github GitHub Changelog · 2d ago

Bot-created pull requests can run workflows with approval

securityinfraengineer

feature

Pull requests created by github-actions[bot] can now trigger CI/CD workflows upon user approval. This security enhancement prevents unreviewed generated code from automatically executing potentially sensitive workflows. The behavior now aligns with Copilot-generated pull requests, addressing a previous gap where bot-generated changes could be merged without CI checks.

Features (1) ›

Enable workflows for bot-created pull requests with approval

Pull requests created by the github-actions[bot] can now execute CI/CD workflows if they receive user approval. This is a security measure to prevent accidental execution of sensitive workflows by generated code. It aligns the behavior with Copilot-generated pull requests and ensures all pull requests, including bot-generated ones, can run configured CI/CD workflows after approval.

Read the original announcement →

https://github.blog/changelog/2026-06-11-bot-created-pull-requests-can-run-workflows-if-approved