Note: This article contains the events that may appear in the audit log for an enterprise. For the events that can appear in a user account's security log or the audit log for an organization, see "Security log events" and "Audit log events for your organization."
About audit log events for your enterprise
The scope of the events that appear in your enterprise's audit log depend on whether your enterprise uses Enterprise Managed Users. For more information about Enterprise Managed Users, see "About Enterprise Managed Users."
- If your enterprise does not use Enterprise Managed Users, the audit log only includes events related to the enterprise account and the organizations within the enterprise account, which are listed in this article.
- If your enterprise uses Enterprise Managed Users, the audit log also includes user events for managed user accounts, such as each time the user logs in to GitHub Enterprise Cloud and actions they take within their user account. For a list of these user account events, see "Security log events."
The name for each audit log entry is composed of a category of events, followed by an operation type. For example, the repo.create entry refers to the create operation on the repo category. The reference information in this article is grouped by categories.
account
| Action | Description |
|---|---|
account.plan_change | The account's plan changed. |
advisory_credit
| Action | Description |
|---|---|
advisory_credit.accept | Credit was accepted for a security advisory. |
advisory_credit.create | Someone was added to the credit section of a security advisory. |
advisory_credit.decline | Credit was declined for a security advisory. |
advisory_credit.destroy | Someone was removed from the credit section of a security advisory. |
artifact
| Action | Description |
|---|---|
artifact.destroy | A workflow run artifact was manually deleted. |
audit_log_streaming
| Action | Description |
|---|---|
audit_log_streaming.check | A manual check of the endpoint configured for audit log streaming was performed. |
audit_log_streaming.create | An endpoint was added for audit log streaming. |
audit_log_streaming.destroy | An audit log streaming endpoint was deleted. |
audit_log_streaming.update | An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled. |
auto_approve_personal_access_token_requests
| Action | Description |
|---|---|
auto_approve_personal_access_token_requests.disable | Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources. |
auto_approve_personal_access_token_requests.enable | Triggered when fine-grained personal access tokens can access organization resources without prior approval. |
billing
| Action | Description |
|---|---|
billing.change_billing_type | The way the account pays for GitHub was changed. |
billing.change_email | The billing email address changed. |
business
| Action | Description |
|---|---|
business.add_admin | An enterprise owner was added to an enterprise. |
business.add_billing_manager | A billing manager was added to an enterprise. |
business.add_organization | An organization was added to an enterprise. |
business.add_support_entitlee | A support entitlement was added to a member of an enterprise. |
business.advanced_security_policy_update | An enterprise owner created, updated, or removed a policy for GitHub Advanced Security. |
business.cancel_admin_invitation | An invitation for someone to be an owner of an enterprise was canceled. |
business.cancel_billing_manager_invitation | An invitation for someone to be an billing manager of an enterprise was canceled. |
business.clear_actions_settings | An enterprise owner or site administrator cleared GitHub Actions policy settings for an enterprise. |
business.clear_default_repository_permission | An enterprise owner cleared the base repository permission policy setting for an enterprise. |
business.clear_members_can_create_repos | An enterprise owner cleared a restriction on repository creation in organizations in the enterprise. |
business.create | An enterprise was created. |
business.disable_oidc | OIDC single sign-on was disabled for an enterprise. |
business.disable_saml | SAML single sign-on was disabled for an enterprise. |
business.disable_two_factor_requirement | The requirement for members to have two-factor authentication enabled to access an enterprise was disabled. |
business.enable_oidc | OIDC single sign-on was enabled for an enterprise. |
business.enable_saml | SAML single sign-on was enabled for an enterprise. |
business.enable_two_factor_requirement | The requirement for members to have two-factor authentication enabled to access an enterprise was enabled. |
business.enterprise_server_license_download | A GitHub Enterprise Server license was downloaded. |
business.import_license_usage | License usage information was imported from a GitHub Enterprise Server instance to an enterprise account on GitHub.com. |
business.invite_admin | An invitation for someone to be an enterprise owner of an enterprise was sent. |
business.invite_billing_manager | An invitation for someone to be an billing manager of an enterprise was sent. |
business.members_can_update_protected_branches.clear | An enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization owners can choose whether to allow updating protected branches settings. |
business.members_can_update_protected_branches.disable | The ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches. |
business.members_can_update_protected_branches.enable | The ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches. |
business.remove_admin | An enterprise owner was removed from an enterprise. |
business.remove_billing_manager | A billing manager was removed from an enterprise. |
business.remove_member | A member was removed from an enterprise. |
business.remove_organization | An organization was removed from an enterprise. |
business.remove_support_entitlee | A support entitlement was removed from a member of an enterprise. |
business.rename_slug | The slug for the enterprise URL was renamed. |
business.revoke_external_identity | The external identity for a member in an enterprise was revoked. |
business.revoke_sso_session | The SAML single sign-on session for a member in an enterprise was revoked. |
business.set_actions_fork_pr_approvals_policy | The setting for requiring approvals for workflows from public forks was changed for an enterprise. |
business.set_actions_retention_limit | The retention period for GitHub Actions artifacts and logs was changed for an enterprise. |
business.set_fork_pr_workflows_policy | The policy for fork pull requests is changed. |
business.update_actions_settings | An enterprise owner or site administrator updated GitHub Actions policy settings for an enterprise. |
business.update_default_repository_permission | The base repository permission setting was updated for all organizations in an enterprise. |
business.update_member_repository_creation_permission | The repository creation setting was updated for an enterprise. |
business.update_member_repository_invitation_permission | The policy setting for enterprise members inviting outside collaborators to repositories was updated. |
business.update_saml_provider_settings | The SAML single sign-on provider settings for an enterprise were updated. |
business_advanced_security
| Action | Description |
|---|---|
business_advanced_security.disabled | GitHub Advanced Security was disabled for your enterprise. |
business_advanced_security.disabled_for_new_repos | GitHub Advanced Security was disabled for new repositories in your enterprise. |
business_advanced_security.enabled | GitHub Advanced Security was enabled for your enterprise. |
business_advanced_security.enabled_for_new_repos | GitHub Advanced Security was enabled for new repositories in your enterprise. |
business_secret_scanning
| Action | Description |
|---|---|
business_secret_scanning.disable | Secret scanning was disabled for your enterprise. |
business_secret_scanning.disabled_for_new_repos | Secret scanning was disabled for new repositories in your enterprise. |
business_secret_scanning.enable | Secret scanning was enabled for your enterprise. |
business_secret_scanning.enabled_for_new_repos | Secret scanning was enabled for new repositories in your enterprise. |
business_secret_scanning_automatic_validity_checks
| Action | Description |
|---|---|
business_secret_scanning_automatic_validity_checks.disabled | Automatic partner validation checks have been disabled at the business level |
business_secret_scanning_automatic_validity_checks.enabled | Automatic partner validation checks have been enabled at the business level |
business_secret_scanning_custom_pattern
| Action | Description |
|---|---|
business_secret_scanning_custom_pattern.create | An enterprise-level custom pattern was created for secret scanning. |
business_secret_scanning_custom_pattern.delete | An enterprise-level custom pattern was removed from secret scanning. |
business_secret_scanning_custom_pattern.publish | An enterprise-level custom pattern was published for secret scanning. |
business_secret_scanning_custom_pattern.update | Changes to an enterprise-level custom pattern were saved and a dry run was executed for secret scanning. |
business_secret_scanning_custom_pattern_push_protection
| Action | Description |
|---|---|
business_secret_scanning_custom_pattern_push_protection.disabled | Push protection for a custom pattern for secret scanning was disabled for your enterprise. |
business_secret_scanning_custom_pattern_push_protection.enabled | Push protection for a custom pattern for secret scanning was enabled for your enterprise. |
business_secret_scanning_push_protection
| Action | Description |
|---|---|
business_secret_scanning_push_protection.disable | Push protection for secret scanning was disabled for your enterprise. |
business_secret_scanning_push_protection.disabled_for_new_repos | Push protection for secret scanning was disabled for new repositories in your enterprise. |
business_secret_scanning_push_protection.enable | Push protection for secret scanning was enabled for your enterprise. |
business_secret_scanning_push_protection.enabled_for_new_repos | Push protection for secret scanning was enabled for new repositories in your enterprise. |
business_secret_scanning_push_protection_custom_message
| Action | Description |
|---|---|
business_secret_scanning_push_protection_custom_message.disable | The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise. |
business_secret_scanning_push_protection_custom_message.enable | The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise. |
business_secret_scanning_push_protection_custom_message.update | The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise. |
checks
| Action | Description |
|---|---|
checks.auto_trigger_disabled | Automatic creation of check suites was disabled on a repository in the organization or enterprise. |
checks.auto_trigger_enabled | Automatic creation of check suites was enabled on a repository in the organization or enterprise. |
checks.delete_logs | Logs in a check suite were deleted. |
codespaces
| Action | Description |
|---|---|
codespaces.allow_permissions | A codespace using custom permissions from its devcontainer.json file was launched. |
codespaces.attempted_to_create_from_prebuild | An attempt to create a codespace from a prebuild was made. |
codespaces.connect | A codespace was started. |
codespaces.create | A codespace was created |
codespaces.destroy | A user deleted a codespace. |
codespaces.trusted_repositories_access_update | Triggered when you change your personal account's access and security setting for Codespaces. |
commit_comment
| Action | Description |
|---|---|
commit_comment.destroy | A commit comment was deleted. |
commit_comment.update | A commit comment was updated. |
copilot
| Action | Description |
|---|---|
copilot.cfb_enterprise_org_enablement_changed | The Copilot for Business enablement policy changed at the enterprise level or for an organization within the enterprise. |
copilot.cfb_enterprise_settings_changed | Settings for Copilot for Business were changed at the enterprise level. |
copilot.cfb_org_settings_changed | Settings for Copilot for Business were changed at the organization level. |
copilot.cfb_seat_added | A seat was added to the Copilot for Business subscription for a user and they have received access to GitHub Copilot. |
copilot.cfb_seat_assignment_created | A seat assignment was newly created for a user. |
copilot.cfb_seat_assignment_refreshed | A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to GitHub Copilot. |
copilot.cfb_seat_assignment_reused | A seat assignment was re-created for a user who already had a seat with no pending cancellation date. |
copilot.cfb_seat_assignment_unassigned | A seat was unassigned from a user and they will lose access to GitHub Copilot at the end of the billing cycle. |
copilot.cfb_seat_cancelled | A seat was canceled from the Copilot for Business subscription and the user no longer has access to GitHub Copilot. |
copilot.cfb_seat_cancelled_by_staff | A seat was canceled from the Copilot for Business subscription manually by GitHub and the user no longer has access to GitHub Copilot. |
copilot.cfb_seat_management_changed | The seat management setting was changed for the Copilot for Business subscription. |
copilot.clickwrap_save_event | The GitHub Copilot Product Terms or Pre-Release Preview Terms were accepted. |
dependabot_alerts
| Action | Description |
|---|---|
dependabot_alerts.disable | Dependabot alerts were disabled for all existing repositories. |
dependabot_alerts.enable | Dependabot alerts were enabled for all existing repositories. |
dependabot_alerts_new_repos
| Action | Description |
|---|---|
dependabot_alerts_new_repos.disable | Dependabot alerts were disabled for all new repositories. |
dependabot_alerts_new_repos.enable | Dependabot alerts were enabled for all new repositories. |
dependabot_repository_access
| Action | Description |
|---|---|
dependabot_repository_access.repositories_updated | The repositories that Dependabot can access were updated. |
dependabot_security_updates
| Action | Description |
|---|---|
dependabot_security_updates.disable | Dependabot security updates were disabled for all existing repositories. |
dependabot_security_updates.enable | Dependabot security updates were enabled for all existing repositories. |
dependabot_security_updates_new_repos
| Action | Description |
|---|---|
dependabot_security_updates_new_repos.disable | Dependabot security updates were disabled for all new repositories. |
dependabot_security_updates_new_repos.enable | Dependabot security updates were enabled for all new repositories. |
dependency_graph
| Action | Description |
|---|---|
dependency_graph.disable | The dependency graph was disabled for all existing repositories. |
dependency_graph.enable | The dependency graph was enabled for all existing repositories. |
dependency_graph_new_repos
| Action | Description |
|---|---|
dependency_graph_new_repos.disable | The dependency graph was disabled for all new repositories. |
dependency_graph_new_repos.enable | The dependency graph was enabled for all new repositories. |
discussion_post
| Action | Description |
|---|---|
discussion_post.destroy | Triggered when a team discussion post is deleted. |
discussion_post.update | Triggered when a team discussion post is edited. |
discussion_post_reply
| Action | Description |
|---|---|
discussion_post_reply.destroy | Triggered when a reply to a team discussion post is deleted. |
discussion_post_reply.update | Triggered when a reply to a team discussion post is edited. |
enterprise
| Action | Description |
|---|---|
enterprise.register_self_hosted_runner | A new GitHub Actions self-hosted runner was registered. |
enterprise.remove_self_hosted_runner | A GitHub Actions self-hosted runner was removed. |
enterprise.runner_group_created | A GitHub Actions self-hosted runner group was created. |
enterprise.runner_group_removed | A GitHub Actions self-hosted runner group was removed. |
enterprise.runner_group_renamed | A GitHub Actions self-hosted runner group was renamed. |
enterprise.runner_group_runners_added | A GitHub Actions self-hosted runner was added to a group. |
enterprise.runner_group_runners_updated | A GitHub Actions runner group's list of members was updated. |
enterprise.runner_group_runner_removed | The REST API was used to remove a GitHub Actions self-hosted runner from a group. |
enterprise.runner_group_updated | The configuration of a GitHub Actions self-hosted runner group was changed. |
enterprise.runner_group_visiblity_updated | The visibility of a GitHub Actions self-hosted runner group was updated via the REST API. |
enterprise.self_hosted_runner_updated | The GitHub Actions runner application was updated. Can be viewed using the REST API and the UI; not visible in the JSON/CSV export. |
enterprise_domain
| Action | Description |
|---|---|
enterprise_domain.approve | An enterprise domain was approved for an enterprise. |
enterprise_domain.create | An enterprise domain was added to an enterprise. |
enterprise_domain.destroy | An enterprise domain was removed from an enterprise. |
enterprise_domain.verify | An enterprise domain was verified for an enterprise. |
enterprise_installation
| Action | Description |
|---|---|
enterprise_installation.create | The GitHub App associated with an GitHub Connect enterprise connection was created. |
enterprise_installation.destroy | The GitHub App associated with an GitHub Connect enterprise connection was deleted. |
environment
| Action | Description |
|---|---|
environment.add_protection_rule | A GitHub Actions deployment protection rule was created via the API. |
environment.create_actions_secret | A secret was created for a GitHub Actions environment. |
environment.delete | An environment was deleted. |
environment.remove_actions_secret | A secret was deleted for a GitHub Actions environment. |
environment.remove_protection_rule | A GitHub Actions deployment protection rule was deleted via the API. |
environment.update_actions_secret | A secret was updated for a GitHub Actions environment. |
environment.update_protection_rule | A GitHub Actions deployment protection rule was updated via the API. |
external_group
| Action | Description |
|---|---|
external_group.add_member | A user was added to an external group. |
external_group.delete | An external group was deleted. |
external_group.link | An external group was linked to a GitHub team. |
external_group.provision | An external group was created. |
external_group.remove_member | A user was removed from an external group. |
external_group.unlink | An external group was unlinked to a GitHub team. |
external_group.update | An external group was updated. |
external_group.update_display_name | An external group's display name was updated. |
git
| Action | Description |
|---|---|
git.clone | A repository was cloned. |
git.fetch | Changes were fetched from a repository. |
git.push | Changes were pushed to a repository. |
hook
| Action | Description |
|---|---|
hook.active_changed | A hook's active status was updated. |
hook.config_changed | A hook's configuration was changed. |
hook.create | A new hook was added. |
hook.destroy | A hook was deleted. |
hook.events_changed | A hook's configured events were changed. |
integration
| Action | Description |
|---|---|
integration.create | An integration was created. |
integration.destroy | An integration was deleted. |
integration.manager_added | A member of an enterprise or organization was added as an integration manager. |
integration.manager_removed | A member of an enterprise or organization was removed from being an integration manager. |
integration.remove_client_secret | A client secret for an integration was removed. |
integration.revoke_all_tokens | All user tokens for an integration were requested to be revoked. |
integration.revoke_tokens | Token(s) for an integration were revoked. |
integration.transfer | Ownership of an integration was transferred to another user or organization. |
integration_installation
| Action | Description |
|---|---|
integration_installation.create | An integration was installed. |
integration_installation.destroy | An integration was uninstalled. |
integration_installation.repositories_added | Repositories were added to an integration. |
integration_installation.repositories_removed | Repositories were removed from an integration. |
integration_installation.suspend | An integration was suspended. |
integration_installation.unsuspend | An integration was unsuspended. |
integration_installation.version_updated | Permissions for an integration were updated. |
integration_installation_request
| Action | Description |
|---|---|
integration_installation_request.close | A request to install an integration was either approved or denied by an owner, or canceled by the member who opened the request. |
integration_installation_request.create | An member requested that an owner install an integration. |
ip_allow_list
| Action | Description |
|---|---|
ip_allow_list.disable | An IP allow list was disabled. |
ip_allow_list.disable_for_installed_apps | An IP allow list was disabled for installed GitHub Apps. |
ip_allow_list.enable | An IP allow list was enabled. |
ip_allow_list.enable_for_installed_apps | An IP allow list was enabled for installed GitHub Apps. |
ip_allow_list_entry
| Action | Description |
|---|---|
ip_allow_list_entry.create | An IP address was added to an IP allow list. |
ip_allow_list_entry.destroy | An IP address was deleted from an IP allow list. |
ip_allow_list_entry.update | An IP address or its description was changed. |
issue
| Action | Description |
|---|---|
issue.destroy | An issue was deleted from the repository. |
issue.pinned | An issue was pinned to a repository. |
issue.transfer | An issue was transferred to another repository. |
issue.unpinned | An issue was unpinned from a repository. |
issues
| Action | Description |
|---|---|
issues.deletes_disabled | The ability for enterprise members to delete issues was disabled Members cannot delete issues in any organizations in an enterprise. |
issues.deletes_enabled | The ability for enterprise members to delete issues was enabled Members can delete issues in any organizations in an enterprise. |
issues.deletes_policy_cleared | An enterprise owner cleared the policy setting for allowing members to delete issues in an enterprise. |
issue_comment
| Action | Description |
|---|---|
issue_comment.destroy | A comment on an issue was deleted from the repository. |
issue_comment.update | A comment on an issue (other than the initial one) changed. |
marketplace_agreement_signature
| Action | Description |
|---|---|
marketplace_agreement_signature.create | The GitHub Marketplace Developer Agreement was signed. |
marketplace_listing
| Action | Description |
|---|---|
marketplace_listing.approve | A listing was approved for inclusion in GitHub Marketplace. |
marketplace_listing.change_category | A category for a listing for an app in GitHub Marketplace was changed. |
marketplace_listing.create | A listing for an app in GitHub Marketplace was created. |
marketplace_listing.delist | A listing was removed from GitHub Marketplace. |
marketplace_listing.redraft | A listing was sent back to draft state. |
marketplace_listing.reject | A listing was not accepted for inclusion in GitHub Marketplace. |
members_can_create_pages
| Action | Description |
|---|---|
members_can_create_pages.disable | The ability for members to publish GitHub Pages sites was disabled. |
members_can_create_pages.enable | The ability for members to publish GitHub Pages sites was enabled. |
members_can_create_public_pages
| Action | Description |
|---|---|
members_can_create_public_pages.disable | The ability for members to publish public GitHub Pages was disabled Members cannot publish public GitHub Pages in an organization. |
members_can_create_public_pages.enable | The ability for members to publish public GitHub Pages was enabled Members can publish public GitHub Pages in an organization. |
members_can_delete_repos
| Action | Description |
|---|---|
members_can_delete_repos.clear | An enterprise owner cleared the policy setting for deleting or transferring repositories in any organizations in an enterprise. |
members_can_delete_repos.disable | The ability for enterprise members to delete repositories was disabled Members cannot delete or transfer repositories in any organizations in an enterprise. |
members_can_delete_repos.enable | The ability for enterprise members to delete repositories was enabled Members can delete or transfer repositories in any organizations in an enterprise. |
members_can_view_dependency_insights
| Action | Description |
|---|---|
members_can_view_dependency_insights.clear | An enterprise owner cleared the policy setting for viewing dependency insights in any organizations in an enterprise. |
members_can_view_dependency_insights.disable | The ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise. |
members_can_view_dependency_insights.enable | The ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise. |
migration
| Action | Description |
|---|---|
migration.create | A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance. |
migration.destroy_file | A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was deleted. |
migration.download | A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was downloaded. |
oauth_application
| Action | Description |
|---|---|
oauth_application.create | An OAuth application was created. |
oauth_application.destroy | An OAuth application was deleted. |
oauth_application.generate_client_secret | An OAuth application's secret key was generated. |
oauth_application.remove_client_secret | An OAuth application's secret key was deleted. |
oauth_application.reset_secret | The secret key for an OAuth application was reset. |
oauth_application.revoke_all_tokens | All user tokens for an OAuth application were requested to be revoked. |
oauth_application.revoke_tokens | Token(s) for an OAuth application were revoked. |
oauth_application.transfer | An OAuth application was transferred from one account to another. |
org
| Action | Description |
|---|---|
org.accept_business_invitation | An invitation sent to an organization to join an enterprise was accepted. |
org.add_billing_manager | A billing manager was added to an organization. |
org.add_member | A user joined an organization. |
org.advanced_security_disabled_for_new_repos | GitHub Advanced Security was disabled for new repositories in an organization. |
org.advanced_security_disabled_on_all_repos | GitHub Advanced Security was disabled for all repositories in an organization. |
org.advanced_security_enabled_for_new_repos | GitHub Advanced Security was enabled for new repositories in an organization. |
org.advanced_security_enabled_on_all_repos | GitHub Advanced Security was enabled for all repositories in an organization. |
org.advanced_security_policy_selected_member_disabled | An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization. |
org.advanced_security_policy_selected_member_enabled | An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization. |
org.audit_log_export | An export of the organization audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query. |
org.block_user | An organization owner blocked a user from accessing the organization's repositories. |
org.cancel_business_invitation | An invitation for an organization to join an enterprise was revoked |
org.cancel_invitation | An invitation sent to a user to join an organization was revoked. |
org.codeql_disabled | Triggered when an organization owner or person with admin access to the organization disables code scanning for repositories that use the default setup for CodeQL. |
org.codeql_enabled | Triggered when an organization owner or person with admin access to the organization enables code scanning for repositories that are eligible to use the default setup for CodeQL. |
org.codespaces_trusted_repo_access_granted | GitHub Codespaces was granted trusted repository access to all other repositories in an organization. |
org.codespaces_trusted_repo_access_revoked | GitHub Codespaces trusted repository access to all other repositories in an organization was revoked. |
org.config.disable_collaborators_only | The interaction limit for collaborators only for an organization was disabled. |
org.config.disable_contributors_only | The interaction limit for prior contributors only for an organization was disabled. |
org.config.disable_sockpuppet_disallowed | The interaction limit for existing users only for an organization was disabled. |
org.config.enable_collaborators_only | The interaction limit for collaborators only for an organization was enabled. |
org.config.enable_contributors_only | The interaction limit for prior contributors only for an organization was enabled. |
org.config.enable_sockpuppet_disallowed | The interaction limit for existing users only for an organization was enabled. |
org.confirm_business_invitation | An invitation for an organization to join an enterprise was confirmed. |
org.create | An organization was created. |
org.create_actions_secret | A GitHub Actions secret was created for an organization. |
org.create_integration_secret | An integration secret was created for an organization. |
org.disable_member_team_creation_permission | Team creation was limited to owners. |
org.disable_oauth_app_restrictions | Third-party application access restrictions for an organization were disabled. |
org.disable_reader_discussion_creation_permission | An organization owner limited discussion creation to users with at least triage permission in an organization. |
org.disable_saml | SAML single sign-on was disabled for an organization. |
org.disable_two_factor_requirement | A two-factor authentication requirement was disabled for the organization. |
org.display_commenter_full_name_disabled | An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name. |
org.display_commenter_full_name_enabled | An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name. |
org.enable_member_team_creation_permission | Team creation by members was allowed. |
org.enable_oauth_app_restrictions | Third-party application access restrictions for an organization were enabled. |
org.enable_reader_discussion_creation_permission | An organization owner allowed users with read access to create discussions in an organization |
org.enable_saml | SAML single sign-on was enabled for the organization. |
org.enable_two_factor_requirement | Two-factor authentication is now required for the organization. |
org.integration_manager_added | An organization owner granted a member access to manage all GitHub Apps owned by an organization. |
org.integration_manager_removed | An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member. |
org.invite_member | A new user was invited to join an organization. |
org.invite_to_business | An organization was invited to join an enterprise. |
org.members_can_update_protected_branches.disable | The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches. |
org.members_can_update_protected_branches.enable | The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches. |
org.oauth_app_access_approved | Access to an organization was granted for an OAuth App. |
org.oauth_app_access_denied | Access was disabled for an OAuth App that was previously approved. |
org.oauth_app_access_requested | An organization member requested that an owner grant an OAuth App access to an organization. |
org.register_self_hosted_runner | A new self-hosted runner was registered. |
org.remove_actions_secret | A GitHub Actions secret was removed. |
org.remove_billing_manager | A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement. |
org.remove_integration_secret | An integration secret was removed from an organization. |
org.remove_member | A member was removed from an organization, either manually or due to a two-factor authentication requirement. |
org.remove_outside_collaborator | An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement. |
org.remove_self_hosted_runner | A self-hosted runner was removed. |
org.rename | An organization was renamed. |
org.required_workflow_create | Triggered when a required workflow is created. |
org.required_workflow_delete | Triggered when a required workflow is deleted. |
org.required_workflow_update | Triggered when a required workflow is updated. |
org.restore_member | An organization member was restored. |
org.runner_group_created | A self-hosted runner group was created. |
org.runner_group_removed | A self-hosted runner group was removed. |
org.runner_group_renamed | A self-hosted runner group was renamed. |
org.runner_group_runners_added | A self-hosted runner was added to a group. |
org.runner_group_runners_updated | A runner group's list of members was updated. |
org.runner_group_runner_removed | The REST API was used to remove a self-hosted runner from a group. |
org.runner_group_updated | The configuration of a self-hosted runner group was changed. |
org.runner_group_visiblity_updated | The visibility of a self-hosted runner group was updated via the REST API. |
org.secret_scanning_custom_pattern_push_protection_disabled | Push protection for a custom pattern for secret scanning was disabled for an organization. |
org.secret_scanning_custom_pattern_push_protection_enabled | Push protection for a custom pattern for secret scanning was enabled for an organization. |
org.secret_scanning_push_protection_custom_message_disabled | The custom message triggered by an attempted push to a push-protected repository was disabled for an organization. |
org.secret_scanning_push_protection_custom_message_enabled | The custom message triggered by an attempted push to a push-protected repository was enabled for an organization. |
org.secret_scanning_push_protection_custom_message_updated | The custom message triggered by an attempted push to a push-protected repository was updated for an organization. |
org.secret_scanning_push_protection_disable | Push protection for secret scanning was disabled. |
org.secret_scanning_push_protection_enable | Push protection for secret scanning was enabled. |
org.self_hosted_runner_updated | The runner application was updated. Can be viewed using the REST API and the UI; not visible in the JSON/CSV export. |
org.set_actions_fork_pr_approvals_policy | The setting for requiring approvals for workflows from public forks was changed for an organization. |
org.set_actions_retention_limit | The retention period for GitHub Actions artifacts and logs in an organization was changed. |
org.set_fork_pr_workflows_policy | The policy for workflows on private repository forks was changed. |
org.transfer | An organization was transferred between enterprise accounts. |
org.unblock_user | A user was unblocked from an organization. |
org.update_actions_secret | A GitHub Actions secret was updated. |
org.update_default_repository_permission | The default repository permission level for organization members was changed. |
org.update_integration_secret | An integration secret was updated for an organization. |
org.update_member | A person's role was changed from owner to member or member to owner. |
org.update_member_repository_creation_permission | The create repository permission for organization members was changed. |
org.update_member_repository_invitation_permission | An organization owner changed the policy setting for organization members inviting outside collaborators to repositories. |
org.update_new_repository_default_branch_setting | The name of the default branch was changed for new repositories in the organization. |
org.update_saml_provider_settings | An organization's SAML provider settings were updated. |
org.update_terms_of_service | An organization changed between the Standard Terms of Service and the GitHub Customer Agreement. |
organization_default_label
| Action | Description |
|---|---|
organization_default_label.create | A default label was created for repositories in an organization. |
organization_default_label.destroy | A default label was deleted for repositories in an organization. |
organization_default_label.update | A default label was edited for repositories in an organization. |
organization_domain
| Action | Description |
|---|---|
organization_domain.approve | An enterprise domain was approved for an organization. |
organization_domain.create | An enterprise domain was added to an organization. |
organization_domain.destroy | An enterprise domain was removed from an organization. |
organization_domain.verify | An enterprise domain was verified for an organization. |
organization_projects_change
| Action | Description |
|---|---|
organization_projects_change.clear | An enterprise owner cleared the policy setting for organization-wide project boards in an enterprise. |
organization_projects_change.disable | Organization projects were disabled for all organizations in an enterprise. |
organization_projects_change.enable | Organization projects were enabled for all organizations in an enterprise. |
org_credential_authorization
| Action | Description |
|---|---|
org_credential_authorization.grant | A member authorized credentials for use with SAML single sign-on. |
org_credential_authorization.revoke | An owner revoked authorized credentials. |
org_secret_scanning_automatic_validity_checks
| Action | Description |
|---|---|
org_secret_scanning_automatic_validity_checks.disabled | Automatic partner validation checks have been disabled at the organization level |
org_secret_scanning_automatic_validity_checks.enabled | Automatic partner validation checks have been enabled at the organization level |
org_secret_scanning_custom_pattern
| Action | Description |
|---|---|
org_secret_scanning_custom_pattern.create | A custom pattern was created for secret scanning in an organization. |
org_secret_scanning_custom_pattern.delete | A custom pattern was removed from secret scanning in an organization. |
org_secret_scanning_custom_pattern.publish | A custom pattern was published for secret scanning in an organization. |
org_secret_scanning_custom_pattern.update | Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization. |
packages
| Action | Description |
|---|---|
packages.package_deleted | An entire package was deleted. |
packages.package_published | A package was published or republished to an organization. |
packages.package_version_deleted | A specific package version was deleted. |
packages.package_version_published | A specific package version was published or republished to a package. |
pages_protected_domain
| Action | Description |
|---|---|
pages_protected_domain.create | A GitHub Pages verified domain was created for an organization or enterprise. |
pages_protected_domain.delete | A GitHub Pages verified domain was deleted from an organization or enterprise. |
pages_protected_domain.verify | A GitHub Pages domain was verified for an organization or enterprise. |
payment_method
| Action | Description |
|---|---|
payment_method.create | A new payment method was added, such as a new credit card or PayPal account. |
payment_method.remove | A payment method was removed. |
payment_method.update | An existing payment method was updated. |
personal_access_token
| Action | Description |
|---|---|
personal_access_token.access_granted | A fine-grained personal access token was granted access to resources. |
personal_access_token.access_revoked | A fine-grained personal access token was revoked. The token can still read public organization resources. |
personal_access_token.request_cancelled | A pending request for a fine-grained personal access token to access organization resources was canceled. |
personal_access_token.request_created | Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources. |
personal_access_token.request_denied | A request for a fine-grained personal access token to access organization resources was denied. |
prebuild_configuration
| Action | Description |
|---|---|
prebuild_configuration.create | A GitHub Codespaces prebuild configuration for a repository was created. |
prebuild_configuration.destroy | A GitHub Codespaces prebuild configuration for a repository was deleted. |
prebuild_configuration.run_triggered | A user initiated a run of a GitHub Codespaces prebuild configuration for a repository branch. |
prebuild_configuration.update | A GitHub Codespaces prebuild configuration for a repository was edited. |
private_repository_forking
| Action | Description |
|---|---|
private_repository_forking.clear | An enterprise owner cleared the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. |
private_repository_forking.disable | An enterprise owner disabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are never allowed to be forked. |
private_repository_forking.enable | An enterprise owner enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked. |
profile_picture
| Action | Description |
|---|---|
profile_picture.update | A profile picture was updated. |
project
| Action | Description |
|---|---|
project.access | A project board visibility was changed. |
project.close | A project board was closed. |
project.create | A project board was created. |
project.delete | A project board was deleted. |
project.link | A repository was linked to a project board. |
project.open | A project board was reopened. |
project.rename | A project board was renamed. |
project.unlink | A repository was unlinked from a project board. |
project.update_org_permission | The project's base-level permission for all organization members was changed or removed. |
project.update_team_permission | A team's project board permission level was changed or when a team was added or removed from a project board. |
project.update_user_permission | A user was added to or removed from a project board or had their permission level changed. |
project_field
| Action | Description |
|---|---|
project_field.create | A field was created in a project board. |
project_field.delete | A field was deleted in a project board. |
project_view
| Action | Description |
|---|---|
project_view.create | A view was created in a project board. |
project_view.delete | A view was deleted in a project board. |
protected_branch
| Action | Description |
|---|---|
protected_branch.branch_allowances | A protected branch allowance was given to a specific user, team or integration. |
protected_branch.create | Branch protection was enabled on a branch. |
protected_branch.destroy | Branch protection was disabled on a branch. |
protected_branch.dismissal_restricted_users_teams | Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch. |
protected_branch.dismiss_stale_reviews | Enforcement of dismissing stale pull requests was updated on a branch. |
protected_branch.policy_override | A branch protection requirement was overridden by a repository administrator. |
protected_branch.rejected_ref_update | A branch update attempt was rejected. |
protected_branch.update_admin_enforced | Branch protection was enforced for repository administrators. |
protected_branch.update_allow_force_pushes_enforcement_level | Force pushes were enabled or disabled for a branch. |
protected_branch.update_name | A branch name pattern was updated for a branch. |
protected_branch.update_pull_request_reviews_enforcement_level | Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone). |
protected_branch.update_required_approving_review_count | Enforcement of the required number of approvals before merging was updated on a branch. |
protected_branch.update_required_status_checks_enforcement_level | Enforcement of required status checks was updated for a branch. |
protected_branch.update_require_code_owner_review | Enforcement of required code owner review was updated for a branch. |
protected_branch.update_signature_requirement_enforcement_level | Enforcement of required commit signing was updated for a branch. |
protected_branch.update_strict_required_status_checks_policy | Enforcement of required status checks was updated for a branch. |
public_key
| Action | Description |
|---|---|
public_key.create | An SSH key was added to a user account or a deploy key was added to a repository. |
public_key.delete | An SSH key was removed from a user account or a deploy key was removed from a repository. |
public_key.unverification_failure | A user account's SSH key or a repository's deploy key was unable to be unverified. |
public_key.unverify | A user account's SSH key or a repository's deploy key was unverified. |
public_key.update | A user account's SSH key or a repository's deploy key was updated. |
public_key.verification_failure | A user account's SSH key or a repository's deploy key was unable to be verified. |
public_key.verify | A user account's SSH key or a repository's deploy key was verified. |
pull_request
| Action | Description |
|---|---|
pull_request.close | A pull request was closed without being merged. |
pull_request.converted_to_draft | A pull request was converted to a draft. |
pull_request.create | A pull request was created. |
pull_request.create_review_request | A review was requested on a pull request. |
pull_request.indirect_merge | A pull request was considered merged because the pull request's commits were merged into the target branch. |
pull_request.in_progress | A pull request was marked as in progress. |
pull_request.merge | A pull request was merged. |
pull_request.ready_for_review | A pull request was marked as ready for review. |
pull_request.remove_review_request | A review request was removed from a pull request. |
pull_request.reopen | A pull request was reopened after previously being closed. |
pull_request_review
| Action | Description |
|---|---|
pull_request_review.delete | A review on a pull request was deleted. |
pull_request_review.dismiss | A review on a pull request was dismissed. |
pull_request_review.submit | A review on a pull request was submitted. |
pull_request_review_comment
| Action | Description |
|---|---|
pull_request_review_comment.create | A review comment was added to a pull request. |
pull_request_review_comment.delete | A review comment on a pull request was deleted. |
pull_request_review_comment.update | A review comment on a pull request was changed. |
repo
| Action | Description |
|---|---|
repo.access | The visibility of a repository changed. |
repo.actions_enabled | GitHub Actions was enabled for a repository. Can be viewed using the UI, This event is not included when you access the audit log using the REST API. |
repo.add_member | A collaborator was added to a repository. |
repo.add_topic | A topic was added to a repository. |
repo.advanced_security_disabled | GitHub Advanced Security was disabled for a repository. |
repo.advanced_security_enabled | GitHub Advanced Security was enabled for a repository. |
repo.archived | A repository was archived. |
repo.change_merge_setting | Pull request merge options were changed for a repository. |
repo.code_scanning_analysis_deleted | Code scanning analysis for a repository was deleted. |
repo.code_scanning_configuration_for_branch_deleted | A code scanning configuration for a branch of a repository was deleted. |
repo.config.disable_collaborators_only | The interaction limit for collaborators only was disabled. |
repo.config.disable_contributors_only | The interaction limit for prior contributors only was disabled in a repository. |
repo.config.disable_sockpuppet_disallowed | The interaction limit for existing users only was disabled in a repository. |
repo.config.enable_collaborators_only | The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration. |
repo.config.enable_contributors_only | The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration. |
repo.config.enable_sockpuppet_disallowed | The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository. |
repo.create | A repository was created. |
repo.create_actions_secret | A GitHub Actions secret was created for a repository. |
repo.create_integration_secret | An integration secret was created for a repository. |
repo.destroy | A repository was deleted. |
repo.download_zip | A source code archive of a repository was downloaded as a ZIP file. |
repo.pages_cname | A GitHub Pages custom domain was modified in a repository. |
repo.pages_create | A GitHub Pages site was created. |
repo.pages_destroy | A GitHub Pages site was deleted. |
repo.pages_https_redirect_disabled | HTTPS redirects were disabled for a GitHub Pages site. |
repo.pages_https_redirect_enabled | HTTPS redirects were enabled for a GitHub Pages site. |
repo.pages_private | A GitHub Pages site visibility was changed to private. |
repo.pages_public | A GitHub Pages site visibility was changed to public. |
repo.pages_source | A GitHub Pages source was modified. |
repo.register_self_hosted_runner | A new self-hosted runner was registered. |
repo.remove_actions_secret | A GitHub Actions secret was deleted for a repository. |
repo.remove_integration_secret | An integration secret was deleted for a repository. |
repo.remove_member | A collaborator was removed from a repository. |
repo.remove_self_hosted_runner | A self-hosted runner was removed. |
repo.remove_topic | A topic was removed from a repository. |
repo.rename | A repository was renamed. |
repo.self_hosted_runner_updated | The runner application was updated. Can be viewed using the REST API and the UI; not visible in the JSON/CSV export. |
repo.set_actions_fork_pr_approvals_policy | The setting for requiring approvals for workflows from public forks was changed for a repository. |
repo.set_actions_retention_limit | The retention period for GitHub Actions artifacts and logs in a repository was changed. |
repo.set_fork_pr_workflows_policy | Triggered when the policy for workflows on private repository forks is changed. |
repo.staff_unlock | An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository. |
repo.temporary_access_granted | Temporary access was enabled for a repository. |
repo.transfer | A user accepted a request to receive a transferred repository. |
repo.transfer_outgoing | A repository was transferred to another repository network. |
repo.transfer_start | A user sent a request to transfer a repository to another user or organization. |
repo.unarchived | A repository was unarchived. |
repo.update_actions_access_settings | The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed. |
repo.update_actions_secret | A GitHub Actions secret was updated. |
repo.update_actions_settings | A repository administrator changed GitHub Actions policy settings for a repository. |
repo.update_default_branch | The default branch for a repository was changed. |
repo.update_integration_secret | An integration secret was updated for a repository. |
repo.update_member | A user's permission to a repository was changed. |
repository_advisory
| Action | Description |
|---|---|
repository_advisory.close | Someone closed a security advisory. |
repository_advisory.cve_request | Someone requested a CVE (Common Vulnerabilities and Exposures) number from GitHub for a draft security advisory. |
repository_advisory.github_broadcast | GitHub made a security advisory public in the GitHub Advisory Database. |
repository_advisory.github_withdraw | GitHub withdrew a security advisory that was published in error. |
repository_advisory.open | Someone opened a draft security advisory. |
repository_advisory.publish | Someone published a security advisory. |
repository_advisory.reopen | Someone reopened as draft security advisory. |
repository_advisory.update | Someone edited a draft or published security advisory. |
repository_content_analysis
| Action | Description |
|---|---|
repository_content_analysis.disable | Data use settings were disabled for a private repository. |
repository_content_analysis.enable | Data use settings were enabled for a private repository. |
repository_dependency_graph
| Action | Description |
|---|---|
repository_dependency_graph.disable | The dependency graph was disabled for a private repository. |
repository_dependency_graph.enable | The dependency graph was enabled for a private repository. |
repository_image
| Action | Description |
|---|---|
repository_image.create | An image to represent a repository was uploaded. |
repository_image.destroy | An image to represent a repository was deleted. |
repository_invitation
| Action | Description |
|---|---|
repository_invitation.accept | An invitation to join a repository was accepted. |
repository_invitation.cancel | An invitation to join a repository was canceled. |
repository_invitation.create | An invitation to join a repository was sent. |
repository_invitation.reject | An invitation to join a repository was declined. |
repository_projects_change
| Action | Description |
|---|---|
repository_projects_change.clear | The repository projects policy was removed for an organization, or all organizations in the enterprise Organization owners can now control their repository projects settings. |
repository_projects_change.disable | Repository projects were disabled for a repository, all repositories in an organization, or all organizations in an enterprise. |
repository_projects_change.enable | Repository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise. |
repository_secret_scanning
| Action | Description |
|---|---|
repository_secret_scanning.disable | Secret scanning was disabled for a repository. |
repository_secret_scanning.enable | Secret scanning was enabled for a repository. |
repository_secret_scanning_automatic_validity_checks
| Action | Description |
|---|---|
repository_secret_scanning_automatic_validity_checks.disabled | Automatic partner validation checks have been disabled at the repository level |
repository_secret_scanning_automatic_validity_checks.enabled | Automatic partner validation checks have been enabled at the repository level |
repository_secret_scanning_custom_pattern
| Action | Description |
|---|---|
repository_secret_scanning_custom_pattern.create | A custom pattern was created for secret scanning in a repository. |
repository_secret_scanning_custom_pattern.delete | A custom pattern was removed from secret scanning in a repository. |
repository_secret_scanning_custom_pattern.publish | A custom pattern was published for secret scanning in a repository. |
repository_secret_scanning_custom_pattern.update | Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository. |
repository_secret_scanning_custom_pattern_push_protection
| Action | Description |
|---|---|
repository_secret_scanning_custom_pattern_push_protection.disabled | Push protection for a custom pattern for secret scanning was disabled for your repository. |
repository_secret_scanning_custom_pattern_push_protection.enabled | Push protection for a custom pattern for secret scanning was enabled for your repository. |
repository_secret_scanning_generic_secrets
| Action | Description |
|---|---|
repository_secret_scanning_generic_secrets.disabled | Generic secrets have been disabled at the repository level |
repository_secret_scanning_generic_secrets.enabled | Generic secrets have been enabled at the repository level |
repository_secret_scanning_push_protection
| Action | Description |
|---|---|
repository_secret_scanning_push_protection.disable | Secret scanning push protection was disabled for a repository. |
repository_secret_scanning_push_protection.enable | Secret scanning push protection was enabled for a repository. |
repository_visibility_change
| Action | Description |
|---|---|
repository_visibility_change.clear | The repository visibility change setting was cleared for an organization or enterprise. |
repository_visibility_change.disable | The ability for enterprise members to update a repository's visibility was disabled. Members are unable to change repository visibilities in an organization, or all organizations in an enterprise. |
repository_visibility_change.enable | The ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise. |
repository_vulnerability_alert
| Action | Description |
|---|---|
repository_vulnerability_alert.auto_dismiss | Triggered when a Dependabot alert is automatically dismissed due to its metadata matching an enabled Dependabot alert rule. |
repository_vulnerability_alert.auto_reopen | Triggered when a previously auto-dismissed Dependabot alert is reopened because its metadata no longer matches an enabled Dependabot alert rule. |
repository_vulnerability_alert.create | GitHub created a Dependabot alert for a repository that uses an insecure dependency. |
repository_vulnerability_alert.dismiss | A Dependabot alert about a vulnerable dependency was dismissed. |
repository_vulnerability_alert.resolve | Changes were pushed to update and resolve a Dependabot alert in a project dependency. |
repository_vulnerability_alerts
| Action | Description |
|---|---|
repository_vulnerability_alerts.authorized_users_teams | The list of people or teams authorized to receive Dependabot alerts for the repository was updated. |
repository_vulnerability_alerts.disable | Dependabot alerts was disabled. |
repository_vulnerability_alerts.enable | Dependabot alerts was enabled. |
required_status_check
| Action | Description |
|---|---|
required_status_check.create | A status check was marked as required for a protected branch. |
required_status_check.destroy | A status check was no longer marked as required for a protected branch. |
restrict_notification_delivery
| Action | Description |
|---|---|
restrict_notification_delivery.disable | Email notification restrictions for an organization or enterprise were disabled. |
restrict_notification_delivery.enable | Email notification restrictions for an organization or enterprise were enabled. |
role
| Action | Description |
|---|---|
role.create | A new custom repository role was created. |
role.destroy | A custom repository role was deleted. |
role.update | A custom repository role was edited. |
secret_scanning
| Action | Description |
|---|---|
secret_scanning.disable | Secret scanning was disabled for all existing repositories. |
secret_scanning.enable | Secret scanning was enabled for all existing repositories. |
secret_scanning_alert
| Action | Description |
|---|---|
secret_scanning_alert.create | GitHub detected a secret and created a secret scanning alert. |
secret_scanning_alert.reopen | A seret scanning alert was reopened. |
secret_scanning_alert.resolve | A seret scanning alert was resolved. |
secret_scanning_new_repos
| Action | Description |
|---|---|
secret_scanning_new_repos.disable | Secret scanning was disabled for all new repositories. |
secret_scanning_new_repos.enable | Secret scanning was enabled for all new repositories. |
secret_scanning_push_protection
| Action | Description |
|---|---|
secret_scanning_push_protection.bypass | Triggered when a user bypasses the push protection on a secret detected by secret scanning. |
sponsors
| Action | Description |
|---|---|
sponsors.agreement_sign | A GitHub Sponsors agreement was signed on behalf of an organization. |
sponsors.custom_amount_settings_change | Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed. |
sponsors.fiscal_host_change | The fiscal host for a GitHub Sponsors listing was updated. |
sponsors.repo_funding_links_file_action | The FUNDING file in a repository was changed. |
sponsors.sponsored_developer_approve | A GitHub Sponsors account was approved. |
sponsors.sponsored_developer_create | A GitHub Sponsors account was created. |
sponsors.sponsored_developer_disable | A GitHub Sponsors account was disabled. |
sponsors.sponsored_developer_profile_update | The profile for GitHub Sponsors account was edited. |
sponsors.sponsored_developer_redraft | A GitHub Sponsors account was returned to draft state from approved state. |
sponsors.sponsored_developer_request_approval | An application for GitHub Sponsors was submitted for approval. |
sponsors.sponsored_developer_tier_description_update | The description for a sponsorship tier was changed. |
sponsors.sponsor_sponsorship_cancel | A sponsorship was canceled. |
sponsors.sponsor_sponsorship_create | A sponsorship was created, by sponsoring an account. |
sponsors.sponsor_sponsorship_payment_complete | After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete. |
sponsors.sponsor_sponsorship_preference_change | The option to receive email updates from a sponsored account was changed. |
sponsors.sponsor_sponsorship_tier_change | A sponsorship was upgraded or downgraded. |
sponsors.update_tier_repository | A GitHub Sponsors tier changed access for a repository. |
sponsors.update_tier_welcome_message | The welcome message for a GitHub Sponsors tier for an organization was updated. |
sponsors.withdraw_agreement_signature | A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization. |
ssh_certificate_authority
| Action | Description |
|---|---|
ssh_certificate_authority.create | An SSH certificate authority for an organization or enterprise was created. |
ssh_certificate_authority.destroy | An SSH certificate authority for an organization or enterprise was deleted. |
ssh_certificate_requirement
| Action | Description |
|---|---|
ssh_certificate_requirement.disable | The requirement for members to use SSH certificates to access an organization resources was disabled. |
ssh_certificate_requirement.enable | The requirement for members to use SSH certificates to access an organization resources was enabled. |
sso_redirect
| Action | Description |
|---|---|
sso_redirect.disable | Automatic redirects for users to single sign-on (SSO) was disabled. |
sso_redirect.enable | Automatic redirects for users to single sign-on (SSO) was enabled. |
staff
| Action | Description |
|---|---|
staff.set_domain_token_expiration | The verification code expiry time for an organization or enterprise domain was set. |
staff.unverify_domain | An organization or enterprise domain was unverified. |
staff.verify_domain | An organization or enterprise domain was verified. |
team
| Action | Description |
|---|---|
team.add_member | A member of an organization was added to a team. |
team.add_repository | A team was given access and permissions to a repository. |
team.change_parent_team | A child team was created or a child team's parent was changed. |
team.change_privacy | A team's privacy level was changed. |
team.create | A new team is created. |
team.demote_maintainer | A user was demoted from a team maintainer to a team member. |
team.destroy | A team was deleted. |
team.promote_maintainer | A user was promoted from a team member to a team maintainer. |
team.remove_member | An organization member was removed from a team. |
team.remove_repository | A repository was removed from a team's control. |
team.rename | A team's name was changed. |
team.update_repository_permission | A team's permission to a repository was changed. |
team_discussions
| Action | Description |
|---|---|
team_discussions.clear | An organization owner cleared the setting to allow team discussions for an organization or enterprise. |
team_discussions.disable | Team discussions were disabled for an organization. |
team_discussions.enable | Team discussions were enabled for an organization. |
team_sync_tenant
| Action | Description |
|---|---|
team_sync_tenant.disabled | Team synchronization with a tenant was disabled. |
team_sync_tenant.enabled | Team synchronization with a tenant was enabled. |
team_sync_tenant.update_okta_credentials | The Okta credentials for team synchronization with a tenant were changed. |
user_license
| Action | Description |
|---|---|
user_license.create | A seat license for a user in an enterprise was created. |
user_license.destroy | A seat license for a user in an enterprise was deleted. |
user_license.update | A seat license type for a user in an enterprise was changed. |
workflows
| Action | Description |
|---|---|
workflows.approve_workflow_job | A workflow job was approved. |
workflows.cancel_workflow_run | A workflow run was cancelled. |
workflows.delete_workflow_run | A workflow run was deleted. |
workflows.disable_workflow | A workflow was disabled. |
workflows.enable_workflow | A workflow was enabled, after previously being disabled by disable_workflow. |
workflows.reject_workflow_job | A workflow job was rejected. |
workflows.rerun_workflow_run | A workflow run was re-run. |