Security Sync: Private Linear Updates to GitHub Branch Control
A private Linear issue is reassigned or its security level changes. Notis immediately updates GitHub branch restrictions to ensure only authorized people can push to the associated branch.
Trigger
Private Team Issue Properties Updated
Fires when properties on an issue change in a private Linear team (polled with the connected user's token).
Action
Add user access restrictions
Sets/replaces list of users allowed to push to a protected branch; usernames (e.g., `["user1"]`) must be a json array in request body (not schema parameters), an empty array `[]` removes all restrictions.
Why this helps
Issue ownership changes or security levels shift in Linear, but GitHub branch restrictions don't update. The wrong people still have access or the right people are blocked, creating security risks or workflow bottlenecks.
- Keep branch access aligned with issue ownership automatically
- Reduce security risk from stale permissions
- Ensure the right people (and only the right people) can push to branches
- Eliminate manual branch restriction management
Setup
Build it in a few focused steps.
- 1Connect Linear (with private team access) and GitHub to Notis
- 2Map Linear properties to GitHub permissions: 'if issue is assigned to Alice, grant push access to alice on the branch'
- 3Create an automation: 'When a private Linear team issue property changes (assignment, security label, etc.), update GitHub branch restrictions for the associated branch'
- 4Set trigger to 'Private team issue properties updated'
- 5Configure mappings in your prompt: 'leads get push access, contributors get pull request access, viewers get none'
- 6Test by changing a private Linear issue's assignment and verifying GitHub branch restrictions update
Questions about this workflow
How does Notis link a Linear issue to a GitHub branch?
Include a link in the Linear issue or PR title. Or configure automatic mapping: 'branch names match issue keys like linear-issue-123'.
What if an issue has multiple owners?
Your automation can grant access to all of them: 'if assigned to multiple people, grant push access to all assignees'.
Can I prevent certain people from having access regardless of assignment?
Yes. Add exclusions in your prompt: 'never grant access to contractors, only to employees' or 'exclude people on leave'.
What happens if an issue is reassigned?
Previous access is revoked and new assignees get access. Your automation can be configured to handle this: 'when reassigned, remove old assignee access and add new assignee'.
Does this work across multiple repositories?
Yes, if the branches follow a consistent naming pattern or you specify the mapping in the automation prompt.
When this happens · Trigger
Do this · Action
Supported Triggers and Actions
Notis builds workflows that link Linear to GitHub. A trigger fires from one place; an action lands in another.
Linear triggers
GitHub actions
Comment Received Trigger
Triggered when a comment is received.
Accept a repository invitation
Accepts a pending repository invitation that has been issued to the authenticated user.
Issue Created Trigger
Triggered when a new issue is created.
List repositories starred by the authenticated user
Deprecated: lists repositories starred by the authenticated user, including star creation timestamps; use 'list repositories starred by the authenticated user' instead.
Issue Updated Trigger
Triggered when an issue is updated. For example labels are changed, issue status is changed, etc.
List stargazers
Deprecated: lists users who have starred a repository; use `list stargazers` instead.
Private Team Comment Created
Fires when a new comment is posted on an issue in a private Linear team (polled with the connected user's token).
Star a repository for the authenticated user
Deprecated: stars a repository for the authenticated user; use `star a repository for the authenticated user` instead.
Private Team Issue Created
Fires when a new issue appears in a private Linear team (polled with the connected user's token).
Add email for auth user
Adds one or more email addresses (which will be initially unverified) to the authenticated user's github account; use this to associate new emails, noting an email verified for another account will error, while an existing email for the current user is accepted.
Private Team Issue Properties Updated
Fires when properties on an issue change in a private Linear team (polled with the connected user's token).
Add app access restrictions
Replaces github app access restrictions for an existing protected branch; requires a json array of app slugs in the request body, where apps must be installed and have 'contents' write permissions.
Project Created
Fires when a new Linear project is created. Covers projects in both public and private teams — polls with the connected user's token, so visibility matches what the connected user can see in Linear.
Add a repository collaborator
Adds a github user as a repository collaborator, or updates their permission if already a collaborator; `permission` applies to organization-owned repositories (personal ones default to 'push' and ignore this field), and an invitation may be created or permissions updated directly.
Project Properties Updated
Fires when properties on a Linear project change (status, lead, target date, priority, etc.). Covers projects in both public and private teams — polls with the connected user's token.
Add a repository to an app installation
Adds a repository to a github app installation, granting the app access; requires authenticated user to have admin rights for the repository and access to the installation.
Connect any two apps with Notis in the middle.
Not just Linear and GitHub. Any combination from 985+ integrations.
When this happens · Trigger
Do this · Action
Save your first hour today.
7 days free trial with 20$ free usage included.
No card. Works with personal or business GitHub.
