Forensic Lineage within GitHub Actions / Apps

Hey everyone!

Is anyone aware of how to monitor permission changes to a GitHub Action / app over time? Searched high and low within the GitHub apps docs as well as this community, but couldn’t find anything. Currently it seems I can only review an action’s permission changes from old -> new due to the re-approval needed to install the latest version of an app on a repository, but not how it’s permissions have changed since it was first created.

Do you mean GitHub App permissions?

There is no history records for these permissions to access.
What’s your purpose ? If you want to ask for supporting check permission history from an API , I would recommend you share your idea in GitHub API Development and Support category

1 Like

Thanks for the response! I did mean GitHub App permissions, and the purpose would be to satisfy security requirements within my organization that are looking for this feature to monitor permission changes over time. I’ll add it to category you linked, thanks again!