Get Started Now!Security and team coordination go hand in hand. Access Controls integrate with your GitHub repository permissions to give you control over who can manage your merge freezes.
Team Security at Scale
As teams scale, you need more than just the ability to freeze and unfreeze repositories. You need to ensure that:
- Only authorized team members can implement merge freezes
- API credentials are protected from unauthorized access
- Emergency procedures can be executed by the right people
- Audit trails show who made what changes and when
What’s New
Fine-Grained Permissions
Control exactly who can perform critical actions in your organization:
Repository-Based Permissions
Access controls work with your existing GitHub repository permissions:
- Repository Administrators: Full access to freeze/unfreeze and manage settings
- Users with Write Access: Can freeze/unfreeze repositories (configurable)
- All Repository Users: Can freeze/unfreeze (default setting, can be restricted)
GitHub Permission Integration
Access controls integrate seamlessly with your GitHub repository permissions:
| Access Level | GitHub Permission | Can Freeze/Unfreeze | Can Manage Settings |
|---|---|---|---|
| Repository Admin | Admin | ✅ | ✅ |
| Write Access | Write | ✅ (configurable) | ❌ |
| Repository Access | Read/Triage | ✅ (default, can be restricted) | ❌ |
| No Repository Access | None | ❌ | ❌ |
Real-World Benefits
Security Enhancement
🔒 Default: Anyone with repository access can freeze/unfreeze
✅ Configurable: Restrict to only admins or users with write access
Best Practices
1. Principle of Least Privilege
Grant the minimum permissions needed for each role:
✅ Good: Release managers can freeze during planned releases
❌ Avoid: Everyone has full administrative access
2. Emergency Access Planning
Ensure multiple people have emergency access:
✅ Good: 2-3 people can perform emergency unfreezes
❌ Risky: Only one person has unfreeze permissions
Implementation Guide
Enhance your team’s deployment security:
- Review current team structure and identify who needs what access
- Visit your organization settings to configure access controls
- Test with a non-critical repository before rolling out widely
- Update team documentation with new procedures
For detailed setup instructions, check out our Access Controls Documentation.
Note: By default, anyone with access to a repository can implement merge freezes. Access controls allow you to restrict this to smaller groups when needed for security or operational reasons.
🔐 Better security. Better control. Better deployments.