Note
Cet article répertorie les événements qui peuvent apparaître dans le journal d’audit d’une entreprise. Pour les événements qui peuvent apparaître dans le journal de sécurité d’un compte d’utilisateur ou dans le journal d’audit d’une organisation, consultez « Événements du journal de sécurité » et « Événements du journal d’audit pour votre organisation ».
Quels sont les types d’évènements inclus ?
- Sans Enterprise Managed Users, le journal d'audit n'inclut que les événements liés au compte d'entreprise et aux organisations qui en font partie.
- Avec Enterprise Managed Users, le journal d'audit inclut également les événements des utilisateurs, qui ne sont pas répertoriés ici. Pour cette liste, consultez « Événements du journal de sécurité ».
account
Action | Description |
---|---|
account.plan_change | The account's plan changed. |
actions_cache
Action | Description |
---|---|
actions_cache.delete | A GitHub Actions cache was deleted using the REST API. |
advisory_credit
Action | Description |
---|---|
advisory_credit.accept | Credit was accepted for a security advisory. |
advisory_credit.create | Someone was added to the credit section of a security advisory. |
advisory_credit.decline | Credit was declined for a security advisory. |
advisory_credit.destroy | Someone was removed from the credit section of a security advisory. |
api
Action | Description |
---|---|
api.request | An API request was made to an endpoint for the enterprise, or an enterprise owned resource. This event is only included if API Request Events is enabled in the enterprise's audit log settings. This event is only available via audit log streaming. |
artifact
Action | Description |
---|---|
artifact.destroy | A workflow run artifact was manually deleted. |
audit_log_streaming
Action | Description |
---|---|
audit_log_streaming.check | A manual check of the endpoint configured for audit log streaming was performed. |
audit_log_streaming.create | An endpoint was added for audit log streaming. |
audit_log_streaming.destroy | An audit log streaming endpoint was deleted. |
audit_log_streaming.update | An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled. |
auto_approve_personal_access_token_requests
Action | Description |
---|---|
auto_approve_personal_access_token_requests.disable | Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources. See also: personal_access_token.auto_approve_grant_requests_disabled |
auto_approve_personal_access_token_requests.enable | Triggered when fine-grained personal access tokens can access organization resources without prior approval. See also: personal_access_token.auto_approve_grant_requests_enabled |
billing
Action | Description |
---|---|
billing.change_billing_type | The way the account pays for GitHub was changed. |
billing.change_email | The billing email address changed. |
business
Action | Description |
---|---|
business.add_admin | An enterprise owner was added to an enterprise. |
business.add_billing_manager | A billing manager was added to an enterprise. |
business.add_organization | An organization was added to an enterprise. |
business.add_support_entitlee | A support entitlement was added to a member of an enterprise. |
business.advanced_security_policy_update | An enterprise owner created, updated, or removed a policy for GitHub Advanced Security. |
business.audit_log_export | An export of the enterprise audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query. |
business.audit_log_git_event_export | An export of the enterprise's Git events was created. |
business.cancel_admin_invitation | An invitation for someone to be an owner of an enterprise was canceled. |
business.cancel_billing_manager_invitation | An invitation for someone to be an billing manager of an enterprise was canceled. |
business.cancel_trial | The trial of GitHub Enterprise Cloud was canceled. |
business.change_seats_plan_type | The seats plan type was changed for an enterprise. |
business.clear_actions_settings | An enterprise owner or site administrator cleared GitHub Actions policy settings for an enterprise. |
business.clear_default_repository_permission | An enterprise owner cleared the base repository permission policy setting for an enterprise. |
business.clear_members_can_create_repos | An enterprise owner cleared a restriction on repository creation in organizations in the enterprise. |
business.code_scanning_autofix_policy_update | The policy for Code scanning autofix was updated for an enterprise. |
business.code_scanning_autofix_third_party_tools_policy_update | The policy for Code scanning autofix third party tools was updated for an enterprise. |
business.connect_usage_metrics_export | Server statistics were exported for the enterprise. |
business.convert_trial | The enterprise account on a trial of GitHub Enterprise Cloud was upgraded to a paid enterprise account. |
business.create | An enterprise was created. |
business.create_trial | A trial of GitHub Enterprise Cloud began. |
business.delete | The enterprise was deleted. |
business.disable_oidc | OIDC single sign-on was disabled for an enterprise. |
business.disable_open_scim | SCIM provisioning for custom integrations that use the REST API was disabled for the enterprise. |
business.disable_saml | SAML single sign-on was disabled for an enterprise. |
business.disable_source_ip_disclosure | Display of IP addresses within audit log events for the enterprise was disabled. |
business.disable_two_factor_requirement | The requirement for members to have two-factor authentication enabled to access an enterprise was disabled. |
business.enable_oidc | OIDC single sign-on was enabled for an enterprise. |
business.enable_open_scim | SCIM provisioning for custom integrations that use the REST API was enabled for the enterprise. |
business.enable_saml | SAML single sign-on was enabled for an enterprise. |
business.enable_source_ip_disclosure | Display of IP addresses within audit log events for the enterprise was enabled. |
business.enable_two_factor_requirement | The requirement for members to have two-factor authentication enabled to access an enterprise was enabled. |
business.enterprise_server_license_download | A GitHub Enterprise Server license was downloaded. |
business.expire_trial | The trial of GitHub Enterprise Cloud expired. |
business.import_license_usage | License usage information was imported from a GitHub Enterprise Server instance to an enterprise account on GitHub.com. |
business.invite_admin | An invitation for someone to be an enterprise owner of an enterprise was sent. |
business.invite_billing_manager | An invitation for someone to be an billing manager of an enterprise was sent. |
business.members_can_update_protected_branches.clear | An enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization owners can choose whether to allow updating protected branches settings. |
business.members_can_update_protected_branches.disable | The ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches. |
business.members_can_update_protected_branches.enable | The ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches. |
business.proxy_security_header_enabled | The proxy security header was enabled for an enterprise. When the header is provided in requests, only Enterprise Managed Users matching the header will be able to access GitHub. |
business.proxy_security_header_unsatisfied | A user outside the enterprise tried to access GitHub while the proxy security header was enabled and provided in the request. |
business.recovery_code_failed | An enterprise owner failed to sign into a enterprise with an external identity provider (IdP) using a recovery code. |
business.recovery_code_used | An enterprise owner successfully signed into an enterprise with an external identity provider (IdP) using a recovery code. |
business.recovery_codes_downloaded | An enterprise owner downloaded the enterprise's SSO recovery codes. |
business.recovery_codes_generated | An enterprise owner generated the enterprise's SSO recovery codes. |
business.recovery_codes_printed | An enterprise owner printed the enterprise's SSO recovery codes. |
business.recovery_codes_viewed | An enterprise owner viewed the enterprise's SSO recovery codes. |
business.remove_admin | An enterprise owner was removed from an enterprise. |
business.remove_billing_manager | A billing manager was removed from an enterprise. |
business.remove_member | A member was removed from an enterprise. |
business.remove_organization | An organization was removed from an enterprise. |
business.remove_support_entitlee | A support entitlement was removed from a member of an enterprise. |
business.rename_slug | The slug for the enterprise URL was renamed. |
business.restore | The deleted enterprise was restored. |
business.revoke_external_identity | The external identity for a member in an enterprise was revoked. |
business.revoke_sso_session | The SAML single sign-on session for a member in an enterprise was revoked. |
business.security_center_export_code_scanning_metrics | A CSV export was requested on the "CodeQL pull request alerts" page. |
business.security_center_export_coverage | A CSV export was requested on the "Coverage" page. |
business.security_center_export_overview_dashboard | A CSV export was requested on the "Overview Dashboard" page. |
business.security_center_export_risk | A CSV export was requested on the "Risk" page. |
business.set_actions_fork_pr_approvals_policy | The policy for requiring approvals for workflows from public forks was changed for an enterprise. |
business.set_actions_private_fork_pr_approvals_policy | The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise. |
business.set_actions_retention_limit | The retention period for GitHub Actions artifacts and logs was changed for an enterprise. |
business.set_default_workflow_permissions | The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise. |
business.set_fork_pr_workflows_policy | The policy for fork pull request workflows was changed for an enterprise. |
business.set_workflow_permission_can_approve_pr | The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise. |
business.sso_response | A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your enterprise. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
business.update_actions_settings | An enterprise owner or site administrator updated GitHub Actions policy settings for an enterprise. |
business.update_default_repository_permission | The base repository permission setting was updated for all organizations in an enterprise. |
business.update_member_repository_creation_permission | The repository creation setting was updated for an enterprise. |
business.update_member_repository_invitation_permission | The policy setting for enterprise members inviting outside collaborators to repositories was updated. |
business.update_saml_provider_settings | The SAML single sign-on provider settings for an enterprise were updated. |
business.upgrade_from_organization | The organization was upgraded to an enterprise account. |
business_advanced_security
Action | Description |
---|---|
business_advanced_security.disabled | GitHub Advanced Security was disabled for your enterprise. |
business_advanced_security.disabled_for_new_repos | GitHub Advanced Security was disabled for new repositories in your enterprise. |
business_advanced_security.disabled_for_new_user_namespace_repos | GitHub Advanced Security was disabled for new user namespace repositories in your enterprise. |
business_advanced_security.enabled | GitHub Advanced Security was enabled for your enterprise. |
business_advanced_security.enabled_for_new_repos | GitHub Advanced Security was enabled for new repositories in your enterprise. |
business_advanced_security.enabled_for_new_user_namespace_repos | GitHub Advanced Security was enabled for new user namespace repositories in your enterprise. |
business_advanced_security.user_namespace_repos_disabled | GitHub Advanced Security was disabled for user namespace repositories in your enterprise. |
business_advanced_security.user_namespace_repos_enabled | GitHub Advanced Security was enabled for user namespace repositories in your enterprise. |
business_dependabot_alerts
Action | Description |
---|---|
business_dependabot_alerts.disable | Dependabot alerts were disabled for your enterprise. |
business_dependabot_alerts.enable | Dependabot alerts were enabled for your enterprise. |
business_dependabot_alerts_new_repos
Action | Description |
---|---|
business_dependabot_alerts_new_repos.disable | Dependabot alerts were disabled for new repositories in your enterprise. |
business_dependabot_alerts_new_repos.enable | Dependabot alerts were enabled for new repositories in your enterprise. |
business_secret_scanning_automatic_validity_checks
Action | Description |
---|---|
business_secret_scanning_automatic_validity_checks.disabled | Automatic partner validation checks have been disabled at the business level |
business_secret_scanning_automatic_validity_checks.enabled | Automatic partner validation checks have been enabled at the business level |
business_secret_scanning_custom_pattern
Action | Description |
---|---|
business_secret_scanning_custom_pattern.create | An enterprise-level custom pattern was created for secret scanning. |
business_secret_scanning_custom_pattern.delete | An enterprise-level custom pattern was removed from secret scanning. |
business_secret_scanning_custom_pattern.publish | An enterprise-level custom pattern was published for secret scanning. |
business_secret_scanning_custom_pattern.update | Changes to an enterprise-level custom pattern were saved and a dry run was executed for secret scanning. |
business_secret_scanning_custom_pattern_push_protection
Action | Description |
---|---|
business_secret_scanning_custom_pattern_push_protection.disabled | Push protection for a custom pattern for secret scanning was disabled for your enterprise. |
business_secret_scanning_custom_pattern_push_protection.enabled | Push protection for a custom pattern for secret scanning was enabled for your enterprise. |
business_secret_scanning
Action | Description |
---|---|
business_secret_scanning.disable | Secret scanning was disabled for your enterprise. |
business_secret_scanning.disabled_for_new_repos | Secret scanning was disabled for new repositories in your enterprise. |
business_secret_scanning.enable | Secret scanning was enabled for your enterprise. |
business_secret_scanning.enabled_for_new_repos | Secret scanning was enabled for new repositories in your enterprise. |
business_secret_scanning_generic_secrets
Action | Description |
---|---|
business_secret_scanning_generic_secrets.disabled | Generic secrets have been disabled at the business level |
business_secret_scanning_generic_secrets.enabled | Generic secrets have been enabled at the business level |
business_secret_scanning_non_provider_patterns
Action | Description |
---|---|
business_secret_scanning_non_provider_patterns.disabled | Secret scanning for non-provider patterns was disabled at the enterprise level. |
business_secret_scanning_non_provider_patterns.enabled | Secret scanning for non-provider patterns was enabled at the enterprise level. |
business_secret_scanning_push_protection_custom_message
Action | Description |
---|---|
business_secret_scanning_push_protection_custom_message.disable | The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise. |
business_secret_scanning_push_protection_custom_message.enable | The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise. |
business_secret_scanning_push_protection_custom_message.update | The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise. |
business_secret_scanning_push_protection
Action | Description |
---|---|
business_secret_scanning_push_protection.disable | Push protection for secret scanning was disabled for your enterprise. |
business_secret_scanning_push_protection.disabled_for_new_repos | Push protection for secret scanning was disabled for new repositories in your enterprise. |
business_secret_scanning_push_protection.enable | Push protection for secret scanning was enabled for your enterprise. |
business_secret_scanning_push_protection.enabled_for_new_repos | Push protection for secret scanning was enabled for new repositories in your enterprise. |
checks
Action | Description |
---|---|
checks.auto_trigger_disabled | Automatic creation of check suites was disabled on a repository in the organization or enterprise. |
checks.auto_trigger_enabled | Automatic creation of check suites was enabled on a repository in the organization or enterprise. |
checks.delete_logs | Logs in a check suite were deleted. |
code_scanning
Action | Description |
---|---|
code_scanning.alert_appeared_in_branch | An existing code scanning alert appeared in a branch. |
code_scanning.alert_closed_became_fixed | A code scanning alert was fixed. |
code_scanning.alert_closed_by_user | A code scanning alert was manually dismissed. |
code_scanning.alert_created | A code scanning alert was seen for the first time. |
code_scanning.alert_reappeared | A code scanning alert that was previously fixed reappeared. |
code_scanning.alert_reopened_by_user | A code scanning alert that was previously dismissed was reopened. |
code
Action | Description |
---|---|
code.search | A code search was run targeting an organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
codespaces
Action | Description |
---|---|
codespaces.allow_permissions | A codespace using custom permissions from its devcontainer.json file was launched. |
codespaces.attempted_to_create_from_prebuild | An attempt to create a codespace from a prebuild was made. |
codespaces.business_enablement_updated | Enterprise setting for Codespaces ownership was updated. |
codespaces.connect | Credentials for a codespace were refreshed. |
codespaces.create | A codespace was created |
codespaces.destroy | A user deleted a codespace. |
codespaces.export_environment | A codespace was exported to a branch on GitHub. |
codespaces.policy_group_created | Policies were applied to codespaces in an organization or enterprise. |
codespaces.policy_group_deleted | Policies were removed from codespaces in an organization or enterprise. |
codespaces.policy_group_updated | Policies were updated for codespaces in an organization or enterprise. |
codespaces.restore | A codespace was restored. |
codespaces.start_environment | A codespace was started. |
codespaces.suspend_environment | A codespace was stopped. |
codespaces.trusted_repositories_access_update | A personal account's access and security setting for Codespaces were updated. |
commit_comment
Action | Description |
---|---|
commit_comment.destroy | A commit comment was deleted. |
commit_comment.update | A commit comment was updated. |
copilot
Action | Description |
---|---|
copilot.access_revoked | Copilot access was revoked for the organization or enterprise due to its Copilot subscription ending, an issue with billing the entity, the entity being marked spammy, or the entity being suspended. |
copilot.cfb_enterprise_org_enablement_changed | The Copilot enablement policy changed at the enterprise level to either allow or disable access for all organizations, or to allow access for selected organizations. |
copilot.cfb_enterprise_settings_changed | Copilot feature settings were changed at the enterprise level. |
copilot.cfb_org_settings_changed | Copilot feature settings were changed at the organization level. |
copilot.cfb_seat_added | A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members. |
copilot.cfb_seat_assignment_created | A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created. |
copilot.cfb_seat_assignment_refreshed | A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot. |
copilot.cfb_seat_assignment_reused | A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot. |
copilot.cfb_seat_assignment_unassigned | A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle. |
copilot.cfb_seat_cancelled | A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot. |
copilot.cfb_seat_cancelled_by_staff | A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot. |
copilot.cfb_seat_management_changed | The seat management setting was changed at the organization level to either enable or disable Copilot access for all members of the organization, or to enable Copilot access for selected members or teams. |
copilot.clickwrap_save_event | The GitHub Copilot Product Terms or Pre-Release Preview Terms were accepted. |
copilot.content_exclusion_changed | The excluded paths for GitHub Copilot were updated. |
copilot.enterprise_enablement_changed | Copilot access was enabled or disabled at the enterprise level. |
copilot.knowledge_base_created | A knowledge base was created in the organization. |
copilot.knowledge_base_deleted | A knowledge base was deleted from the organization. |
copilot.knowledge_base_updated | A knowledge base was updated in the organization. |
copilot.plan_changed | The plan for GitHub Copilot was updated. |
copilot.plan_downgrade_scheduled | The plan for GitHub Copilot was scheduled to be downgraded. |
custom_property_definition
Action | Description |
---|---|
custom_property_definition.create | A new custom property definition was created. |
custom_property_definition.destroy | A custom property definition was deleted. |
custom_property_definition.update | A custom property definition was updated. |
custom_property_value
Action | Description |
---|---|
custom_property_value.create | A repository's custom property value was manually set for the first time. |
custom_property_value.destroy | A repository's custom property value was deleted. |
custom_property_value.update | A repository's custom property value was updated. |
dependabot_alerts
Action | Description |
---|---|
dependabot_alerts.disable | Dependabot alerts were disabled for all existing repositories. |
dependabot_alerts.enable | Dependabot alerts were enabled for all existing repositories. |
dependabot_alerts_new_repos
Action | Description |
---|---|
dependabot_alerts_new_repos.disable | Dependabot alerts were disabled for all new repositories. |
dependabot_alerts_new_repos.enable | Dependabot alerts were enabled for all new repositories. |
dependabot_repository_access
Action | Description |
---|---|
dependabot_repository_access.repositories_updated | The repositories that Dependabot can access were updated. |
dependabot_security_updates
Action | Description |
---|---|
dependabot_security_updates.disable | Dependabot security updates were disabled for all existing repositories. |
dependabot_security_updates.enable | Dependabot security updates were enabled for all existing repositories. |
dependabot_security_updates_new_repos
Action | Description |
---|---|
dependabot_security_updates_new_repos.disable | Dependabot security updates were disabled for all new repositories. |
dependabot_security_updates_new_repos.enable | Dependabot security updates were enabled for all new repositories. |
dependency_graph
Action | Description |
---|---|
dependency_graph.disable | The dependency graph was disabled for all existing repositories. |
dependency_graph.enable | The dependency graph was enabled for all existing repositories. |
dependency_graph_new_repos
Action | Description |
---|---|
dependency_graph_new_repos.disable | The dependency graph was disabled for all new repositories. |
dependency_graph_new_repos.enable | The dependency graph was enabled for all new repositories. |
discussion_post
Action | Description |
---|---|
discussion_post.destroy | Triggered when a team discussion post is deleted. |
discussion_post.update | Triggered when a team discussion post is edited. |
discussion_post_reply
Action | Description |
---|---|
discussion_post_reply.destroy | Triggered when a reply to a team discussion post is deleted. |
discussion_post_reply.update | Triggered when a reply to a team discussion post is edited. |
enterprise_announcement
Action | Description |
---|---|
enterprise_announcement.create | A global announcement banner was created for the enterprise. |
enterprise_announcement.destroy | A global announcement banner was removed from the enterprise. |
enterprise_announcement.update | A global announcement banner was updated for the enterprise. |
enterprise_domain
Action | Description |
---|---|
enterprise_domain.approve | A domain was approved for an enterprise. |
enterprise_domain.create | A domain was added to an enterprise. |
enterprise_domain.destroy | A domain was removed from an enterprise. |
enterprise_domain.verify | A domain was verified for an enterprise. |
enterprise_installation
Action | Description |
---|---|
enterprise_installation.create | The GitHub App associated with a GitHub Connect connection was created. |
enterprise_installation.destroy | The GitHub App associated with a GitHub Connect connection was deleted. |
enterprise
Action | Description |
---|---|
enterprise.register_self_hosted_runner | A new GitHub Actions self-hosted runner was registered. |
enterprise.remove_self_hosted_runner | A GitHub Actions self-hosted runner was removed. |
enterprise.runner_group_created | A GitHub Actions self-hosted runner group was created. |
enterprise.runner_group_removed | A GitHub Actions self-hosted runner group was removed. |
enterprise.runner_group_renamed | A GitHub Actions self-hosted runner group was renamed. |
enterprise.runner_group_runner_removed | The REST API was used to remove a GitHub Actions self-hosted runner from a group. |
enterprise.runner_group_runners_added | A GitHub Actions self-hosted runner was added to a group. |
enterprise.runner_group_runners_updated | A GitHub Actions runner group's list of members was updated. |
enterprise.runner_group_updated | The configuration of a GitHub Actions self-hosted runner group was changed. |
enterprise.runner_group_visiblity_updated | The visibility of a GitHub Actions self-hosted runner group was updated via the REST API. |
enterprise.self_hosted_runner_offline | The GitHub Actions runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
enterprise.self_hosted_runner_online | The GitHub Actions runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
enterprise.self_hosted_runner_updated | The GitHub Actions runner application was updated. This event is not included in the JSON/CSV export. |
enterprise_team
Action | Description |
---|---|
enterprise_team.add_member | A new member was added to the enterprise team or an IdP group linked to an enterprise team, or an IdP group was linked to an enterprise team. |
enterprise_team.copilot_assignment | A license for GitHub Copilot was assigned to an enterprise team. |
enterprise_team.copilot_unassignment | A license for GitHub Copilot was unassigned from an enterprise team. |
enterprise_team.create | A new enterprise team was created. |
enterprise_team.destroy | An enterprise team was deleted. |
enterprise_team.remove_member | A member was removed from the enterprise team or an IdP group linked to an enterprise team, or an IdP group was unlinked from an enterprise team. |
enterprise_team.rename | The name of an enterprise team was changed. |
environment
Action | Description |
---|---|
environment.add_protection_rule | A GitHub Actions deployment protection rule was created via the API. |
environment.create_actions_secret | A secret was created for a GitHub Actions environment. |
environment.create_actions_variable | A variable was created for a GitHub Actions environment. |
environment.delete | An environment was deleted. |
environment.remove_actions_secret | A secret was deleted for a GitHub Actions environment. |
environment.remove_actions_variable | A variable was deleted for a GitHub Actions environment. |
environment.remove_protection_rule | A GitHub Actions deployment protection rule was deleted via the API. |
environment.update_actions_secret | A secret was updated for a GitHub Actions environment. |
environment.update_actions_variable | A variable was updated for a GitHub Actions environment. |
environment.update_protection_rule | A GitHub Actions deployment protection rule was updated via the API. |
external_group
Action | Description |
---|---|
external_group.add_member | A user was added to an external group. |
external_group.delete | An external group was deleted. |
external_group.link | An external group was linked to a GitHub team. |
external_group.provision | An external group was created. |
external_group.remove_member | A user was removed from an external group. |
external_group.scim_api_failure | Failed external group SCIM API request. |
external_group.scim_api_success | Successful external group SCIM API request. Excludes GET API requests. |
external_group.unlink | An external group was unlinked to a GitHub team. |
external_group.update | An external group was updated. |
external_group.update_display_name | An external group's display name was updated. |
external_identity
Action | Description |
---|---|
external_identity.deprovision | An external identity was deprovisioned, suspending the linked GitHub user. |
external_identity.provision | An external identity was created and linked to a GitHub user. |
external_identity.scim_api_failure | Failed external identity SCIM API request. |
external_identity.scim_api_success | Successful external identity SCIM API request. Excludes GET API requests. |
external_identity.update | An external identity was updated. |
git
Action | Description |
---|---|
git.clone | A repository was cloned. |
git.fetch | Changes were fetched from a repository. |
git.push | Changes were pushed to a repository. |
hook
Action | Description |
---|---|
hook.active_changed | A hook's active status was updated. |
hook.config_changed | A hook's configuration was changed. |
hook.create | A new hook was added. |
hook.destroy | A hook was deleted. |
hook.events_changed | A hook's configured events were changed. |
integration
Action | Description |
---|---|
integration.create | A GitHub App was created. |
integration.destroy | A GitHub App was deleted. |
integration.manager_added | A member of an enterprise or organization was added as a GitHub App manager. |
integration.manager_removed | A member of an enterprise or organization was removed from being a GitHub App manager. |
integration.remove_client_secret | A client secret for a GitHub App was removed. |
integration.revoke_all_tokens | All user tokens for a GitHub App were requested to be revoked. |
integration.revoke_tokens | Token(s) for a GitHub App were revoked. |
integration.suspend | A GitHub App was suspended. |
integration.transfer | Ownership of a GitHub App was transferred to another user or organization. |
integration.unsuspend | A GitHub App was unsuspended. |
integration_installation
Action | Description |
---|---|
integration_installation.create | A GitHub App was installed. |
integration_installation.destroy | A GitHub App was uninstalled. |
integration_installation.repositories_added | Repositories were added to a GitHub App. |
integration_installation.repositories_removed | Repositories were removed from a GitHub App. |
integration_installation.suspend | A GitHub App was suspended. |
integration_installation.unsuspend | A GitHub App was unsuspended. |
integration_installation.version_updated | Permissions for a GitHub App were updated. |
integration_installation_request
Action | Description |
---|---|
integration_installation_request.close | A request to install a GitHub App was either approved or denied by an owner, or canceled by the member who opened the request. |
integration_installation_request.create | A member requested that an owner install a GitHub App. |
ip_allow_list
Action | Description |
---|---|
ip_allow_list.disable | An IP allow list was disabled. |
ip_allow_list.disable_for_installed_apps | An IP allow list was disabled for installed GitHub Apps. |
ip_allow_list.disable_idp_ip_allowlist_for_web | Identity Provider based IP allow list for web interactions was disabled. |
ip_allow_list.disable_user_level_enforcement | IP allow list user level enforcement was disabled. |
ip_allow_list.enable | An IP allow list was enabled. |
ip_allow_list.enable_for_installed_apps | An IP allow list was enabled for installed GitHub Apps. |
ip_allow_list.enable_idp_ip_allowlist_for_web | Identity Provider based IP allow list for web interactions was enabled. |
ip_allow_list.enable_user_level_enforcement | IP allow list user level enforcement was enabled. |
ip_allow_list_entry
Action | Description |
---|---|
ip_allow_list_entry.create | An IP address was added to an IP allow list. |
ip_allow_list_entry.destroy | An IP address was deleted from an IP allow list. |
ip_allow_list_entry.update | An IP address or its description was changed. |
issue_comment
Action | Description |
---|---|
issue_comment.destroy | A comment on an issue was deleted from the repository. |
issue_comment.update | A comment on an issue (other than the initial one) changed. |
issue
Action | Description |
---|---|
issue.destroy | An issue was deleted from the repository. |
issue.pinned | An issue was pinned to a repository. |
issue.transfer | An issue was transferred to another repository. |
issue.unpinned | An issue was unpinned from a repository. |
issues
Action | Description |
---|---|
issues.deletes_disabled | The ability for enterprise members to delete issues was disabled Members cannot delete issues in any organizations in an enterprise. |
issues.deletes_enabled | The ability for enterprise members to delete issues was enabled Members can delete issues in any organizations in an enterprise. |
issues.deletes_policy_cleared | An enterprise owner cleared the policy setting for allowing members to delete issues in an enterprise. |
marketplace_agreement_signature
Action | Description |
---|---|
marketplace_agreement_signature.create | The GitHub Marketplace Developer Agreement was signed. |
marketplace_listing
Action | Description |
---|---|
marketplace_listing.approve | A listing was approved for inclusion in GitHub Marketplace. |
marketplace_listing.change_category | A category for a listing for an app in GitHub Marketplace was changed. |
marketplace_listing.create | A listing for an app in GitHub Marketplace was created. |
marketplace_listing.delist | A listing was removed from GitHub Marketplace. |
marketplace_listing.redraft | A listing was sent back to draft state. |
marketplace_listing.reject | A listing was not accepted for inclusion in GitHub Marketplace. |
members_can_create_pages
Action | Description |
---|---|
members_can_create_pages.disable | The ability for members to publish GitHub Pages sites was disabled. |
members_can_create_pages.enable | The ability for members to publish GitHub Pages sites was enabled. |
members_can_create_public_pages
Action | Description |
---|---|
members_can_create_public_pages.disable | The ability for members to publish public GitHub Pages was disabled Members cannot publish public GitHub Pages in an organization. |
members_can_create_public_pages.enable | The ability for members to publish public GitHub Pages was enabled Members can publish public GitHub Pages in an organization. |
members_can_delete_repos
Action | Description |
---|---|
members_can_delete_repos.clear | An enterprise owner cleared the policy setting for deleting or transferring repositories in any organizations in an enterprise. |
members_can_delete_repos.disable | The ability for enterprise members to delete repositories was disabled Members cannot delete or transfer repositories in any organizations in an enterprise. |
members_can_delete_repos.enable | The ability for enterprise members to delete repositories was enabled Members can delete or transfer repositories in any organizations in an enterprise. |
members_can_view_dependency_insights
Action | Description |
---|---|
members_can_view_dependency_insights.clear | An enterprise owner cleared the policy setting for viewing dependency insights in any organizations in an enterprise. |
members_can_view_dependency_insights.disable | The ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise. |
members_can_view_dependency_insights.enable | The ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise. |
migration
Action | Description |
---|---|
migration.create | A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance. |
migration.destroy_file | A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was deleted. |
migration.download | A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was downloaded. |
network_configuration
Action | Description |
---|---|
network_configuration.create | A network configuration for a hosted compute service was created. |
network_configuration.delete | A network configuration for a hosted compute service was deleted. |
network_configuration.update | A network configuration for a hosted compute service was updated. |
oauth_application
Action | Description |
---|---|
oauth_application.create | An OAuth application was created. |
oauth_application.destroy | An OAuth application was deleted. |
oauth_application.generate_client_secret | An OAuth application's secret key was generated. |
oauth_application.remove_client_secret | An OAuth application's secret key was deleted. |
oauth_application.reset_secret | The secret key for an OAuth application was reset. |
oauth_application.revoke_all_tokens | All user tokens for an OAuth application were requested to be revoked. |
oauth_application.revoke_tokens | Token(s) for an OAuth application were revoked. |
oauth_application.transfer | An OAuth application was transferred from one account to another. |
org
Action | Description |
---|---|
org.accept_business_invitation | An invitation sent to an organization to join an enterprise was accepted. |
org.add_billing_manager | A billing manager was added to an organization. |
org.add_member | A user joined an organization. |
org.add_outside_collaborator | An outside collaborator was added to a repository. |
org.advanced_security_disabled_for_new_repos | GitHub Advanced Security was disabled for new repositories in an organization. |
org.advanced_security_disabled_on_all_repos | GitHub Advanced Security was disabled for all repositories in an organization. |
org.advanced_security_enabled_for_new_repos | GitHub Advanced Security was enabled for new repositories in an organization. |
org.advanced_security_enabled_on_all_repos | GitHub Advanced Security was enabled for all repositories in an organization. |
org.advanced_security_policy_selected_member_disabled | An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization. |
org.advanced_security_policy_selected_member_enabled | An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization. |
org.audit_log_export | An export of the organization audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query. |
org.audit_log_git_event_export | An export of the organization's Git events was created. |
org.block_user | An organization owner blocked a user from accessing the organization's repositories. |
org.cancel_business_invitation | An invitation for an organization to join an enterprise was revoked |
org.cancel_invitation | An invitation sent to a user to join an organization was revoked. |
org.code_scanning_autofix_disabled | Autofix for code scanning alerts was disabled for an organization. |
org.code_scanning_autofix_enabled | Autofix for code scanning alerts was enabled for an organization. |
org.code_scanning_autofix_third_party_tools_disabled | Autofix for third party tools for code scanning alerts was disabled for an organization. |
org.code_scanning_autofix_third_party_tools_enabled | Autofix for third party tools for code scanning alerts was enabled for an organization. |
org.codeql_disabled | Code scanning using the default setup was disabled for an organization. |
org.codeql_enabled | Code scanning using the default setup was enabled for an organization. |
org.codespaces_access_updated | Access to use Codespaces on internal and private repositories was updated for an organization. |
org.codespaces_ownership_updated | Ownership and payment for codespaces was updated for an organization. |
org.codespaces_team_access_allowed | A team has been allowed to use Codespaces for an organization. |
org.codespaces_team_access_revoked | A team has been prevented from using Codespaces for an organization. |
org.codespaces_trusted_repo_access_granted | GitHub Codespaces was granted trusted repository access to all other repositories in an organization. |
org.codespaces_trusted_repo_access_revoked | GitHub Codespaces trusted repository access to all other repositories in an organization was revoked. |
org.codespaces_user_access_allowed | A user has been allowed to use Codespaces for an organization. |
org.codespaces_user_access_revoked | A user has been prevented from using Codespaces for an organization. |
org.config.disable_collaborators_only | The interaction limit for collaborators only for an organization was disabled. |
org.config.disable_contributors_only | The interaction limit for prior contributors only for an organization was disabled. |
org.config.disable_sockpuppet_disallowed | The interaction limit for existing users only for an organization was disabled. |
org.config.enable_collaborators_only | The interaction limit for collaborators only for an organization was enabled. |
org.config.enable_contributors_only | The interaction limit for prior contributors only for an organization was enabled. |
org.config.enable_sockpuppet_disallowed | The interaction limit for existing users only for an organization was enabled. |
org.confirm_business_invitation | An invitation for an organization to join an enterprise was confirmed. |
org.create | An organization was created. |
org.create_actions_secret | A GitHub Actions secret was created for an organization. |
org.create_actions_variable | A GitHub Actions variable was created for an organization. |
org.create_integration_secret | A Codespaces or Dependabot secret was created for an organization. |
org.delete | An organization was deleted by a user or staff. |
org.disable_member_team_creation_permission | Team creation was limited to owners. |
org.disable_oauth_app_restrictions | Third-party application access restrictions for an organization were disabled. |
org.disable_reader_discussion_creation_permission | An organization owner limited discussion creation to users with at least triage permission in an organization. |
org.disable_saml | SAML single sign-on was disabled for an organization. |
org.disable_two_factor_requirement | A two-factor authentication requirement was disabled for the organization. |
org.display_commenter_full_name_disabled | An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name. |
org.display_commenter_full_name_enabled | An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name. |
org.enable_member_team_creation_permission | Team creation by members was allowed. |
org.enable_oauth_app_restrictions | Third-party application access restrictions for an organization were enabled. |
org.enable_reader_discussion_creation_permission | An organization owner allowed users with read access to create discussions in an organization |
org.enable_saml | SAML single sign-on was enabled for the organization. |
org.enable_two_factor_requirement | Two-factor authentication is now required for the organization. |
org.integration_manager_added | An organization owner granted a member access to manage all GitHub Apps owned by an organization. |
org.integration_manager_removed | An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member. |
org.invite_member | A new user was invited to join an organization. |
org.invite_to_business | An organization was invited to join an enterprise. |
org.members_can_update_protected_branches.disable | The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches. |
org.members_can_update_protected_branches.enable | The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches. |
org.oauth_app_access_approved | Access to an organization was granted for an OAuth App. |
org.oauth_app_access_denied | Access was disabled for an OAuth App that was previously approved. |
org.oauth_app_access_requested | An organization member requested that an owner grant an OAuth App access to an organization. |
org.recovery_code_failed | An organization owner failed to sign into a organization with an external identity provider (IdP) using a recovery code. |
org.recovery_code_used | An organization owner successfully signed into an organization with an external identity provider (IdP) using a recovery code. |
org.recovery_codes_downloaded | An organization owner downloaded the organization's SSO recovery codes. |
org.recovery_codes_generated | An organization owner generated the organization's SSO recovery codes. |
org.recovery_codes_printed | An organization owner printed the organization's SSO recovery codes. |
org.recovery_codes_viewed | An organization owner viewed the organization's SSO recovery codes. |
org.register_self_hosted_runner | A new self-hosted runner was registered. |
org.remove_actions_secret | A GitHub Actions secret was removed from an organization. |
org.remove_actions_variable | A GitHub Actions variable was removed from an organization. |
org.remove_billing_manager | A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement. |
org.remove_integration_secret | A Codespaces or Dependabot secret was removed from an organization. |
org.remove_member | A member was removed from an organization, either manually or due to a two-factor authentication requirement. |
org.remove_outside_collaborator | An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement. |
org.remove_self_hosted_runner | A self-hosted runner was removed. |
org.rename | An organization was renamed. |
org.required_workflow_create | Triggered when a required workflow is created. |
org.required_workflow_delete | Triggered when a required workflow is deleted. |
org.required_workflow_update | Triggered when a required workflow is updated. |
org.restore_member | An organization member was restored. |
org.runner_group_created | A self-hosted runner group was created. |
org.runner_group_removed | A self-hosted runner group was removed. |
org.runner_group_renamed | A self-hosted runner group was renamed. |
org.runner_group_runner_removed | The REST API was used to remove a self-hosted runner from a group. |
org.runner_group_runners_added | A self-hosted runner was added to a group. |
org.runner_group_runners_updated | A runner group's list of members was updated. |
org.runner_group_updated | The configuration of a self-hosted runner group was changed. |
org.runner_group_visiblity_updated | The visibility of a self-hosted runner group was updated via the REST API. |
org.secret_scanning_custom_pattern_push_protection_disabled | Push protection for a custom pattern for secret scanning was disabled for an organization. |
org.secret_scanning_custom_pattern_push_protection_enabled | Push protection for a custom pattern for secret scanning was enabled for an organization. |
org.secret_scanning_push_protection_custom_message_disabled | The custom message triggered by an attempted push to a push-protected repository was disabled for an organization. |
org.secret_scanning_push_protection_custom_message_enabled | The custom message triggered by an attempted push to a push-protected repository was enabled for an organization. |
org.secret_scanning_push_protection_custom_message_updated | The custom message triggered by an attempted push to a push-protected repository was updated for an organization. |
org.secret_scanning_push_protection_disable | Push protection for secret scanning was disabled. |
org.secret_scanning_push_protection_enable | Push protection for secret scanning was enabled. |
org.secret_scanning_push_protection_new_repos_disable | Push protection for secret scanning was disabled for all new repositories in the organization. |
org.secret_scanning_push_protection_new_repos_enable | Push protection for secret scanning was enabled for all new repositories in the organization. |
org.self_hosted_runner_offline | The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
org.self_hosted_runner_online | The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
org.self_hosted_runner_updated | The runner application was updated. This event is not included in the JSON/CSV export. |
org.set_actions_fork_pr_approvals_policy | The setting for requiring approvals for workflows from public forks was changed for an organization. |
org.set_actions_private_fork_pr_approvals_policy | The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization. |
org.set_actions_retention_limit | The retention period for GitHub Actions artifacts and logs in an organization was changed. |
org.set_default_workflow_permissions | The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization. |
org.set_fork_pr_workflows_policy | The policy for workflows on private repository forks was changed. |
org.set_workflow_permission_can_approve_pr | The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization. |
org.sso_response | A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
org.transfer | An organization was transferred between enterprise accounts. |
org.transfer_outgoing | An organization was transferred between enterprise accounts. |
org.unblock_user | A user was unblocked from an organization. |
org.update_actions_secret | A GitHub Actions secret was updated for an organization. |
org.update_actions_settings | An organization owner or site administrator updated GitHub Actions policy settings for an organization. |
org.update_actions_variable | A GitHub Actions variable was updated for an organization. |
org.update_default_repository_permission | The default repository permission level for organization members was changed. |
org.update_integration_secret | A Codespaces or Dependabot secret was updated for an organization. |
org.update_member | A person's role was changed from owner to member or member to owner. |
org.update_member_repository_creation_permission | The create repository permission for organization members was changed. |
org.update_member_repository_invitation_permission | An organization owner changed the policy setting for organization members inviting outside collaborators to repositories. |
org.update_new_repository_default_branch_setting | The name of the default branch was changed for new repositories in the organization. |
org.update_saml_provider_settings | An organization's SAML provider settings were updated. |
org.update_terms_of_service | An organization changed between the Standard Terms of Service and the GitHub Customer Agreement. |
org_credential_authorization
Action | Description |
---|---|
org_credential_authorization.deauthorize | A member removed the SSO (SAML or OIDC) authorization from a credential that had access to your organization. |
org_credential_authorization.grant | A member authorized credentials for use with SAML or OIDC single sign-on. |
org_credential_authorization.revoke | An owner revoked authorized credentials. |
org_secret_scanning_automatic_validity_checks
Action | Description |
---|---|
org_secret_scanning_automatic_validity_checks.disabled | Automatic partner validation checks have been disabled at the organization level |
org_secret_scanning_automatic_validity_checks.enabled | Automatic partner validation checks have been enabled at the organization level |
org_secret_scanning_custom_pattern
Action | Description |
---|---|
org_secret_scanning_custom_pattern.create | A custom pattern was created for secret scanning in an organization. |
org_secret_scanning_custom_pattern.delete | A custom pattern was removed from secret scanning in an organization. |
org_secret_scanning_custom_pattern.publish | A custom pattern was published for secret scanning in an organization. |
org_secret_scanning_custom_pattern.update | Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization. |
org_secret_scanning_generic_secrets
Action | Description |
---|---|
org_secret_scanning_generic_secrets.disabled | Generic secrets have been disabled at the organization level |
org_secret_scanning_generic_secrets.enabled | Generic secrets have been enabled at the organization level |
org_secret_scanning_non_provider_patterns
Action | Description |
---|---|
org_secret_scanning_non_provider_patterns.disabled | Secret scanning for non-provider patterns was disabled at the organization level. |
org_secret_scanning_non_provider_patterns.enabled | Secret scanning for non-provider patterns was enabled at the organization level. |
org_secret_scanning_push_protection_bypass_list
Action | Description |
---|---|
org_secret_scanning_push_protection_bypass_list.add | A role or team was added to the push protection bypass list at the organization level. |
org_secret_scanning_push_protection_bypass_list.disable | Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Specific roles or teams" to "Anyone with write access" at the organization level. |
org_secret_scanning_push_protection_bypass_list.enable | Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Anyone with write access" to "Specific roles or teams" at the organization level. |
org_secret_scanning_push_protection_bypass_list.remove | A role or team was removed from the push protection bypass list at the organization level. |
organization_default_label
Action | Description |
---|---|
organization_default_label.create | A default label was created for repositories in an organization. |
organization_default_label.destroy | A default label was deleted for repositories in an organization. |
organization_default_label.update | A default label was edited for repositories in an organization. |
organization_domain
Action | Description |
---|---|
organization_domain.approve | A domain was approved for an organization. |
organization_domain.create | A domain was added to an organization. |
organization_domain.destroy | A domain was removed from an organization. |
organization_domain.verify | A domain was verified for an organization. |
organization_projects_change
Action | Description |
---|---|
organization_projects_change.clear | An enterprise owner cleared the policy setting for organization-wide project boards in an enterprise. |
organization_projects_change.disable | Organization projects were disabled for all organizations in an enterprise. |
organization_projects_change.enable | Organization projects were enabled for all organizations in an enterprise. |
organization_role
Action | Description |
---|---|
organization_role.assign | An organization role was assigned to a user or team. |
organization_role.create | A custom organization role was created in an organization. |
organization_role.destroy | A custom organization role was deleted in an organization. |
organization_role.revoke | A user or team was unassigned an organization role. |
organization_role.update | A custom organization role was edited in an organization. |
organization_wide_project_base_role
Action | Description |
---|---|
organization_wide_project_base_role.update | An organization's default project base role was updated. |
packages
Action | Description |
---|---|
packages.package_deleted | An entire package was deleted. |
packages.package_published | A package was published or republished to an organization. |
packages.package_version_deleted | A specific package version was deleted. |
packages.package_version_published | A specific package version was published or republished to a package. |
pages_protected_domain
Action | Description |
---|---|
pages_protected_domain.create | A GitHub Pages verified domain was created for an organization or enterprise. |
pages_protected_domain.delete | A GitHub Pages verified domain was deleted from an organization or enterprise. |
pages_protected_domain.verify | A GitHub Pages domain was verified for an organization or enterprise. |
payment_method
Action | Description |
---|---|
payment_method.create | A new payment method was added, such as a new credit card or PayPal account. |
payment_method.remove | A payment method was removed. |
payment_method.update | An existing payment method was updated. |
personal_access_token
Action | Description |
---|---|
personal_access_token.access_granted | A fine-grained personal access token was granted access to resources. |
personal_access_token.access_revoked | A fine-grained personal access token was revoked. The token can still read public organization resources. |
personal_access_token.request_cancelled | A pending request for a fine-grained personal access token to access organization resources was canceled. |
personal_access_token.request_created | Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources. |
personal_access_token.request_denied | A request for a fine-grained personal access token to access organization resources was denied. |
prebuild_configuration
Action | Description |
---|---|
prebuild_configuration.create | A GitHub Codespaces prebuild configuration for a repository was created. |
prebuild_configuration.destroy | A GitHub Codespaces prebuild configuration for a repository was deleted. |
prebuild_configuration.run_triggered | A user initiated a run of a GitHub Codespaces prebuild configuration for a repository branch. |
prebuild_configuration.update | A GitHub Codespaces prebuild configuration for a repository was edited. |
private_repository_forking
Action | Description |
---|---|
private_repository_forking.clear | An enterprise owner cleared the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. |
private_repository_forking.disable | An enterprise owner disabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are never allowed to be forked. |
private_repository_forking.enable | An enterprise owner enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked. |
profile_picture
Action | Description |
---|---|
profile_picture.update | A profile picture was updated. |
project
Action | Description |
---|---|
project.access | A project board visibility was changed. |
project.close | A project board was closed. |
project.create | A project board was created. |
project.delete | A project board was deleted. |
project.link | A repository was linked to a project board. |
project.open | A project board was reopened. |
project.rename | A project board was renamed. |
project.unlink | A repository was unlinked from a project board. |
project.update_org_permission | The project's base-level permission for all organization members was changed or removed. |
project.update_team_permission | A team's project board permission level was changed or when a team was added or removed from a project board. |
project.update_user_permission | A user was added to or removed from a project board or had their permission level changed. |
project.visibility_private | A project's visibility was changed from public to private. |
project.visibility_public | A project's visibility was changed from private to public. |
project_base_role
Action | Description |
---|---|
project_base_role.update | A project's base role was updated. |
project_collaborator
Action | Description |
---|---|
project_collaborator.add | A collaborator was added to a project. |
project_collaborator.remove | A collaborator was removed from a project. |
project_collaborator.update | A project collaborator's permission level was changed. |
project_field
Action | Description |
---|---|
project_field.create | A field was created in a project board. |
project_field.delete | A field was deleted in a project board. |
project_view
Action | Description |
---|---|
project_view.create | A view was created in a project board. |
project_view.delete | A view was deleted in a project board. |
protected_branch
Action | Description |
---|---|
protected_branch.authorized_users_teams | The users, teams, or integrations allowed to bypass a branch protection were changed. |
protected_branch.branch_allowances | A protected branch allowance was given to a specific user, team or integration. |
protected_branch.create | Branch protection was enabled on a branch. |
protected_branch.destroy | Branch protection was disabled on a branch. |
protected_branch.dismiss_stale_reviews | Enforcement of dismissing stale pull requests was updated on a branch. |
protected_branch.dismissal_restricted_users_teams | Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch. |
protected_branch.policy_override | A branch protection requirement was overridden by a repository administrator. |
protected_branch.rejected_ref_update | A branch update attempt was rejected. |
protected_branch.update_admin_enforced | Branch protection was enforced for repository administrators. |
protected_branch.update_allow_force_pushes_enforcement_level | Force pushes were enabled or disabled for a branch. |
protected_branch.update_ignore_approvals_from_contributors | Ignoring of approvals from contributors to a pull request was enabled or disabled for a branch. |
protected_branch.update_lock_allows_fetch_and_merge | Fork syncing was enabled or disabled for a read-only branch |
protected_branch.update_lock_branch_enforcement_level | The enforcement of a branch lock was updated. |
protected_branch.update_merge_queue_enforcement_level | Enforcement of the merge queue was modified for a branch. |
protected_branch.update_name | A branch name pattern was updated for a branch. |
protected_branch.update_pull_request_reviews_enforcement_level | Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone). |
protected_branch.update_require_code_owner_review | Enforcement of required code owner review was updated for a branch. |
protected_branch.update_require_last_push_approval | Someone other than the person who pushed the last code-modifying commit to the branch must approve pull requests for the branch. |
protected_branch.update_required_approving_review_count | Enforcement of the required number of approvals before merging was updated on a branch. |
protected_branch.update_required_status_checks_enforcement_level | Enforcement of required status checks was updated for a branch. |
protected_branch.update_signature_requirement_enforcement_level | Enforcement of required commit signing was updated for a branch. |
protected_branch.update_strict_required_status_checks_policy | Enforcement of required status checks was updated for a branch. |
public_key
Action | Description |
---|---|
public_key.create | An SSH key was added to a user account or a deploy key was added to a repository. |
public_key.delete | An SSH key was removed from a user account or a deploy key was removed from a repository. |
public_key.unverification_failure | A user account's SSH key or a repository's deploy key was unable to be unverified. |
public_key.unverify | A user account's SSH key or a repository's deploy key was unverified. |
public_key.update | A user account's SSH key or a repository's deploy key was updated. |
public_key.verification_failure | A user account's SSH key or a repository's deploy key was unable to be verified. |
public_key.verify | A user account's SSH key or a repository's deploy key was verified. |
pull_request
Action | Description |
---|---|
pull_request.close | A pull request was closed without being merged. |
pull_request.converted_to_draft | A pull request was converted to a draft. |
pull_request.create | A pull request was created. |
pull_request.create_review_request | A review was requested on a pull request. |
pull_request.in_progress | A pull request was marked as in progress. |
pull_request.indirect_merge | A pull request was considered merged because the pull request's commits were merged into the target branch. |
pull_request.merge | A pull request was merged. |
pull_request.ready_for_review | A pull request was marked as ready for review. |
pull_request.remove_review_request | A review request was removed from a pull request. |
pull_request.reopen | A pull request was reopened after previously being closed. |
pull_request_review_comment
Action | Description |
---|---|
pull_request_review_comment.create | A review comment was added to a pull request. |
pull_request_review_comment.delete | A review comment on a pull request was deleted. |
pull_request_review_comment.update | A review comment on a pull request was changed. |
pull_request_review
Action | Description |
---|---|
pull_request_review.delete | A review on a pull request was deleted. |
pull_request_review.dismiss | A review on a pull request was dismissed. |
pull_request_review.submit | A review on a pull request was submitted. |
repo
Action | Description |
---|---|
repo.access | The visibility of a repository changed. |
repo.actions_enabled | GitHub Actions was enabled for a repository. |
repo.add_member | A collaborator was added to a repository. |
repo.add_topic | A topic was added to a repository. |
repo.advanced_security_disabled | GitHub Advanced Security was disabled for a repository. |
repo.advanced_security_enabled | GitHub Advanced Security was enabled for a repository. |
repo.archived | A repository was archived. |
repo.change_merge_setting | Pull request merge options were changed for a repository. |
repo.code_scanning_analysis_deleted | Code scanning analysis for a repository was deleted. |
repo.code_scanning_autofix_disabled | Autofix for code scanning alerts was disabled for a repository. |
repo.code_scanning_autofix_enabled | Autofix for code scanning alerts was enabled for a repository. |
repo.code_scanning_autofix_third_party_tools_disabled | Autofix for third party tools for code scanning alerts was disabled for a repository. |
repo.code_scanning_autofix_third_party_tools_enabled | Autofix for third party tools for code scanning alerts was enabled for a repository. |
repo.code_scanning_configuration_for_branch_deleted | A code scanning configuration for a branch of a repository was deleted. |
repo.codeql_disabled | Code scanning using the default setup was disabled for a repository. |
repo.codeql_enabled | Code scanning using the default setup was enabled for a repository. |
repo.codeql_updated | Code scanning using the default setup was updated for a repository. |
repo.codespaces_trusted_repo_access_granted | GitHub Codespaces was granted trusted repository access to this repository. |
repo.codespaces_trusted_repo_access_revoked | GitHub Codespaces trusted repository access to this repository was revoked. |
repo.config.disable_collaborators_only | The interaction limit for collaborators only was disabled. |
repo.config.disable_contributors_only | The interaction limit for prior contributors only was disabled in a repository. |
repo.config.disable_sockpuppet_disallowed | The interaction limit for existing users only was disabled in a repository. |
repo.config.enable_collaborators_only | The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration. |
repo.config.enable_contributors_only | The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration. |
repo.config.enable_sockpuppet_disallowed | The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository. |
repo.create | A repository was created. |
repo.create_actions_secret | A GitHub Actions secret was created for a repository. |
repo.create_actions_variable | A GitHub Actions variable was created for a repository. |
repo.create_integration_secret | A Codespaces or Dependabot secret was created for a repository. |
repo.destroy | A repository was deleted. |
repo.download_zip | A source code archive of a repository was downloaded as a ZIP file. |
repo.pages_cname | A GitHub Pages custom domain was modified in a repository. |
repo.pages_create | A GitHub Pages site was created. |
repo.pages_destroy | A GitHub Pages site was deleted. |
repo.pages_https_redirect_disabled | HTTPS redirects were disabled for a GitHub Pages site. |
repo.pages_https_redirect_enabled | HTTPS redirects were enabled for a GitHub Pages site. |
repo.pages_private | A GitHub Pages site visibility was changed to private. |
repo.pages_public | A GitHub Pages site visibility was changed to public. |
repo.pages_soft_delete | A GitHub Pages site was soft-deleted because its owner's plan changed. |
repo.pages_soft_delete_restore | A GitHub Pages site that was previously soft-deleted was restored. |
repo.pages_source | A GitHub Pages source was modified. |
repo.register_self_hosted_runner | A new self-hosted runner was registered. |
repo.remove_actions_secret | A GitHub Actions secret was deleted for a repository. |
repo.remove_actions_variable | A GitHub Actions variable was deleted for a repository. |
repo.remove_integration_secret | A Codespaces or Dependabot secret was deleted for a repository. |
repo.remove_member | A collaborator was removed from a repository. |
repo.remove_self_hosted_runner | A self-hosted runner was removed. |
repo.remove_topic | A topic was removed from a repository. |
repo.rename | A repository was renamed. |
repo.self_hosted_runner_offline | The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
repo.self_hosted_runner_online | The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
repo.self_hosted_runner_updated | The runner application was updated. This event is not included in the JSON/CSV export. |
repo.set_actions_fork_pr_approvals_policy | The setting for requiring approvals for workflows from public forks was changed for a repository. |
repo.set_actions_private_fork_pr_approvals_policy | The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository. |
repo.set_actions_retention_limit | The retention period for GitHub Actions artifacts and logs in a repository was changed. |
repo.set_default_workflow_permissions | The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository. |
repo.set_fork_pr_workflows_policy | Triggered when the policy for workflows on private repository forks is changed. |
repo.set_workflow_permission_can_approve_pr | The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository. |
repo.staff_unlock | An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository. |
repo.temporary_access_granted | Temporary access was enabled for a repository. |
repo.transfer | A user accepted a request to receive a transferred repository. |
repo.transfer_outgoing | A repository was transferred to another repository network. |
repo.transfer_start | A user sent a request to transfer a repository to another user or organization. |
repo.unarchived | A repository was unarchived. |
repo.update_actions_access_settings | The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed. |
repo.update_actions_secret | A GitHub Actions secret was updated for a repository. |
repo.update_actions_settings | A repository administrator changed GitHub Actions policy settings for a repository. |
repo.update_actions_variable | A GitHub Actions variable was updated for a repository. |
repo.update_default_branch | The default branch for a repository was changed. |
repo.update_integration_secret | A Codespaces or Dependabot secret was updated for a repository. |
repo.update_member | A user's permission to a repository was changed. |
repository_advisory
Action | Description |
---|---|
repository_advisory.close | Someone closed a security advisory. |
repository_advisory.cve_request | Someone requested a CVE (Common Vulnerabilities and Exposures) number from GitHub for a draft security advisory. |
repository_advisory.github_broadcast | GitHub made a security advisory public in the GitHub Advisory Database. |
repository_advisory.github_withdraw | GitHub withdrew a security advisory that was published in error. |
repository_advisory.open | Someone opened a draft security advisory. |
repository_advisory.publish | Someone published a security advisory. |
repository_advisory.reopen | Someone reopened as draft security advisory. |
repository_advisory.update | Someone edited a draft or published security advisory. |
repository_branch_protection_evaluation
Action | Description |
---|---|
repository_branch_protection_evaluation.disable | Branch protections were disabled for the repository. |
repository_branch_protection_evaluation.enable | Branch protections were enabled for this repository. |
repository_content_analysis
Action | Description |
---|---|
repository_content_analysis.disable | Data use settings were disabled for a private repository. |
repository_content_analysis.enable | Data use settings were enabled for a private repository. |
repository_dependency_graph
Action | Description |
---|---|
repository_dependency_graph.disable | The dependency graph was disabled for a private repository. |
repository_dependency_graph.enable | The dependency graph was enabled for a private repository. |
repository_image
Action | Description |
---|---|
repository_image.create | An image to represent a repository was uploaded. |
repository_image.destroy | An image to represent a repository was deleted. |
repository_invitation
Action | Description |
---|---|
repository_invitation.accept | An invitation to join a repository was accepted. |
repository_invitation.cancel | An invitation to join a repository was canceled. |
repository_invitation.create | An invitation to join a repository was sent. |
repository_invitation.reject | An invitation to join a repository was declined. |
repository_projects_change
Action | Description |
---|---|
repository_projects_change.clear | The repository projects policy was removed for an organization, or all organizations in the enterprise Organization owners can now control their repository projects settings. |
repository_projects_change.disable | Repository projects were disabled for a repository, all repositories in an organization, or all organizations in an enterprise. |
repository_projects_change.enable | Repository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise. |
repository_ruleset
Action | Description |
---|---|
repository_ruleset.create | A repository ruleset was created. |
repository_ruleset.destroy | A repository ruleset was deleted. |
repository_ruleset.update | A repository ruleset was edited. |
repository_secret_scanning_automatic_validity_checks
Action | Description |
---|---|
repository_secret_scanning_automatic_validity_checks.disabled | Automatic partner validation checks have been disabled at the repository level |
repository_secret_scanning_automatic_validity_checks.enabled | Automatic partner validation checks have been enabled at the repository level |
repository_secret_scanning_custom_pattern
Action | Description |
---|---|
repository_secret_scanning_custom_pattern.create | A custom pattern was created for secret scanning in a repository. |
repository_secret_scanning_custom_pattern.delete | A custom pattern was removed from secret scanning in a repository. |
repository_secret_scanning_custom_pattern.publish | A custom pattern was published for secret scanning in a repository. |
repository_secret_scanning_custom_pattern.update | Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository. |
repository_secret_scanning_custom_pattern_push_protection
Action | Description |
---|---|
repository_secret_scanning_custom_pattern_push_protection.disabled | Push protection for a custom pattern for secret scanning was disabled for your repository. |
repository_secret_scanning_custom_pattern_push_protection.enabled | Push protection for a custom pattern for secret scanning was enabled for your repository. |
repository_secret_scanning
Action | Description |
---|---|
repository_secret_scanning.disable | Secret scanning was disabled for a repository. |
repository_secret_scanning.enable | Secret scanning was enabled for a repository. |
repository_secret_scanning_generic_secrets
Action | Description |
---|---|
repository_secret_scanning_generic_secrets.disabled | Generic secrets have been disabled at the repository level |
repository_secret_scanning_generic_secrets.enabled | Generic secrets have been enabled at the repository level |
repository_secret_scanning_non_provider_patterns
Action | Description |
---|---|
repository_secret_scanning_non_provider_patterns.disabled | Secret scanning for non-provider patterns was disabled at the repository level. |
repository_secret_scanning_non_provider_patterns.enabled | Secret scanning for non-provider patterns was enabled at the repository level. |
repository_secret_scanning_push_protection_bypass_list
Action | Description |
---|---|
repository_secret_scanning_push_protection_bypass_list.add | A role or team was added to the push protection bypass list at the repository level. |
repository_secret_scanning_push_protection_bypass_list.disable | Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Specific roles or teams" to "Anyone with write access" at the repository level. |
repository_secret_scanning_push_protection_bypass_list.enable | Push protection settings for "Users who can bypass push protection for secret scanning" changed from "Anyone with write access" to "Specific roles or teams" at the repository level. |
repository_secret_scanning_push_protection_bypass_list.remove | A role or team was removed from the push protection bypass list at the repository level. |
repository_secret_scanning_push_protection
Action | Description |
---|---|
repository_secret_scanning_push_protection.disable | Secret scanning push protection was disabled for a repository. |
repository_secret_scanning_push_protection.enable | Secret scanning push protection was enabled for a repository. |
repository_security_configuration
Action | Description |
---|---|
repository_security_configuration.applied | A code security configuration was applied to a repository. |
repository_security_configuration.failed | A code security configuration failed to attach to the repository. |
repository_security_configuration.removed | A code security configuration was removed from a repository. |
repository_security_configuration.removed_by_settings_change | A code security configuration was removed due to a change in repository or enterprise settings. |
repository_visibility_change
Action | Description |
---|---|
repository_visibility_change.clear | The repository visibility change setting was cleared for an organization or enterprise. |
repository_visibility_change.disable | The ability for enterprise members to update a repository's visibility was disabled. Members are unable to change repository visibilities in an organization, or all organizations in an enterprise. |
repository_visibility_change.enable | The ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise. |
repository_vulnerability_alert
Action | Description |
---|---|
repository_vulnerability_alert.auto_dismiss | A Dependabot alert was automatically dismissed because its metadata matches an enabled Dependabot rule. |
repository_vulnerability_alert.auto_reopen | A previously auto-dismissed Dependabot alert was automatically reopened because its metadata no longer matches an enabled Dependabot rule. |
repository_vulnerability_alert.create | GitHub created a Dependabot alert because the repository uses a vulnerable dependency. |
repository_vulnerability_alert.dismiss | A Dependabot alert was manually dismissed. |
repository_vulnerability_alert.reintroduce | A Dependabot alert was automatically reopened because the repository resumed use of a vulnerable dependency. |
repository_vulnerability_alert.reopen | A Dependabot alert was manually reopened. |
repository_vulnerability_alert.resolve | Changes were pushed to update and resolve a Dependabot alert in a project dependency. |
repository_vulnerability_alert.withdraw | A Dependabot alert was withdrawn. |
repository_vulnerability_alerts
Action | Description |
---|---|
repository_vulnerability_alerts.authorized_users_teams | The list of people or teams authorized to receive Dependabot alerts for the repository was updated. |
repository_vulnerability_alerts.disable | Dependabot alerts was disabled. |
repository_vulnerability_alerts.enable | Dependabot alerts was enabled. |
repository_vulnerability_alerts_auto_dismissal
Action | Description |
---|---|
repository_vulnerability_alerts_auto_dismissal.disable | Automatic dismissal of low-impact Dependabot alerts was disabled for the repository. |
repository_vulnerability_alerts_auto_dismissal.enable | Automatic dismissal of low-impact Dependabot alerts was enabled for the repository. |
required_status_check
Action | Description |
---|---|
required_status_check.create | A status check was marked as required for a protected branch. |
required_status_check.destroy | A status check was no longer marked as required for a protected branch. |
restrict_notification_delivery
Action | Description |
---|---|
restrict_notification_delivery.disable | Email notification restrictions for an organization or enterprise were disabled. |
restrict_notification_delivery.enable | Email notification restrictions for an organization or enterprise were enabled. |
role
Action | Description |
---|---|
role.create | A new custom repository role was created. |
role.destroy | A custom repository role was deleted. |
role.update | A custom repository role was edited. |
secret_scanning_alert
Action | Description |
---|---|
secret_scanning_alert.create | GitHub detected a secret and created a secret scanning alert. |
secret_scanning_alert.public_leak | A secret scanning alert was leaked in a public repo. |
secret_scanning_alert.reopen | A secret scanning alert was reopened. |
secret_scanning_alert.report | A leaked secret was reported to the secret's provider by secret scanning. |
secret_scanning_alert.resolve | A secret scanning alert was resolved. |
secret_scanning_alert.revoke | A secret scanning alert was revoked. |
secret_scanning_alert.validate | A secret scanning alert was validated. |
secret_scanning
Action | Description |
---|---|
secret_scanning.disable | Secret scanning was disabled for all existing repositories. |
secret_scanning.enable | Secret scanning was enabled for all existing repositories. |
secret_scanning_new_repos
Action | Description |
---|---|
secret_scanning_new_repos.disable | Secret scanning was disabled for all new repositories. |
secret_scanning_new_repos.enable | Secret scanning was enabled for all new repositories. |
secret_scanning_push_protection
Action | Description |
---|---|
secret_scanning_push_protection.bypass | Triggered when a user bypasses the push protection on a secret detected by secret scanning. |
secret_scanning_push_protection_request
Action | Description |
---|---|
secret_scanning_push_protection_request.approve | A request to bypass secret scanning push protection was approved by a user. |
secret_scanning_push_protection_request.deny | A request to bypass secret scanning push protection was denied by a user. |
secret_scanning_push_protection_request.request | A user requested to bypass secret scanning push protection. |
security_configuration
Action | Description |
---|---|
security_configuration.create | A security configuration was created |
security_configuration.delete | A security configuration was deleted |
security_configuration.update | A security configuration was updated |
security_configuration_default
Action | Description |
---|---|
security_configuration_default.delete | A default security configuration setting for new repositories was removed. |
security_configuration_default.update | A default security configuration setting for new repositories was updated. |
security_configuration_policy
Action | Description |
---|---|
security_configuration_policy.update | A security configuration policy was updated |
sponsors
Action | Description |
---|---|
sponsors.agreement_sign | A GitHub Sponsors agreement was signed on behalf of an organization. |
sponsors.custom_amount_settings_change | Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed. |
sponsors.fiscal_host_change | The fiscal host for a GitHub Sponsors listing was updated. |
sponsors.repo_funding_links_file_action | The FUNDING file in a repository was changed. |
sponsors.sponsor_sponsorship_cancel | A sponsorship was canceled. |
sponsors.sponsor_sponsorship_create | A sponsorship was created, by sponsoring an account. |
sponsors.sponsor_sponsorship_payment_complete | After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete. |
sponsors.sponsor_sponsorship_preference_change | The option to receive email updates from a sponsored account was changed. |
sponsors.sponsor_sponsorship_tier_change | A sponsorship was upgraded or downgraded. |
sponsors.sponsored_developer_approve | A GitHub Sponsors account was approved. |
sponsors.sponsored_developer_create | A GitHub Sponsors account was created. |
sponsors.sponsored_developer_disable | A GitHub Sponsors account was disabled. |
sponsors.sponsored_developer_profile_update | The profile for GitHub Sponsors account was edited. |
sponsors.sponsored_developer_redraft | A GitHub Sponsors account was returned to draft state from approved state. |
sponsors.sponsored_developer_request_approval | An application for GitHub Sponsors was submitted for approval. |
sponsors.sponsored_developer_tier_description_update | The description for a sponsorship tier was changed. |
sponsors.sponsors_patreon_user_create | A Patreon account was linked to a user account for use with GitHub Sponsors. |
sponsors.sponsors_patreon_user_destroy | A Patreon account for use with GitHub Sponsors was unlinked from a user account. |
sponsors.update_tier_repository | A GitHub Sponsors tier changed access for a repository. |
sponsors.update_tier_welcome_message | The welcome message for a GitHub Sponsors tier for an organization was updated. |
sponsors.withdraw_agreement_signature | A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization. |
ssh_certificate_authority
Action | Description |
---|---|
ssh_certificate_authority.create | An SSH certificate authority for an organization or enterprise was created. |
ssh_certificate_authority.destroy | An SSH certificate authority for an organization or enterprise was deleted. |
ssh_certificate_requirement
Action | Description |
---|---|
ssh_certificate_requirement.disable | The requirement for members to use SSH certificates to access an organization resources was disabled. |
ssh_certificate_requirement.enable | The requirement for members to use SSH certificates to access an organization resources was enabled. |
sso_redirect
Action | Description |
---|---|
sso_redirect.disable | Automatic redirects for users to single sign-on (SSO) was disabled. |
sso_redirect.enable | Automatic redirects for users to single sign-on (SSO) was enabled. |
staff
Action | Description |
---|---|
staff.set_domain_token_expiration | The verification code expiry time for an organization or enterprise domain was set. |
staff.unverify_domain | An organization or enterprise domain was unverified. |
staff.verify_domain | An organization or enterprise domain was verified. |
team
Action | Description |
---|---|
team.add_member | A member of an organization was added to a team. |
team.add_repository | A team was given access and permissions to a repository. |
team.change_parent_team | A child team was created or a child team's parent was changed. |
team.change_privacy | A team's privacy level was changed. |
team.create | A new team is created. |
team.demote_maintainer | A user was demoted from a team maintainer to a team member. |
team.destroy | A team was deleted. |
team.promote_maintainer | A user was promoted from a team member to a team maintainer. |
team.remove_member | An organization member was removed from a team. |
team.remove_repository | A repository was removed from a team's control. |
team.rename | A team's name was changed. |
team.update_repository_permission | A team's permission to a repository was changed. |
team_discussions
Action | Description |
---|---|
team_discussions.clear | An organization owner cleared the setting to allow team discussions for an organization or enterprise. |
team_discussions.disable | Team discussions were disabled for an organization. |
team_discussions.enable | Team discussions were enabled for an organization. |
team_sync_tenant
Action | Description |
---|---|
team_sync_tenant.disabled | Team synchronization with a tenant was disabled. |
team_sync_tenant.enabled | Team synchronization with a tenant was enabled. |
team_sync_tenant.update_okta_credentials | The Okta credentials for team synchronization with a tenant were changed. |
user_email
Action | Description |
---|---|
user_email.confirm_claim | An enterprise managed user claimed an email address. |
user_license
Action | Description |
---|---|
user_license.create | A seat license for a user in an enterprise was created. |
user_license.destroy | A seat license for a user in an enterprise was deleted. |
user_license.update | A seat license type for a user in an enterprise was changed. |
vulnerability_alert_rule
Action | Description |
---|---|
vulnerability_alert_rule.create | A Dependabot rule was created. |
vulnerability_alert_rule.delete | A Dependabot rule was deleted. |
vulnerability_alert_rule.disable | A Dependabot rule was disabled for a single repository or disabled by default for an organization. |
vulnerability_alert_rule.enable | A Dependabot rule was enabled for a single repository or enabled by default for an organization. |
vulnerability_alert_rule.force_disable | A Dependabot rule was enabled for an organization and cannot be disabled for its repositories. |
vulnerability_alert_rule.force_enable | A Dependabot rule was disabled for an organization and cannot be enabled for its repositories. |
vulnerability_alert_rule.update | A Dependabot rule's conditions, actions, or metadata changed. |
workflows
Action | Description |
---|---|
workflows.approve_workflow_job | A workflow job was approved. |
workflows.cancel_workflow_run | A workflow run was cancelled. |
workflows.completed_workflow_run | A workflow status changed to completed. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
workflows.created_workflow_run | A workflow run was create. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
workflows.delete_workflow_run | A workflow run was deleted. |
workflows.disable_workflow | A workflow was disabled. |
workflows.enable_workflow | A workflow was enabled, after previously being disabled by disable_workflow. |
workflows.pin_workflow | A workflow was pinned. |
workflows.prepared_workflow_job | A workflow job was started. Includes the list of secrets that were provided to the job. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports. |
workflows.reject_workflow_job | A workflow job was rejected. |
workflows.rerun_workflow_run | A workflow run was re-run. |
workflows.unpin_workflow | A workflow was unpinned after previously being pinned. |