and delete their own comments||X||X||X||X||X|
|Close issues they opened themselves||X||X||X||X||X|
|Reopen issues they closed themselves||X||X||X||X||X|
|Have an issue assigned to them||X||X||X||X||X|
|Send pull requests from forks of the team's assigned repositories||X||X||X||X||X|
|Submit reviews on pull requests||X||X||X||X||X|
|View published releases||X||X||X||X||X|
|Create, edit, delete labels||X||X||X|
|Close, reopen, and assign all issues and pull requests||X||X||X||X|
|Mark duplicate issues and pull requests||X||X||X||X|
|Request pull request reviews||X||X||X||X|
|Push to (write) the person or team's assigned repositories||X||X||X|
|Edit and delete anyone's comments on commits, pull requests, and issues||X||X||X|
|Hide anyone's comments||X||X||X|
|Transfer issues (see "Transferring an issue to another repository" for details)||X||X||X|
|Act as a designated code owner for a repository||X||X||X|
|Mark a draft pull request as ready for review||X||X||X|
|Convert a pull request to a draft||X||X||X|
|Submit reviews that affect a pull request's mergeability||X||X||X|
|Apply suggested changes to pull requests||X||X||X|
|Create status checks||X||X||X|
|Create and edit releases||X||X||X|
|View draft releases||X||X||X|
|Edit a repository's description||X||X|
|Enable wikis and restrict wiki editors||X||X|
|Enable project boards||X||X|
|Configure pull request merges||X||X|
|Configure a publishing source for Páginas de GitHub||X||X|
|Push to protected branches||X||X|
|Create and edit repository social cards||X||X|
|Delete an issue (see "Deleting an issue")||X|
|Merge pull requests on protected branches, even if there are no approving reviews||X|
|Define code owners for a repository||X|
|Add a repository to a team (see "Managing team access to an organization repository" for details)||X|
|Manage outside collaborator access to a repository||X|
|Change a repository's visibility||X|
|Make a repository a template (see "Creating a template repository")||X|
|Change a repository's settings||X|
|Manage team and collaborator access to the repository||X|
|Edit the repository's default branch||X|
|Manage webhooks and deploy keys||X|
|Manage the forking policy for a repository||X|
|Transfer repositories into the organization||X|
|Delete or transfer repositories out of the organization||X|
|Create autolink references to external resources, like JIRA or Zendesk (see "Configuring autolinks to reference external resources")||X|
In this section, you can find the repository permission levels required for security features, such as Advanced Security features.
|Receive Alertas del Dependabot de GitHub for vulnerable dependencies in a repository||X|
|Dismiss Alertas del Dependabot de GitHub||X|
|Designate additional people or teams to receive Alertas del Dependabot de GitHub for vulnerable dependencies||X|
|Manage access to GitHub Advanced Security features (see "Managing security and analysis settings for your organization")||X|
|View escaneo de código alerts on pull requests||X||X||X||X||X|
|List, dismiss, and delete escaneo de código alerts||X||X||X|
|View escaneo de secretos alerts in a repository||X|
|Resolve, revoke, or re-open escaneo de secretos alerts||X|
|Designate additional people or teams to receive escaneo de secretos alerts in repositories||X|