integrations · steveteuber · Nov 14, 2025 · Nov 19, 2025 · Dec 4, 2025 · Jan 14, 2026
diff --git a/github/config.go b/github/config.go
@@ -30,12 +30,13 @@ type Config struct {
 }
 
 type Owner struct {
-	name           string
-	id             int64
-	v3client       *github.Client
-	v4client       *githubv4.Client
-	StopContext    context.Context
-	IsOrganization bool
+	name                       string
+	id                         int64
+	v3client                   *github.Client
+	v4client                   *githubv4.Client
+	StopContext                context.Context
+	IsOrganization             bool
+	IsWebCommitSignoffRequired bool
 }
 
 const (
@@ -133,6 +134,7 @@ func (c *Config) ConfigureOwner(owner *Owner) (*Owner, error) {
 			if remoteOrg != nil {
 				owner.id = remoteOrg.GetID()
 				owner.IsOrganization = true
+				owner.IsWebCommitSignoffRequired = remoteOrg.GetWebCommitSignoffRequired()
 			}
 		}
 	}

diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go
@@ -945,18 +945,11 @@ func resourceGithubRepositoryUpdate(ctx context.Context, d *schema.ResourceData,
 	owner := meta.(*Owner).name
 	ctx = context.WithValue(ctx, ctxId, d.Id())
 
-	// When the organization has "Require sign off on web-based commits" enabled,
-	// the API doesn't allow you to send `web_commit_signoff_required` in order to
-	// update the repository with this field or it will throw a 422 error.
-	// As a workaround, we check if the organization requires it, and if so,
-	// we remove the field from the request.
-	if d.HasChange("web_commit_signoff_required") && meta.(*Owner).IsOrganization {
-		organization, _, err := client.Organizations.Get(ctx, owner)
-		if err == nil {
-			if organization != nil && organization.GetWebCommitSignoffRequired() {
-				repoReq.WebCommitSignoffRequired = nil
-			}
-		}
+	// When the organization has "Require contributors to sign off on web-based commits" enabled,
+	// the API doesn't allow you to send `web_commit_signoff_required` or it returns a 422 error.
+	// As a workaround, check if the organization requires it, and if so, remove it from the request.
+	if meta.(*Owner).IsOrganization && meta.(*Owner).IsWebCommitSignoffRequired {
+		repoReq.WebCommitSignoffRequired = nil
 	}
 
 	repo, _, err := client.Repositories.Edit(ctx, owner, repoName, repoReq)
@@ -1041,8 +1034,9 @@ func resourceGithubRepositoryDelete(ctx context.Context, d *schema.ResourceData,
 				return diag.FromErr(err)
 			}
 			repoReq := resourceGithubRepositoryObject(d)
-			// Always remove `web_commit_signoff_required` when archiving, to avoid 422 error
-			repoReq.WebCommitSignoffRequired = nil
+			if meta.(*Owner).IsOrganization && meta.(*Owner).IsWebCommitSignoffRequired {
+				repoReq.WebCommitSignoffRequired = nil
+			}
 			log.Printf("[DEBUG] Archiving repository on delete: %s/%s", owner, repoName)
 			_, _, err := client.Repositories.Edit(ctx, owner, repoName, repoReq)
 			return diag.FromErr(err)