A governed console for the whole of GitHub — that cannot change a thing on its own.
Orb is an audit-grade access broker for GitHub Enterprise, built across a tier-1 bank's SDLC (2023–2026). It gives non-CLI users a governed surface for organizations, repositories, rulesets and role-based access inside a regulated bank — permission rendered as weight, not colour.
Its defining trait is zero-direct-write: the interface holds every change as staged state and cannot touch production. To make a change real it files a sync — a pull request under your own identity — reviewed and then reconciled downstream. The tool proposes; the record decides.
- I.StageHeld, not writtenEdits accumulate client-side as unsynced state. Nothing has happened yet.
- II.File a syncA reviewed pull requestThe staged change is filed as a PR under your identity — never written straight to live state.
- III.ReviewFiled, or returnedApproved, amended, or returned at a gate. The exact plan is visible before it is real.
- IV.ReconcileNow it is liveOn merge, a downstream run reconciles the change into state. Only now — and fully audited.