Skip to content

merge queue: queuing main (964a793) and #11827 together #11834

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
mergify wants to merge 2 commits into from
Closed

merge queue: queuing main (964a793) and #11827 together #11834

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4c0ee64
docs(security): per-repo product enablement is repository write level
sileht Jun 14, 2026
a5cc0ad
Merge of #11827
mergify[bot] Jun 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 15 additions & 16 deletions src/content/docs/security.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,12 +75,12 @@ IPs must be allowlisted for OAuth sign-in to succeed.

### Delegated Roles

Some Mergify operations such as managing the subscription, configuring CI
Insights, or enabling integrations — require the GitHub organization
`Owner` role by default. To avoid granting full GitHub `Owner` rights to a
teammate who only needs one of these capabilities, GitHub `Owner`s can
delegate scoped Mergify admin powers to any organization member or
collaborator from the Mergify dashboard.
Some Mergify operations (such as managing the subscription, managing CI
Insights self-hosted runners, or configuring third-party integrations)
require the GitHub organization `Owner` role by default. To avoid granting
full GitHub `Owner` rights to a teammate who only needs one of these
capabilities, GitHub `Owner`s can delegate scoped Mergify admin powers to any
organization member or collaborator from the Mergify dashboard.

Delegated roles are managed from **Settings → Roles** on the Mergify
dashboard. Only GitHub `Owner`s and users holding the **Delegation Admin**
Expand Down Expand Up @@ -113,7 +113,7 @@ Each user can hold any combination of the following roles:
<tr>
<th scope="row">Integrations Admin</th>
<td>
Enable or disable Mergify products and configure the Slack and
Configure the default products for new repositories and the Slack and
Datadog notification integrations at the organization level.
</td>
</tr>
Expand Down Expand Up @@ -328,13 +328,13 @@ relevant account or resource. Permissions are inherited from GitHub roles.
<td>✓</td>
</tr>
<tr>
<td>Activate CI Insights or configure its repositories</td>
<td>✗</td>
<td>✗</td>
<td>✗</td>
<td>Activate CI Insights on a repository</td>
<td>✗</td>
<td>✗</td>
<td>✓</td>
<td>✓</td>
<td>✓</td>
<td>✓</td>
</tr>
<tr>
<td>Manage CI Insights Auto-Retry rules</td>
Expand Down Expand Up @@ -451,12 +451,11 @@ relevant account or resource. Permissions are inherited from GitHub roles.

- **Billing Admin** — manage Mergify subscription.

- **CI Admin** — manage API keys (CI scope only), activate CI Insights,
and manage CI Insights self-hosted runners.
- **CI Admin** — manage API keys (CI scope only) and manage CI Insights
self-hosted runners.

- **Integrations Admin** — enable or disable Mergify products,
configure default products for new repositories, and configure third-party
integrations (Slack, Datadog, etc.).
- **Integrations Admin** — configure default products for new repositories
and configure third-party integrations (Slack, Datadog, etc.).

- **Delegation Admin** — grant or revoke any of the roles above.

Expand Down