Describe the problem
I want to integrate Weblate with GitHub using a GitHub App instead of a personal access token (PAT) or SSH deploy key. This would allow secure, organization-wide access to repositories without creating a dedicated GitHub user or managing long-lived credentials. GitHub Apps are the recommended way to automate workflows and offer short-lived tokens, scoped permissions, and centralized control.
Solution brainstorm
- Add GitHub App as a first-class authentication method in Weblate
- Allow configuration of App ID, Installation ID, and .pem private key
- Automatically generate JWT and fetch installation tokens
- Use x-access-token: for HTTPS Git operations
- Support global configuration or per-component overrides
- Optionally integrate a built-in Git credential helper or token proxy
- Enable webhook auto-detection for GitHub App installations
Describe alternatives you have considered
No response
Screenshots
No response
Additional context
GitHub Apps are widely used in CI/CD workflows (e.g. AL-Go, GitHub Actions) and offer better security than PATs. Weblate currently requires either a GitHub user with PAT or SSH keys, which is not ideal for organizations. Related discussions and issues:
Describe the problem
I want to integrate Weblate with GitHub using a GitHub App instead of a personal access token (PAT) or SSH deploy key. This would allow secure, organization-wide access to repositories without creating a dedicated GitHub user or managing long-lived credentials. GitHub Apps are the recommended way to automate workflows and offer short-lived tokens, scoped permissions, and centralized control.
Solution brainstorm
Describe alternatives you have considered
No response
Screenshots
No response
Additional context
GitHub Apps are widely used in CI/CD workflows (e.g. AL-Go, GitHub Actions) and offer better security than PATs. Weblate currently requires either a GitHub user with PAT or SSH keys, which is not ideal for organizations. Related discussions and issues: