Skip to main content

Gestion des demandes de contournement de la protection push

En tant que membre de la liste de contournement d’une organisation ou d’un référentiel, vous pouvez passer en revue les demandes de contournement d’autres membres de l’organisation ou du référentiel.

Qui peut utiliser cette fonctionnalité ?

  • Propriétaires de l'organisation
  • Gestionnaires de sécurité
  • Les utilisateurs des équipes, des rôles par défaut ou des rôles personnalisés qui ont été ajoutés à la liste de contournement.

Managing requests to bypass push protection

Note

Delegated bypass for push protection is currently in beta and subject to change.

When enabling delegated bypass for push protection, organization owners or repository administrators decide which roles or teams can review (approve or deny) requests to bypass push protection.

When a contributor requests bypass privileges to push a commit containing a secret, this designated group of reviewers:

  • Receives an email notification containing a link to the request.
  • Reviews the request in the "Bypass requests" page of the repository.
  • Has 7 days to either approve or deny the request before the request expires.

To help reviewers efficiently triage secrets for which there is a bypass request, GitHub displays the following information in the request:

  • Name of the user who attempted the push.
  • Repository where the push was attempted.
  • Commit hash of the push.
  • Timestamp of the push.

The contributor is notified of the decision by email and must take the required action:

  • If the request is approved, the contributor can push the commit containing the secret to the repository.
  • If the request is denied, the contributor must remove the secret from the commit in order to successfully push the commit to the repository.

Managing requests for a repository

  1. On GitHub, navigate to the main page of the repository.
  2. Under the repository name, click Security. If you cannot see the "Security" tab, select the dropdown menu, and then click Security.
    Screenshot of a repository header showing the tabs. The "Security" tab is highlighted by a dark orange outline.
  3. In the left sidebar, under "Requests," click Push protection bypass.
  4. Select the All statuses dropdown menu, then click Open to view requests that are awaiting review, and those that have been approved but for which the commits haven't been pushed to the repository yet.
  5. Click the request that you want to review.
  6. Review the details of the request.
  7. To allow the contributor to push the commit containing the secret, click Approve bypass request. Or, to require the contributor to remove the secret from the commit, click Deny bypass request.

Filtering requests

You can filter requests by:

  • Approver (member of the bypass list)
  • Requester (contributor making the request)
  • Timeframe
  • Status

Filtering by status

The following statuses are assigned to a request:

StatusDescription
CancelledThe request has been canceled by the contributor.
CompletedThe request has been approved and the commit(s) have been pushed to the repository.
DeniedThe request has been reviewed and denied.
ExpiredThe request has expired. Requests are valid for 7 days.
OpenThe request has either not yet been reviewed, or has been approved but the commit(s) have not been pushed to the repository.

Further reading