Block repository administrators from installing GitHub Apps on their own now generally available

Published: 3 days ago (December 1, 2025 at 03:45 PM EST)

1 min read

Source: GitHub Changelog

New setting for GitHub Apps installation control

Organization owners can now better control which users are allowed to install GitHub Apps across their repositories with a new setting.

GitHub Apps installation control

Previously, any user with admin permissions on a repository—including outside collaborators—could install GitHub Apps that requested only repository‑level permissions. This could cause unexpected app installations and governance challenges, particularly for organizations with strict security or compliance requirements.

When the new setting is enabled, only organization owners can install GitHub Apps on organization repositories. Repository admins must request an app installation from an organization owner.

How this benefits you

Strengthen governance by ensuring only trusted users can install GitHub Apps across repositories.
Reduce the risk of unauthorized or unexpected app installations.
Help meet compliance requirements.

How to enable the setting

Navigate to your organization’s Settings.
Click the Member privileges tab.
Locate the new option under GitHub Apps and enable it.

How to give feedback

If you have any questions or feedback, feel free to leave a comment in our Community discussion.

Block repository administrators from installing GitHub Apps on their own now generally available

New setting for GitHub Apps installation control

How this benefits you

How to enable the setting

How to give feedback

Related posts

CIS publishes hardening guidance for Red Hat OpenShift Virtualization

Accelerating innovation with AWS: Snyk selected as an AWS Pattern Partner

Run AutoMCP To Supercharge Your AI Agent with Libraries MCP Servers

Security Advisory: Critical RCE Vulnerabilities in React Server Components & Next.js (CVE-2025-55182 / CVE-2025-66478)