Skip to main content
REST API теперь версия. Дополнительные сведения см. в разделе "О управлении версиями API".

REST API endpoints for push protection bypass requests

Use the REST API to manage push protection bypass requests for secret scanning.

List bypass requests for secret scanning for an org

List requests to bypass secret scanning push protection in an org.

Delegated bypass must be enabled on repositories in the org and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Подробные маркеры доступа для "List bypass requests for secret scanning for an org

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (read)

Параметры для "List bypass requests for secret scanning for an org"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
repository_name string

The name of the repository to filter on.

reviewer string

Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.

requester string

Filter bypass requests by the handle of the GitHub user who requested the bypass.

time_period string

The time period to filter by.

For example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for insights that occurred in the past 7 days (168 hours).

По умолчанию.: day

Возможные значения: hour, day, week, month

request_status string

The status of the bypass request to filter on. When specified, only requests with this status will be returned.

По умолчанию.: all

Возможные значения: completed, cancelled, expired, denied, open, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

По умолчанию.: 1

Коды состояния http-ответа для "List bypass requests for secret scanning for an org"

Код состоянияОписание
200

OK

404

Resource not found

500

Internal Error

Примеры кода для "List bypass requests for secret scanning for an org"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

get/orgs/{org}/bypass-requests/secret-scanning
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/bypass-requests/secret-scanning

Response

Status: 200
[ { "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning", "data": [ { "secret_type": "adafruit_io_key", "bypass_reason": "used_in_tests", "path": "/tests/README.md:16:0", "branch": "refs/heads/main" } ], "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132", "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/1", "html_url": "https://github.com/octo-org/smile/exemptions/1" }, { "id": 12, "number": 24, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning", "data": [ { "secret_type": "adafruit_io_key", "bypass_reason": "fix_later", "path": "README.md:17:0", "branch": "refs/heads/my-branch" } ], "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555", "status": "denied", "requester_comment": "Token is already revoked, I'll remove it later", "expires_at": "2024-07-08T07:43:03Z", "created_at": "2024-07-01T07:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/2", "html_url": "https://github.com/octo-org/smile/exemptions/2" } ]

List bypass requests for secret scanning for a repository

Lists requests to bypass secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Подробные маркеры доступа для "List bypass requests for secret scanning for a repository

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (read)

Параметры для "List bypass requests for secret scanning for a repository"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
reviewer string

Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.

requester string

Filter bypass requests by the handle of the GitHub user who requested the bypass.

time_period string

The time period to filter by.

For example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for insights that occurred in the past 7 days (168 hours).

По умолчанию.: day

Возможные значения: hour, day, week, month

request_status string

The status of the bypass request to filter on. When specified, only requests with this status will be returned.

По умолчанию.: all

Возможные значения: completed, cancelled, expired, denied, open, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

По умолчанию.: 1

Коды состояния http-ответа для "List bypass requests for secret scanning for a repository"

Код состоянияОписание
200

A list of the bypass requests.

403

Forbidden

404

Resource not found

500

Internal Error

Примеры кода для "List bypass requests for secret scanning for a repository"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

get/repos/{owner}/{repo}/bypass-requests/secret-scanning
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/bypass-requests/secret-scanning

A list of the bypass requests.

Status: 200
[ { "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning", "data": [ { "secret_type": "adafruit_io_key", "bypass_reason": "used_in_tests", "path": "/tests/README.md:16:0", "branch": "refs/heads/main" } ], "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132", "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/1", "html_url": "https://github.com/octo-org/smile/exemptions/1" }, { "id": 12, "number": 24, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning", "data": [ { "secret_type": "adafruit_io_key", "bypass_reason": "fix_later", "path": "README.md:17:0", "branch": "refs/heads/my-branch" } ], "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555", "status": "denied", "requester_comment": "Token is already revoked, I'll remove it later", "expires_at": "2024-07-08T07:43:03Z", "created_at": "2024-07-01T07:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/2", "html_url": "https://github.com/octo-org/smile/exemptions/2" } ]

Get a bypass request for secret scanning

Gets a specific request to bypass secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Подробные маркеры доступа для "Get a bypass request for secret scanning

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (read)

Параметры для "Get a bypass request for secret scanning"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

bypass_request_number integer Обязательное поле

The number that identifies the bypass request in a repository.

Коды состояния http-ответа для "Get a bypass request for secret scanning"

Код состоянияОписание
200

A single bypass request.

403

Forbidden

404

Resource not found

500

Internal Error

Примеры кода для "Get a bypass request for secret scanning"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

get/repos/{owner}/{repo}/bypass-requests/secret-scanning/{bypass_request_number}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/bypass-requests/secret-scanning/BYPASS_REQUEST_NUMBER

A single bypass request.

Status: 200
{ "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning", "data": [ { "secret_type": "adafruit_io_key", "bypass_reason": "used_in_tests", "path": "/tests/README.md:16:0", "branch": "refs/heads/main" } ], "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132", "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/secret-scanning/1", "html_url": "https://github.com/octo-org/smile/exemptions/1" }

Review a bypass request for secret scanning

Approve or deny a request to bypass secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Подробные маркеры доступа для "Review a bypass request for secret scanning

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (read)

Параметры для "Review a bypass request for secret scanning"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

bypass_request_number integer Обязательное поле

The number that identifies the bypass request in a repository.

Параметры запроса
Имя., Тип, Description
status string Обязательное поле

The review action to perform on the bypass request.

Возможные значения: approve, reject

message string Обязательное поле

A message to include with the review. Has a maximum character length of 2048.

Коды состояния http-ответа для "Review a bypass request for secret scanning"

Код состоянияОписание
200

The review of the bypass request.

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

500

Internal Error

Примеры кода для "Review a bypass request for secret scanning"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

patch/repos/{owner}/{repo}/bypass-requests/secret-scanning/{bypass_request_number}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/bypass-requests/secret-scanning/BYPASS_REQUEST_NUMBER \ -d '{"status":"reject","message":"This secret has not been revoked."}'

The review of the bypass request.

Status: 200
{ "bypass_review_id": 1 }

Dismiss a response on a bypass request for secret scanning

Dissmiss a response given to a bypass request for secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Подробные маркеры доступа для "Dismiss a response on a bypass request for secret scanning

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Secret scanning alerts" repository permissions (read)

Параметры для "Dismiss a response on a bypass request for secret scanning"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

bypass_response_id integer Обязательное поле

ID of the bypass response.

Коды состояния http-ответа для "Dismiss a response on a bypass request for secret scanning"

Код состоянияОписание
204

Review was successfully dismissed.

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

500

Internal Error

Примеры кода для "Dismiss a response on a bypass request for secret scanning"

Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.

Пример запроса

delete/repos/{owner}/{repo}/bypass-responses/secret-scanning/{bypass_response_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/bypass-responses/secret-scanning/BYPASS_RESPONSE_ID

Review was successfully dismissed.

Status: 204