Puntos de conexión de API de REST para solicitudes de omisión de protección de envío de cambios

List bypass requests for secret scanning for an org

List requests to bypass secret scanning push protection in an org.

Delegated bypass must be enabled on repositories in the org and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Tokens de acceso específicos para "List bypass requests for secret scanning for an org"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

"Secret scanning alerts" repository permissions (read) and "Organization bypass requests for secret scanning" organization permissions (read)

Parámetros para "List bypass requests for secret scanning for an org"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.

Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`org` string Requerido The organization name. The name is not case sensitive.

Parámetros de consulta
Nombre, Tipo, Descripción
`repository_name` string The name of the repository to filter on.
`reviewer` string Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.
`requester` string Filter bypass requests by the handle of the GitHub user who requested the bypass.
`time_period` string The time period to filter by. For example, `day` will filter for rule suites that occurred in the past 24 hours, and `week` will filter for rule suites that occurred in the past 7 days (168 hours). Valor predeterminado: `day` Puede ser uno de los siguientes: `hour`, `day`, `week`, `month`
`request_status` string The status of the bypass request to filter on. When specified, only requests with this status will be returned. Valor predeterminado: `all` Puede ser uno de los siguientes: `completed`, `cancelled`, `approved`, `expired`, `deleted`, `denied`, `open`, `all`
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: `30`
`page` integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: `1`

Códigos de estado de respuesta HTTP para "List bypass requests for secret scanning for an org"

status code	Descripción
`200`	OK
`404`	Resource not found
`500`	Internal Error

Ejemplos de código para "List bypass requests for secret scanning for an org"

Ejemplo de solicitud

get/orgs/{org}/bypass-requests/secret-scanning

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/orgs/ORG/bypass-requests/secret-scanning

Response

Status: 200

[
  {
    "id": 21,
    "number": 42,
    "repository": {
      "id": 1,
      "name": "smile",
      "full_name": "octo-org/smile"
    },
    "organization": {
      "id": 1,
      "name": "octo-org"
    },
    "requester": {
      "actor_id": 12,
      "actor_name": "monalisa"
    },
    "request_type": "secret_scanning",
    "data": [
      {
        "secret_type": "adafruit_io_key",
        "bypass_reason": "used_in_tests",
        "path": "/tests/README.md:16:0",
        "branch": "refs/heads/main"
      }
    ],
    "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132",
    "status": "denied",
    "requester_comment": "Test token used in the readme as an example",
    "expires_at": "2024-07-08T08:43:03Z",
    "created_at": "2024-07-01T08:43:03Z",
    "responses": [
      {
        "id": 42,
        "reviewer": {
          "actor_id": 4,
          "actor_name": "octocat"
        },
        "status": "denied",
        "created_at": "2024-07-02T08:43:04Z"
      }
    ],
    "url": "https://HOSTNAME/repos/octo-org/smile/bypass-requests/secret-scanning/1",
    "html_url": "https://github.com/octo-org/smile/exemptions/1"
  },
  {
    "id": 12,
    "number": 24,
    "repository": {
      "id": 1,
      "name": "smile",
      "full_name": "octo-org/smile"
    },
    "organization": {
      "id": 1,
      "name": "octo-org"
    },
    "requester": {
      "actor_id": 12,
      "actor_name": "monalisa"
    },
    "request_type": "secret_scanning",
    "data": [
      {
        "secret_type": "adafruit_io_key",
        "bypass_reason": "fix_later",
        "path": "README.md:17:0",
        "branch": "refs/heads/my-branch"
      }
    ],
    "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555",
    "status": "denied",
    "requester_comment": "Token is already revoked, I'll remove it later",
    "expires_at": "2024-07-08T07:43:03Z",
    "created_at": "2024-07-01T07:43:03Z",
    "responses": [
      {
        "id": 42,
        "reviewer": {
          "actor_id": 4,
          "actor_name": "octocat"
        },
        "status": "denied",
        "created_at": "2024-07-02T08:43:04Z"
      }
    ],
    "url": "https://HOSTNAME/repos/octo-org/smile/bypass-requests/secret-scanning/2",
    "html_url": "https://github.com/octo-org/smile/exemptions/2"
  }
]

List bypass requests for secret scanning for a repository

Lists requests to bypass secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Tokens de acceso específicos para "List bypass requests for secret scanning for a repository"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener al menos uno de los siguientes conjuntos de permisos:

"Secret scanning alerts" repository permissions (read) and "Organization bypass requests for secret scanning" organization permissions (read)
"Secret scanning alerts" repository permissions (read) and "Secret scanning push protection bypass requests" repository permissions (read)

Parámetros para "List bypass requests for secret scanning for a repository"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.

Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository without the `.git` extension. The name is not case sensitive.

Parámetros de consulta
Nombre, Tipo, Descripción
`reviewer` string Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.
`requester` string Filter bypass requests by the handle of the GitHub user who requested the bypass.
`time_period` string The time period to filter by. For example, `day` will filter for rule suites that occurred in the past 24 hours, and `week` will filter for rule suites that occurred in the past 7 days (168 hours). Valor predeterminado: `day` Puede ser uno de los siguientes: `hour`, `day`, `week`, `month`
`request_status` string The status of the bypass request to filter on. When specified, only requests with this status will be returned. Valor predeterminado: `all` Puede ser uno de los siguientes: `completed`, `cancelled`, `approved`, `expired`, `deleted`, `denied`, `open`, `all`
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: `30`
`page` integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: `1`

Códigos de estado de respuesta HTTP para "List bypass requests for secret scanning for a repository"

status code	Descripción
`200`	A list of the bypass requests.
`403`	Forbidden
`404`	Resource not found
`500`	Internal Error

Ejemplos de código para "List bypass requests for secret scanning for a repository"

Ejemplo de solicitud

get/repos/{owner}/{repo}/bypass-requests/secret-scanning

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/bypass-requests/secret-scanning

A list of the bypass requests.

Status: 200

[
  {
    "id": 21,
    "number": 42,
    "repository": {
      "id": 1,
      "name": "smile",
      "full_name": "octo-org/smile"
    },
    "organization": {
      "id": 1,
      "name": "octo-org"
    },
    "requester": {
      "actor_id": 12,
      "actor_name": "monalisa"
    },
    "request_type": "secret_scanning",
    "data": [
      {
        "secret_type": "adafruit_io_key",
        "bypass_reason": "used_in_tests",
        "path": "/tests/README.md:16:0",
        "branch": "refs/heads/main"
      }
    ],
    "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132",
    "status": "denied",
    "requester_comment": "Test token used in the readme as an example",
    "expires_at": "2024-07-08T08:43:03Z",
    "created_at": "2024-07-01T08:43:03Z",
    "responses": [
      {
        "id": 42,
        "reviewer": {
          "actor_id": 4,
          "actor_name": "octocat"
        },
        "status": "denied",
        "created_at": "2024-07-02T08:43:04Z"
      }
    ],
    "url": "https://HOSTNAME/repos/octo-org/smile/bypass-requests/secret-scanning/1",
    "html_url": "https://github.com/octo-org/smile/exemptions/1"
  },
  {
    "id": 12,
    "number": 24,
    "repository": {
      "id": 1,
      "name": "smile",
      "full_name": "octo-org/smile"
    },
    "organization": {
      "id": 1,
      "name": "octo-org"
    },
    "requester": {
      "actor_id": 12,
      "actor_name": "monalisa"
    },
    "request_type": "secret_scanning",
    "data": [
      {
        "secret_type": "adafruit_io_key",
        "bypass_reason": "fix_later",
        "path": "README.md:17:0",
        "branch": "refs/heads/my-branch"
      }
    ],
    "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555",
    "status": "denied",
    "requester_comment": "Token is already revoked, I'll remove it later",
    "expires_at": "2024-07-08T07:43:03Z",
    "created_at": "2024-07-01T07:43:03Z",
    "responses": [
      {
        "id": 42,
        "reviewer": {
          "actor_id": 4,
          "actor_name": "octocat"
        },
        "status": "denied",
        "created_at": "2024-07-02T08:43:04Z"
      }
    ],
    "url": "https://HOSTNAME/repos/octo-org/smile/bypass-requests/secret-scanning/2",
    "html_url": "https://github.com/octo-org/smile/exemptions/2"
  }
]

Get a bypass request for secret scanning

Gets a specific request to bypass secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Tokens de acceso específicos para "Get a bypass request for secret scanning"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

"Secret scanning alerts" repository permissions (read) and "Organization bypass requests for secret scanning" organization permissions (read)

Parámetros para "Get a bypass request for secret scanning"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.

Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository without the `.git` extension. The name is not case sensitive.
`bypass_request_number` integer Requerido The number that identifies the bypass request in a repository.

Códigos de estado de respuesta HTTP para "Get a bypass request for secret scanning"

status code	Descripción
`200`	A single bypass request.
`403`	Forbidden
`404`	Resource not found
`500`	Internal Error

Ejemplos de código para "Get a bypass request for secret scanning"

Ejemplo de solicitud

get/repos/{owner}/{repo}/bypass-requests/secret-scanning/{bypass_request_number}

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/bypass-requests/secret-scanning/BYPASS_REQUEST_NUMBER

A single bypass request.

Status: 200

{
  "id": 21,
  "number": 42,
  "repository": {
    "id": 1,
    "name": "smile",
    "full_name": "octo-org/smile"
  },
  "organization": {
    "id": 1,
    "name": "octo-org"
  },
  "requester": {
    "actor_id": 12,
    "actor_name": "monalisa"
  },
  "request_type": "secret_scanning",
  "data": [
    {
      "secret_type": "adafruit_io_key",
      "bypass_reason": "used_in_tests",
      "path": "/tests/README.md:16:0",
      "branch": "refs/heads/main"
    }
  ],
  "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132",
  "status": "denied",
  "requester_comment": "Test token used in the readme as an example",
  "expires_at": "2024-07-08T08:43:03Z",
  "created_at": "2024-07-01T08:43:03Z",
  "responses": [
    {
      "id": 42,
      "reviewer": {
        "actor_id": 4,
        "actor_name": "octocat"
      },
      "status": "denied",
      "created_at": "2024-07-02T08:43:04Z"
    }
  ],
  "url": "https://HOSTNAME/repos/octo-org/smile/bypass-requests/secret-scanning/1",
  "html_url": "https://github.com/octo-org/smile/exemptions/1"
}

Review a bypass request for secret scanning

Approve or deny a request to bypass secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Tokens de acceso específicos para "Review a bypass request for secret scanning"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener al menos uno de los siguientes conjuntos de permisos:

"Secret scanning alerts" repository permissions (read) and "Organization bypass requests for secret scanning" organization permissions (write)
"Secret scanning alerts" repository permissions (read) and "Secret scanning push protection bypass requests" repository permissions (write)

Parámetros para "Review a bypass request for secret scanning"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.

Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository without the `.git` extension. The name is not case sensitive.
`bypass_request_number` integer Requerido The number that identifies the bypass request in a repository.

Parámetros del cuerpo
Nombre, Tipo, Descripción
`status` string Requerido The review action to perform on the bypass request. Puede ser uno de los siguientes: `approve`, `reject`
`message` string Requerido A message to include with the review. Has a maximum character length of 2048.

Códigos de estado de respuesta HTTP para "Review a bypass request for secret scanning"

status code	Descripción
`200`	The review of the bypass request.
`403`	Forbidden
`404`	Resource not found
`422`	Validation failed, or the endpoint has been spammed.
`500`	Internal Error

Ejemplos de código para "Review a bypass request for secret scanning"

Ejemplo de solicitud

patch/repos/{owner}/{repo}/bypass-requests/secret-scanning/{bypass_request_number}

curl -L \
  -X PATCH \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/bypass-requests/secret-scanning/BYPASS_REQUEST_NUMBER \
  -d '{"status":"reject","message":"This secret has not been revoked."}'

The review of the bypass request.

Status: 200

{
  "bypass_review_id": 1
}

Dismiss a response on a bypass request for secret scanning

Dissmiss a response given to a bypass request for secret scanning push protection in a repository.

Delegated bypass must be enabled on the repository and the user must be a bypass reviewer to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Tokens de acceso específicos para "Dismiss a response on a bypass request for secret scanning"

Este punto de conexión funciona con los siguientes tipos de token pormenorizados:

El token pormenorizado debe tener el siguiente conjunto de permisos:

"Secret scanning alerts" repository permissions (read)

Parámetros para "Dismiss a response on a bypass request for secret scanning"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.

Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository without the `.git` extension. The name is not case sensitive.
`bypass_response_id` integer Requerido ID of the bypass response.

Códigos de estado de respuesta HTTP para "Dismiss a response on a bypass request for secret scanning"

status code	Descripción
`204`	Review was successfully dismissed.
`403`	Forbidden
`404`	Resource not found
`422`	Validation failed, or the endpoint has been spammed.
`500`	Internal Error

Ejemplos de código para "Dismiss a response on a bypass request for secret scanning"

Ejemplo de solicitud

delete/repos/{owner}/{repo}/bypass-responses/secret-scanning/{bypass_response_id}

curl -L \
  -X DELETE \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/bypass-responses/secret-scanning/BYPASS_RESPONSE_ID

Review was successfully dismissed.

Status: 204