Update docs about permissions required for managing dependabot-related secrets

[r7kamura]

Why:

Historically, it was already possible to manage secrets via the REST API with Write permissions, even though the GitHub web interface did not provide a UI for it at the time. Recently, the web UI has also been updated to allow secret management directly.
(As of October 16, 2025, it appears that the current UI has an issue where, if there are no Dependabot secrets yet, the link to the page for adding them is not displayed. However, it is still possible to access and manage Dependabot secrets by directly entering the page’s URL)

According to the following documentation, users with Write permission can now manage repository secrets:

• https://docs.github.com/en/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/repository-roles-for-an-organization#permissions-for-each-role

This update to the documentation appears to have been made in the following pull request:

• Repo sync #32565

Based on these facts, the current explanation stating that Owner or Admin permissions are required is no longer accurate.
I’d like to propose updating the description to reflect the actual behavior — namely, that Write permissions are sufficient to manage Dependabot-related secrets.

I verified this behavior in an organization repository where I have Write permission.
I haven’t tested it in a personal repository, so there’s a chance my understanding might not be entirely accurate in that case.
Reviewers are likely more familiar with the details here, so I’d appreciate it if you could double-check whether write permission is also sufficient for personal repositories.

What's being changed (if available, include any code snippets, screenshots, or gifs):

I’ve updated the description, which previously stated that Owner or Admin permissions were required to create secrets, to now indicate that Write permission is sufficient.

Check off the following:

• A subject matter expert (SME) has reviewed the technical accuracy of the content in this PR. In most cases, the author can be the SME. Open source contributions may require an SME review from GitHub staff.
• The changes in this PR meet the docs fundamentals that are required for all content.
• All CI checks are passing and the changes look good in the review environment.

[welcome]

Thanks for opening this pull request! A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

[Copilot]

Pull Request Overview

This PR updates documentation to accurately reflect the current permissions required for managing Dependabot-related repository secrets. The change corrects outdated information that stated owner/admin permissions were required, updating it to reflect that write access is now sufficient for both personal and organization repositories.

• Updates permission requirements from "owner" or "admin" to "write" access
• Simplifies the language by consolidating personal and organization repository requirements
• Aligns documentation with current GitHub functionality where write access allows secret management

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[github-actions]

How to review these changes 👓

Thank you for your contribution. To review these changes, choose one of the following options:

• Spin up a codespace
• Set up a local development environment

A Hubber will need to deploy your changes internally to review.

Table of review links

Note: Please update the URL for your staging server or codespace.

The table shows the files in the content directory that were changed in this pull request. This helps you review your changes on a staging server. Changes to the data directory are not included in this table.

Source	Review	Production	What Changed
code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot.md	fpt ghec ghes@ 3.18 3.17 3.16 3.15 3.14	fpt ghec ghes@ 3.18 3.17 3.16 3.15 3.14	from reusable

Key: fpt: Free, Pro, Team; ghec: GitHub Enterprise Cloud; ghes: GitHub Enterprise Server

🤖 This comment is automatically generated.

[Sharra-writes]

@r7kamura Thanks for opening a PR! I'm reasonably sure this change is correct, but I'll check with the Dependabot team to make sure!

Edit: Sorry, I didn't mean Dependabot. It's getting late here. I don't remember which team we were working with on this, but it's definitely on my project board somewhere.