Skip to content

Improve GitHub Actions Fork Approval Documentation #40539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
SachinSingh008 wants to merge 3 commits into from
Closed

Improve GitHub Actions Fork Approval Documentation #40539

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
41c4ff8
Update approve-runs-from-forks.md
SachinSingh008 Sep 25, 2025
fbaabd2
Merge branch 'main' into patch-1
SachinSingh008 Sep 25, 2025
6cf4057
Merge branch 'main' into patch-1
SachinSingh008 Sep 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions content/actions/how-tos/manage-workflow-runs/approve-runs-from-forks.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,12 @@ redirect_from:
- /actions/managing-workflow-runs-and-deployments/managing-workflow-runs/approving-workflow-runs-from-private-forks
---

Workflow runs triggered by a contributor's pull request from a fork may require manual approval from a maintainer with write access. You can configure workflow approval requirements for a [repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks), [organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#configuring-required-approval-for-workflows-from-public-forks), or [enterprise](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise).
When external contributors submit pull requests from their forked repositories, the automated workflows (like tests or builds) may need your approval before running. This security measure prevents untrusted code from accessing your repository's resources and secrets.

Workflow runs that have been awaiting approval for more than 30 days are automatically deleted.
**Configuration levels:**
Configure approval requirements at the [repository](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks), [organization](/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#configuring-required-approval-for-workflows-from-public-forks), or [enterprise](/enterprise-cloud@latest/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise) level.

**Auto-deletion:** Workflow runs awaiting approval for more than 30 days are automatically deleted.

## Approving workflow runs on a pull request from a public fork

Expand Down
Loading