manual-approval
manual-approval is a GitHub Actions plugin that pauses workflows and creates approval issues assigned to specified users or teams before continuing. It offers an alternative to GitHub's native environment-based approval, working on private repositories without Enterprise requirements.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | trstringer/manual-approval |
| Owner | trstringer |
| Primary language | Go |
| License | MIT — OSI-approved |
| Stars | 655 |
| Forks | 153 |
| Open issues | 29 |
| Latest release | v1.13.1 (2026-06-27) |
| Last updated | 2026-07-02 |
| Source | https://github.com/trstringer/manual-approval |
What manual-approval is
A Go-based GitHub Action that integrates with GitHub's API to create approval issues, poll for approver responses (matching approval/denial keywords), and conditionally advance or fail workflows. Supports user and org-team approvers, custom approval keywords, and polling configuration.
Get the manual-approval source
Clone the repository and explore it locally.
git clone https://github.com/trstringer/manual-approval.gitcd manual-approval# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Approvers must have repository permission to be assigned issues; validation errors (HTTP 402) occur if approvers lack permissions.
- Approval polling continues until 35-day GitHub Actions timeout or workflow timeout; ensure reasonable approver SLAs and monitoring.
- Org-team approvers require a GitHub App token with 'read organization members' permission; default GITHUB_TOKEN insufficient.
- Issue body file must be checked out in the same job; relative paths are relative to repository root.
- Custom approval/denial keywords can include emojis; copy from GitHub comments for accurate Unicode representation.
When to avoid it — and what to weigh
- Require Deployment Environment Protection — If your organization already uses GitHub Environments with protection rules and does not need private-repo support, the native feature offers tighter integration.
- Need Windows Runner Support — Action only supports Linux runners (amd64, arm64, arm/v8); Windows/amd64 runners are explicitly unsupported.
- Expect Sub-Minute Response Times — Approval polling defaults to 10-second intervals; tight SLA workflows may incur unnecessary API overhead or delays.
- Have Very Large Approval Documents — Issue body file size is capped at ~125 KB before secondary rate-limit errors; very large approval context requires external documentation links.
License & commercial use
MIT License: permissive, allows commercial and private use without restrictions. Retain license and copyright notice.
MIT License is a standard permissive OSI license. Commercial use, modification, and distribution are permitted; include original license. No warranties or liability guarantees.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Strong |
| Assessment confidence | High |
Requires GitHub token (GITHUB_TOKEN or GitHub App token) passed as secret; ensure token permissions match approver scope. Approval keywords are case-insensitive and do not require cryptographic signing. Org-team support requires GitHub App with member-read permissions—verify app scope and private key handling. No mention of approval log auditing or tamper-resistant storage; approval is recorded in issue comments.
Alternatives to consider
GitHub Environments with Deployment Protection Rules
Native GitHub feature with tighter integration and audit logging; requires GitHub Enterprise for private repos and environment-based workflow design.
Custom Bot/Webhook + CODEOWNERS
Lightweight alternative using status checks and CODEOWNERS; requires custom orchestration and does not provide built-in approval UI.
Snyk/Buildkite Manual Approval Plugins
Alternative CI/CD platforms with native approval steps; platform lock-in required and not GitHub-native.
Build on manual-approval with DEV.co software developers
Add manual-approval to your GitHub Actions workflow to enforce sign-off on sensitive operations—no Enterprise required.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
manual-approval FAQ
Can I use this on private repositories without GitHub Enterprise?
What happens if an approver denies the request?
How do I approve using org teams?
What is the maximum approval wait time?
Work with a software development agency
DEV.co helps companies turn open-source tools like manual-approval into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your open-source devops stack.
Gate your deployments with team approval
Add manual-approval to your GitHub Actions workflow to enforce sign-off on sensitive operations—no Enterprise required.