Based on the volume of community requests, we have improved how tokens are generated for Organizations and now use organization-level self-hosted permissions instead of repo:admin.
By removing our internal dependency on repository admin privileges, we hope to alleviate some security concerns brought up by Organizations.
This only applies to Organizations, Individuals who own repositories will not see a change.
We're making this switch in early January. Once implemented, Organization Administrators will receive an automated email from GitHub with a subject like: power-z-gha-runner is requesting updated permissions
Details for how this is implemented, and why you may still see the repo:admin listed for the app in the Organization’s permissions page during this transition are documented in this blog post by @rahulssv-ibm Changing Organization Permissions for the IBM Power and Z GitHub Actions App
Based on the volume of community requests, we have improved how tokens are generated for Organizations and now use organization-level self-hosted permissions instead of repo:admin.
By removing our internal dependency on repository admin privileges, we hope to alleviate some security concerns brought up by Organizations.
This only applies to Organizations, Individuals who own repositories will not see a change.
We're making this switch in early January. Once implemented, Organization Administrators will receive an automated email from GitHub with a subject like: power-z-gha-runner is requesting updated permissions
Details for how this is implemented, and why you may still see the repo:admin listed for the app in the Organization’s permissions page during this transition are documented in this blog post by @rahulssv-ibm Changing Organization Permissions for the IBM Power and Z GitHub Actions App