After doing some more research, it really doesn't help that GitHub has a GraphQL query to get a user by login and no obvious query to get a user by ID.

Is it guaranteed to not change?

GitHub user IDs look like "4723091" (there's mine).

If you look at the IDs for multiple accounts, you'll very quickly notice that they seem to have been assigned sequentially at registration time.

Fairly sure this is a permanent deal.

What's tricky is that GitHub API docs[1] appears to explicitly recommend passing the username and not the ID. Both the GraphQL and the REST versions tell you to get a user by passing a username.

[1]: https://docs.github.com/en/rest/users/users?apiVersion=2022-...

Yeah, they seem really focused on usernames. The sad thing is that you shouldn't just figure out a user-ID-to-username endpoint because that just creates a TOCTOU opportunity. You have to have GitHub accept a user ID directly on the operation you want to perform with that user, or else something could change in between getting the username and operating on that username.