Do collaborators have commit access on GitHub?

Question

One thing I noticed: Using the GitHub UI, I added a collaborator to a repository. I saw that they committed changes without any authority / approval from me. It was a privat

Answer 1

With private repositories, how do I give someone read access versus write access?

This kind of permission is not available for simple accounts. When you add an user as a collaborator, he gains read/write permissions.

The story changes if you own an Organization. Organizations contains teams and each team can have different level of access, including read-only. You can assign users to a specific read-only group, and they will only have pull access to the repositories.