You can review your account's security log to better understand the actions you've performed in the last 90 days.

Accessing your security log

The security log lists the last 50 actions or those performed within the last 90 days.

  1. In the upper-right corner of any page, click your profile photo, then click Settings. Settings icon in the user bar
  2. In the user settings sidebar, click Security. Security settings sidebar

  3. Under "Security history," your log is displayed. Security log

  4. Click on an entry to see more information about the event. Security log

Understanding events in the security log

Actions listed in the audit log are grouped within the following categories:

Category Name Description
account_recovery_token Contains all activities related to adding a recovery token
billing Contains all activities related to your billing information.
marketplace_agreement_signature Contains all activities related to signing the GitHub Marketplace Developer Agreement.
marketplace_listing Contains all activities related to listing apps in GitHub Marketplace.
oauth_access Contains all activities related to OAuth Apps you've connected with.
payment_method Contains all activities related to paying for your GitHub plan.
profile_picture Contains all activities related to your profile picture.
project Contains all activities related to project boards.
public_key Contains all activities related to your public SSH keys.
repo Contains all activities related to the repositories you own.
repository_content_analysis Contains all activities related to enabling or disabling data use for a private repository.
repository_dependency_graph Contains all activities related to enabling or disabling the dependency graph for a private repository.
repository_vulnerability_alert Contains all activities related to security alerts for vulnerable dependencies.
two_factor_authentication Contains all activities related to two-factor authentication.
user Contains all activities related to your account.

A description of the events within these categories is listed below.

The account_recovery_token category

Action Description
confirm Triggered when you successfully store a new token with a recovery provider.
recover Triggered when you successfully redeem an account recovery token.
recover_error Triggered when a token is used but GitHub is not able to validate it.

The billing category

Action Description
change_billing_type Triggered when you change how you pay for GitHub.
change_email Triggered when you change your email address.

The marketplace_agreement_signature category

Action Description
create Triggered when you sign the GitHub Marketplace Developer Agreement.

The marketplace_listing category

Action Description
approve Triggered when your listing is approved for inclusion in GitHub Marketplace.
create Triggered when you create a listing for your app in GitHub Marketplace.
delist Triggered when your listing is removed from GitHub Marketplace.
redraft Triggered when your listing is sent back to draft state.
reject Triggered when your listing is not accepted for inclusion in GitHub Marketplace.

The oauth_access category

Action Description
create Triggered when you grant access to an OAuth App.
destroy Triggered when you revoke an OAuth App's access to your account.

The payment_method category

Action Description
clear Triggered when a payment method on file is removed.
create Triggered when a new payment method is added, such as a new credit card or PayPal account.
update Triggered when an existing payment method is updated.

The profile_picture category

Action Description
update Triggered when you set or update your profile picture.

The project category

Action Description
create Triggered when a project board is created.
rename Triggered when a project board is renamed.
delete Triggered when a project board is deleted.

The public_key category

Action Description
create Triggered when you add a new public SSH key to your GitHub account.
delete Triggered when you remove a public SSH key to your GitHub account.

The repo category

Action Description
access Triggered when you a repository you own is switched from "private" to "public" (or vice versa).
add_member Triggered when a GitHub user is invited to have collaboration access to a repository.
add_topic Triggered when a repository owner adds a topic to a repository.
archived Triggered when a repository owner archives a repository.
create Triggered when a new repository is created.
destroy Triggered when a repository is deleted.
disable Triggered when a repository is disabled (e.g., for insufficient funds).
enable Triggered when a repository is re-enabled.
remove_member Triggered when a GitHub user is removed from a repository as a collaborator.
remove_topic Triggered when a repository owner removes a topic from a repository.
rename Triggered when a repository is renamed.
transfer Triggered when a repository is transferred.
transfer_start Triggered when a repository transfer is about to occur.
unarchived Triggered when a repository owner unarchives a repository.

The repository_content_analysis category

Action Description
enable Triggered when a repository owner opts in to data use for a private repository.
disable Triggered when a repository owner opts out of data use for a private repository.

The repository_dependency_graph category

Action Description
enable Triggered when a repository owner enables the dependency graph for a private repository.
disable Triggered when a repository owner disables the dependency graph for a private repository.

The repository_vulnerability_alert category

Action Description
create Triggered when GitHub creates a security alert for a vulnerable dependency in a particular repository.
resolve Triggered when someone with write access to a repository pushes changes to update and resolve a vulnerability in a project dependency.
dismiss Triggered when a repository owner dismisses a security alert about a vulnerable dependency in a repository.

The two_factor_authentication category

Action Description
enabled Triggered when two-factor authentication is enabled.
disabled Triggered when two-factor authentication is disabled.

The user category

Action Description
add_email Triggered when you add a new email address.
create Triggered when you create a new user account.
remove_email Triggered when you remove an email address.
rename Triggered when you rename your account.
change_password Triggered when you change your password.
forgot_password Triggered when you ask for a password reset.
login Triggered when you log in to GitHub.
failed_login Triggered when you failed to log in successfully.
two_factor_requested Triggered when GitHub asks you for your two-factor authentication code.
show_private_contributions_count Triggered when you publicize private contributions on your profile.
hide_private_contributions_count Triggered when you hide private contributions on your profile.