The REST API is now versioned. For more information, see "About API versioning."

Rules

Use the REST API to manage rulesets for repositories. Rulesets control how people can interact with selected branches and tags in a repository.

Get rules for a branch

Works with GitHub Apps

Returns all active rules that apply to the specified branch. The branch does not need to exist; rules that would apply to a branch with that name will be returned. All active rules that apply will be returned, regardless of the level at which they are configured (e.g. repository or organization). Rules in rulesets with "evaluate" or "disabled" enforcement statuses are not returned.

Parameters for "Get rules for a branch"

Headers
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

branch string Required

The name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API.

Query parameters
per_page integer

The number of results per page (max 100).

Default: 30

page integer

Page number of the results to fetch.

Default: 1

HTTP response status codes for "Get rules for a branch"

Status codeDescription
200

OK

Code samples for "Get rules for a branch"

get/repos/{owner}/{repo}/rules/branches/{branch}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rules/branches/BRANCH

Response

Status: 200
[ { "type": "commit_message_pattern", "ruleset_source_type": "Repository", "ruleset_source": "monalisa/my-repo", "ruleset_id": 42, "parameters": { "operator": "starts_with", "pattern": "issue" } }, { "type": "commit_author_email_pattern", "ruleset_source_type": "Organization", "ruleset_source": "my-org", "ruleset_id": 73, "parameters": { "operator": "contains", "pattern": "github" } } ]

Get all repository rulesets

Works with GitHub Apps

Get all the rulesets for a repository.

Parameters for "Get all repository rulesets"

Headers
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

Query parameters
per_page integer

The number of results per page (max 100).

Default: 30

page integer

Page number of the results to fetch.

Default: 1

includes_parents boolean

Include rulesets configured at higher levels that apply to this repository

Default: true

HTTP response status codes for "Get all repository rulesets"

Status codeDescription
200

OK

404

Resource not found

500

Internal Error

Code samples for "Get all repository rulesets"

get/repos/{owner}/{repo}/rulesets
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets

Response

Status: 200
[ { "id": 42, "name": "super cool ruleset", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "enabled", "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }, { "id": 314, "name": "Another ruleset", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "enabled", "node_id": "RRS_lACkVXNlcgQQ", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/314" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/314" } }, "created_at": "2023-08-15T08:43:03Z", "updated_at": "2023-09-23T16:29:47Z" } ]

Create a repository ruleset

Works with GitHub Apps

Create a ruleset for a repository.

Parameters for "Create a repository ruleset"

Headers
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

Body parameters
name string Required

The name of the ruleset.

target string

The target of the ruleset.

Can be one of: branch, tag

enforcement string Required

The enforcement level of the ruleset. evaluate allows admins to test rules before enforcing them. Admins can view insights on the Rule Insights page (evaluate is only available with GitHub Enterprise).

Can be one of: disabled, active, evaluate

bypass_actors array of objects

The actors that can bypass the rules in this ruleset

actor_id integer Required

The ID of the actor that can bypass a ruleset. If actor_type is OrganizationAdmin, this should be 1.

actor_type string Required

The type of actor that can bypass a ruleset

Can be one of: RepositoryRole, Team, Integration, OrganizationAdmin

bypass_mode string Required

When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests.

Can be one of: always, pull_request

conditions object

Parameters for a repository ruleset ref name condition

ref_name object
include array of strings

Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts ~DEFAULT_BRANCH to include the default branch or ~ALL to include all branches.

exclude array of strings

Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

rules array of objects

An array of rules within the ruleset.

creation object Required

Only allow users with bypass permission to create matching refs.

type string Required

Value: creation

update object Required

Only allow users with bypass permission to update matching refs.

type string Required

Value: update

parameters object
update_allows_fetch_and_merge boolean Required

Branch can pull changes from its upstream repository

deletion object Required

Only allow users with bypass permissions to delete matching refs.

type string Required

Value: deletion

required_linear_history object Required

Prevent merge commits from being pushed to matching refs.

type string Required

Value: required_linear_history

required_deployments object Required

Choose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.

type string Required

Value: required_deployments

parameters object
required_deployment_environments array of strings Required

The environments that must be successfully deployed to before branches can be merged.

required_signatures object Required

Commits pushed to matching refs must have verified signatures.

type string Required

Value: required_signatures

pull_request object Required

Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.

type string Required

Value: pull_request

parameters object
dismiss_stale_reviews_on_push boolean Required

New, reviewable commits pushed will dismiss previous pull request review approvals.

require_code_owner_review boolean Required

Require an approving review in pull requests that modify files that have a designated code owner.

require_last_push_approval boolean Required

Whether the most recent reviewable push must be approved by someone other than the person who pushed it.

required_approving_review_count integer Required

The number of approving reviews that are required before a pull request can be merged.

required_review_thread_resolution boolean Required

All conversations on code must be resolved before a pull request can be merged.

required_status_checks object Required

Choose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.

type string Required

Value: required_status_checks

parameters object
required_status_checks array of objects Required

Status checks that are required.

context string Required

The status check context name that must be present on the commit.

integration_id integer

The optional integration ID that this status check must originate from.

strict_required_status_checks_policy boolean Required

Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.

non_fast_forward object Required

Prevent users with push access from force pushing to refs.

type string Required

Value: non_fast_forward

commit_message_pattern object Required

Parameters to be used for the commit_message_pattern rule

type string Required

Value: commit_message_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

commit_author_email_pattern object Required

Parameters to be used for the commit_author_email_pattern rule

type string Required

Value: commit_author_email_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

committer_email_pattern object Required

Parameters to be used for the committer_email_pattern rule

type string Required

Value: committer_email_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

branch_name_pattern object Required

Parameters to be used for the branch_name_pattern rule

type string Required

Value: branch_name_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

tag_name_pattern object Required

Parameters to be used for the tag_name_pattern rule

type string Required

Value: tag_name_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

workflows object Required

Require all changes made to a targeted branch to pass the specified workflows before they can be merged.

type string Required

Value: workflows

parameters object
workflows array of objects Required

Workflows that must pass for this rule to pass.

path string Required

The path to the workflow file

ref string

The ref (branch or tag) of the workflow file to use

repository_id integer Required

The ID of the repository where the workflow is defined

sha string

The commit SHA of the workflow file to use

HTTP response status codes for "Create a repository ruleset"

Status codeDescription
201

Created

404

Resource not found

500

Internal Error

Code samples for "Create a repository ruleset"

post/repos/{owner}/{repo}/rulesets
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets \ -d '{"name":"super cool ruleset","target":"branch","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"ref_name":{"include":["refs/heads/main","refs/heads/master"],"exclude":["refs/heads/dev*"]}},"rules":[{"type":"commit_author_email_pattern","parameters":{"operator":"contains","pattern":"github"}}]}'

Response

Status: 201
{ "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ], "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }

Get a repository ruleset

Works with GitHub Apps

Get a ruleset for a repository.

Parameters for "Get a repository ruleset"

Headers
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

ruleset_id integer Required

The ID of the ruleset.

Query parameters
includes_parents boolean

Include rulesets configured at higher levels that apply to this repository

Default: true

HTTP response status codes for "Get a repository ruleset"

Status codeDescription
200

OK

404

Resource not found

500

Internal Error

Code samples for "Get a repository ruleset"

get/repos/{owner}/{repo}/rulesets/{ruleset_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID

Response

Status: 200
{ "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ], "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }

Update a repository ruleset

Works with GitHub Apps

Update a ruleset for a repository.

Parameters for "Update a repository ruleset"

Headers
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

ruleset_id integer Required

The ID of the ruleset.

Body parameters
name string

The name of the ruleset.

target string

The target of the ruleset.

Can be one of: branch, tag

enforcement string

The enforcement level of the ruleset. evaluate allows admins to test rules before enforcing them. Admins can view insights on the Rule Insights page (evaluate is only available with GitHub Enterprise).

Can be one of: disabled, active, evaluate

bypass_actors array of objects

The actors that can bypass the rules in this ruleset

actor_id integer Required

The ID of the actor that can bypass a ruleset. If actor_type is OrganizationAdmin, this should be 1.

actor_type string Required

The type of actor that can bypass a ruleset

Can be one of: RepositoryRole, Team, Integration, OrganizationAdmin

bypass_mode string Required

When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests.

Can be one of: always, pull_request

conditions object

Parameters for a repository ruleset ref name condition

ref_name object
include array of strings

Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts ~DEFAULT_BRANCH to include the default branch or ~ALL to include all branches.

exclude array of strings

Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match.

rules array of objects

An array of rules within the ruleset.

creation object Required

Only allow users with bypass permission to create matching refs.

type string Required

Value: creation

update object Required

Only allow users with bypass permission to update matching refs.

type string Required

Value: update

parameters object
update_allows_fetch_and_merge boolean Required

Branch can pull changes from its upstream repository

deletion object Required

Only allow users with bypass permissions to delete matching refs.

type string Required

Value: deletion

required_linear_history object Required

Prevent merge commits from being pushed to matching refs.

type string Required

Value: required_linear_history

required_deployments object Required

Choose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.

type string Required

Value: required_deployments

parameters object
required_deployment_environments array of strings Required

The environments that must be successfully deployed to before branches can be merged.

required_signatures object Required

Commits pushed to matching refs must have verified signatures.

type string Required

Value: required_signatures

pull_request object Required

Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.

type string Required

Value: pull_request

parameters object
dismiss_stale_reviews_on_push boolean Required

New, reviewable commits pushed will dismiss previous pull request review approvals.

require_code_owner_review boolean Required

Require an approving review in pull requests that modify files that have a designated code owner.

require_last_push_approval boolean Required

Whether the most recent reviewable push must be approved by someone other than the person who pushed it.

required_approving_review_count integer Required

The number of approving reviews that are required before a pull request can be merged.

required_review_thread_resolution boolean Required

All conversations on code must be resolved before a pull request can be merged.

required_status_checks object Required

Choose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.

type string Required

Value: required_status_checks

parameters object
required_status_checks array of objects Required

Status checks that are required.

context string Required

The status check context name that must be present on the commit.

integration_id integer

The optional integration ID that this status check must originate from.

strict_required_status_checks_policy boolean Required

Whether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.

non_fast_forward object Required

Prevent users with push access from force pushing to refs.

type string Required

Value: non_fast_forward

commit_message_pattern object Required

Parameters to be used for the commit_message_pattern rule

type string Required

Value: commit_message_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

commit_author_email_pattern object Required

Parameters to be used for the commit_author_email_pattern rule

type string Required

Value: commit_author_email_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

committer_email_pattern object Required

Parameters to be used for the committer_email_pattern rule

type string Required

Value: committer_email_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

branch_name_pattern object Required

Parameters to be used for the branch_name_pattern rule

type string Required

Value: branch_name_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

tag_name_pattern object Required

Parameters to be used for the tag_name_pattern rule

type string Required

Value: tag_name_pattern

parameters object
name string

How this rule will appear to users.

negate boolean

If true, the rule will fail if the pattern matches.

operator string Required

The operator to use for matching.

Can be one of: starts_with, ends_with, contains, regex

pattern string Required

The pattern to match with.

workflows object Required

Require all changes made to a targeted branch to pass the specified workflows before they can be merged.

type string Required

Value: workflows

parameters object
workflows array of objects Required

Workflows that must pass for this rule to pass.

path string Required

The path to the workflow file

ref string

The ref (branch or tag) of the workflow file to use

repository_id integer Required

The ID of the repository where the workflow is defined

sha string

The commit SHA of the workflow file to use

HTTP response status codes for "Update a repository ruleset"

Status codeDescription
200

OK

404

Resource not found

500

Internal Error

Code samples for "Update a repository ruleset"

put/repos/{owner}/{repo}/rulesets/{ruleset_id}
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID \ -d '{"name":"super cool ruleset","target":"branch","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"ref_name":{"include":["refs/heads/main","refs/heads/master"],"exclude":["refs/heads/dev*"]}},"rules":[{"type":"commit_author_email_pattern","parameters":{"operator":"contains","pattern":"github"}}]}'

Response

Status: 200
{ "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ], "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }

Delete a repository ruleset

Works with GitHub Apps

Delete a ruleset for a repository.

Parameters for "Delete a repository ruleset"

Headers
accept string

Setting to application/vnd.github+json is recommended.

Path parameters
owner string Required

The account owner of the repository. The name is not case sensitive.

repo string Required

The name of the repository without the .git extension. The name is not case sensitive.

ruleset_id integer Required

The ID of the ruleset.

HTTP response status codes for "Delete a repository ruleset"

Status codeDescription
204

No Content

404

Resource not found

500

Internal Error

Code samples for "Delete a repository ruleset"

delete/repos/{owner}/{repo}/rulesets/{ruleset_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID

Response

Status: 204