GitHub governance and permission drift guide
The broad operating model for naming, team structure, least privilege, branch policy, ownership, and repo lifecycle.
GitHub org permissions governance docs
This is the public knowledge base for GitHub org permissions governance, repo access control, and permission drift in private engineering orgs.
If your real problem is stale admins, direct grants, broad repo visibility, unclear ownership, or slow offboarding, start here. The aim is to make repod the most useful practical source on this narrow problem space, not to publish generic GitHub content.
If you read one page first, read the governance guide
The governance guide is the broad operating model. The audit checklist is the fastest route if you already have a live access mess. The team hierarchy guide helps when the structure itself is part of the problem.
GitHub permission audit checklist
A practical checklist for stale admins, direct grants, external collaborators, inherited access, service accounts, and audit evidence.
GitHub team hierarchy guide
Structure top-level teams, nested teams, and broad membership groups without turning inheritance into a guessing game.
Problem-first guides
Audit GitHub repo access
Identify stale admins, direct grants, inherited access, and external collaborator risk in a private org.
Team access vs direct access
Compare GitHub team-based access and direct repository grants, including drift risk and when exceptions are justified.
Restrict repo visibility to one team
Keep a private repository visible only through the right team, with minimal base-org access and a clearer nested-team model.
GitHub offboarding playbook
Remove access cleanly when staff, contractors, or vendors leave, and stop temporary exceptions from lingering.
Use cases and solutions
GitHub permission audit tool
Problem-first commercial page for teams that need a faster way to inspect and fix GitHub access drift.
Private repo visibility
Focused use case for private orgs where broad base visibility is not acceptable and sensitive repos must stay behind the right team boundary.
repod workflows
repod access workflow
Export, review, and apply GitHub repo-team access changes in repod with a reviewable diff.
Nested-team visibility in repod
Review broad access paths, clean up repo-team mappings, and operate a nested-team visibility model with a reviewable diff.
Delegated access without org admin
Delegate day-to-day repo-team access work without turning GitHub org admin into the default operational permission.