Do collaborators have commit access on GitHub?

Question

One thing I noticed: Using the GitHub UI, I added a collaborator to a repository. I saw that they committed changes without any authority / approval from me. It was a privat

Answer 1

Private repositories in an ordinary user account are an all-or-nothing deal: either someone has full read/write access (i.e., they're a collaborator) or they have no access. However, if you set up an organization, create the repo under the aegis of the organization, and then add the collaborator, you have much more fine-grained control (including giving read-only access to a private repo).