Auditing your organization's builds on the linked artifacts page

View or export metadata for build runs, storage details, and deployment context.

Who can use this feature?

Anyone with read access to an organization-owned repository

Organization accounts on any plan

In this article

You can use the linked artifacts page to connect your organization's artifacts to their build details, deployment context, and security metadata. The linked artifacts page collects metadata for artifacts built with GitHub Actions in your organization's repositories, regardless of whether the artifacts are stored on GitHub. For more information, see About linked artifacts.

Viewing an artifact

  1. On GitHub, navigate to the main page of your organization.

  2. Under your organization name, click the Packages tab.

    Screenshot of @octo-org's profile page. The "Packages" tab is highlighted with an orange outline.

  3. In the left sidebar, click Linked artifacts.

  4. Click the artifact you want to view.

  5. On the artifact's page, you can:

    • View the artifact's deployment history and registry storage details
    • Click through to the repository where the artifact's source code is defined
    • If available, click on the artifact's provenance attestation to find the workflow run that was used to build the artifact

For more information about how data enters the linked artifacts page, see Uploading storage and deployment data to the linked artifacts page.

Exporting artifact metadata

To export metadata in bulk for an audit, use the List artifact deployment records and List artifact storage records endpoints of the artifact metadata API.