REST API endpoints for rules - GitHub Docs (original) (raw)
Use the REST API to manage rulesets for repositories. Rulesets control how people can interact with selected branches and tags in a repository.
Get rules for a branch
Returns all active rules that apply to the specified branch. The branch does not need to exist; rules that would apply to a branch with that name will be returned. All active rules that apply will be returned, regardless of the level at which they are configured (e.g. repository or organization). Rules in rulesets with "evaluate" or "disabled" enforcement statuses are not returned.
Fine-grained access tokens for "Get rules for a branch"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Metadata" repository permissions (read)
This endpoint can be used without authentication or the aforementioned permissions if only public resources are requested.
Parameters for "Get rules for a branch"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
| branch string RequiredThe name of the branch. Cannot contain wildcard characters. To use wildcard characters in branch names, use the GraphQL API. |
Query parameters
| Name, Type, Description |
|---|
| per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API."Default: 30 |
| page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API."Default: 1 |
HTTP response status codes for "Get rules for a branch"
| Status code | Description |
|---|---|
| 200 | OK |
Code samples for "Get rules for a branch"
Request example
get/repos/{owner}/{repo}/rules/branches/{branch}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rules/branches/BRANCH
Response
Status: 200
[ { "type": "commit_message_pattern", "ruleset_source_type": "Repository", "ruleset_source": "monalisa/my-repo", "ruleset_id": 42, "parameters": { "operator": "starts_with", "pattern": "issue" } }, { "type": "commit_author_email_pattern", "ruleset_source_type": "Organization", "ruleset_source": "my-org", "ruleset_id": 73, "parameters": { "operator": "contains", "pattern": "github" } } ]
Get all repository rulesets
Get all the rulesets for a repository.
Fine-grained access tokens for "Get all repository rulesets"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Metadata" repository permissions (read)
This endpoint can be used without authentication or the aforementioned permissions if only public resources are requested.
Parameters for "Get all repository rulesets"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
Query parameters
| Name, Type, Description |
|---|
| per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API."Default: 30 |
| page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API."Default: 1 |
| includes_parents boolean Include rulesets configured at higher levels that apply to this repositoryDefault: true |
| targets string A comma-separated list of rule targets to filter by. If provided, only rulesets that apply to the specified targets will be returned. For example, branch,tag,push. |
HTTP response status codes for "Get all repository rulesets"
| Status code | Description |
|---|---|
| 200 | OK |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Get all repository rulesets"
Request example
get/repos/{owner}/{repo}/rulesets
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets
Response
Status: 200
[ { "id": 42, "name": "super cool ruleset", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "enabled", "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }, { "id": 314, "name": "Another ruleset", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "enabled", "node_id": "RRS_lACkVXNlcgQQ", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/314" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/314" } }, "created_at": "2023-08-15T08:43:03Z", "updated_at": "2023-09-23T16:29:47Z" } ]
Create a repository ruleset
Create a ruleset for a repository.
Fine-grained access tokens for "Create a repository ruleset"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" repository permissions (write)
Parameters for "Create a repository ruleset"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
Body parameters
| Name, Type, Description |
|---|
| name string RequiredThe name of the ruleset. |
| target string The target of the rulesetDefault: branchCan be one of: branch, tag, push |
| enforcement string RequiredThe enforcement level of the ruleset. evaluate allows admins to test rules before enforcing them. Admins can view insights on the Rule Insights page (evaluate is only available with GitHub Enterprise).Can be one of: disabled, active, evaluate |
| bypass_actors array of objects The actors that can bypass the rules in this ruleset |
| Properties of bypass_actorsName, Type, Descriptionactor_id integer or null The ID of the actor that can bypass a ruleset. If actor_type is OrganizationAdmin, this should be 1. If actor_type is DeployKey, this should be null. OrganizationAdmin is not applicable for personal repositories.actor_type string RequiredThe type of actor that can bypass a ruleset.Can be one of: Integration, OrganizationAdmin, RepositoryRole, Team, DeployKey bypass_mode string When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. pull_request is not applicable for the DeployKey actor type. Also, pull_request is only applicable to branch rulesets.Default: alwaysCan be one of: always, pull_request |
| conditions object Parameters for a repository ruleset ref name condition |
| Properties of conditionsName, Type, Descriptionref_name object Properties of ref_nameName, Type, Descriptioninclude array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts ~DEFAULT_BRANCH to include the default branch or ~ALL to include all branches.exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
| rules array of objects An array of rules within the ruleset. |
| Can be one of these objects:Name, Type, Descriptioncreation object RequiredOnly allow users with bypass permission to create matching refs.Properties of creationName, Type, Descriptiontype string RequiredValue: creation update object RequiredOnly allow users with bypass permission to update matching refs.Properties of updateName, Type, Descriptiontype string RequiredValue: update parameters object Properties of parametersName, Type, Descriptionupdate_allows_fetch_and_merge boolean RequiredBranch can pull changes from its upstream repositorydeletion object RequiredOnly allow users with bypass permissions to delete matching refs.Properties of deletionName, Type, Descriptiontype string RequiredValue: deletion required_linear_history object RequiredPrevent merge commits from being pushed to matching refs.Properties of required_linear_historyName, Type, Descriptiontype string RequiredValue: required_linear_history merge_queue object RequiredMerges must be performed via a merge queue.Properties of merge_queueName, Type, Descriptiontype string RequiredValue: merge_queue parameters object Properties of parametersName, Type, Descriptioncheck_response_timeout_minutes integer RequiredMaximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failedgrouping_strategy string RequiredWhen set to ALLGREEN, the merge commit created by merge queue for each PR in the group must pass all required checks to merge. When set to HEADGREEN, only the commit at the head of the merge group, i.e. the commit containing changes from all of the PRs in the group, must pass its required checks to merge.Can be one of: ALLGREEN, HEADGREEN max_entries_to_build integer RequiredLimit the number of queued pull requests requesting checks and workflow runs at the same time.max_entries_to_merge integer RequiredThe maximum number of PRs that will be merged together in a group.merge_method string RequiredMethod to use when merging changes from queued pull requests.Can be one of: MERGE, SQUASH, REBASE min_entries_to_merge integer RequiredThe minimum number of PRs that will be merged together in a group.min_entries_to_merge_wait_minutes integer RequiredThe time merge queue should wait after the first PR is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.required_deployments object RequiredChoose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.Properties of required_deploymentsName, Type, Descriptiontype string RequiredValue: required_deployments parameters object Properties of parametersName, Type, Descriptionrequired_deployment_environments array of strings RequiredThe environments that must be successfully deployed to before branches can be merged.required_signatures object RequiredCommits pushed to matching refs must have verified signatures.Properties of required_signaturesName, Type, Descriptiontype string RequiredValue: required_signatures pull_request object RequiredRequire all commits be made to a non-target branch and submitted via a pull request before they can be merged.Properties of pull_requestName, Type, Descriptiontype string RequiredValue: pull_request parameters object Properties of parametersName, Type, Descriptionallowed_merge_methods array of strings Array of allowed merge methods. Allowed values include merge, squash, and rebase. At least one option must be enabled. Supported values are: merge, squash, rebaseautomatic_copilot_code_review_enabled boolean Automatically request review from Copilot for new pull requests, if the author has access to Copilot code review.dismiss_stale_reviews_on_push boolean RequiredNew, reviewable commits pushed will dismiss previous pull request review approvals.require_code_owner_review boolean RequiredRequire an approving review in pull requests that modify files that have a designated code owner.require_last_push_approval boolean RequiredWhether the most recent reviewable push must be approved by someone other than the person who pushed it.required_approving_review_count integer RequiredThe number of approving reviews that are required before a pull request can be merged.required_review_thread_resolution boolean RequiredAll conversations on code must be resolved before a pull request can be merged.required_status_checks object RequiredChoose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.Properties of required_status_checksName, Type, Descriptiontype string RequiredValue: required_status_checks parameters object Properties of parametersName, Type, Descriptiondo_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it.required_status_checks array of objects RequiredStatus checks that are required.Properties of required_status_checksName, Type, Descriptioncontext string RequiredThe status check context name that must be present on the commit.integration_id integer The optional integration ID that this status check must originate from.strict_required_status_checks_policy boolean RequiredWhether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.non_fast_forward object RequiredPrevent users with push access from force pushing to refs.Properties of non_fast_forwardName, Type, Descriptiontype string RequiredValue: non_fast_forward commit_message_pattern object RequiredParameters to be used for the commit_message_pattern ruleProperties of commit_message_patternName, Type, Descriptiontype string RequiredValue: commit_message_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.commit_author_email_pattern object RequiredParameters to be used for the commit_author_email_pattern ruleName, Type, Descriptiontype string RequiredValue: commit_author_email_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.committer_email_pattern object RequiredParameters to be used for the committer_email_pattern ruleProperties of committer_email_patternName, Type, Descriptiontype string RequiredValue: committer_email_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.branch_name_pattern object RequiredParameters to be used for the branch_name_pattern ruleProperties of branch_name_patternName, Type, Descriptiontype string RequiredValue: branch_name_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.tag_name_pattern object RequiredParameters to be used for the tag_name_pattern ruleProperties of tag_name_patternName, Type, Descriptiontype string RequiredValue: tag_name_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.file_path_restriction object RequiredPrevent commits that include changes in specified file and folder paths from being pushed to the commit graph. This includes absolute paths that contain file names.Properties of file_path_restrictionName, Type, Descriptiontype string RequiredValue: file_path_restriction parameters object Properties of parametersName, Type, Descriptionrestricted_file_paths array of strings RequiredThe file paths that are restricted from being pushed to the commit graph.max_file_path_length object RequiredPrevent commits that include file paths that exceed the specified character limit from being pushed to the commit graph.Properties of max_file_path_lengthName, Type, Descriptiontype string RequiredValue: max_file_path_length parameters object Properties of parametersName, Type, Descriptionmax_file_path_length integer RequiredThe maximum amount of characters allowed in file paths.file_extension_restriction object RequiredPrevent commits that include files with specified file extensions from being pushed to the commit graph.Properties of file_extension_restrictionName, Type, Descriptiontype string RequiredValue: file_extension_restriction parameters object Properties of parametersName, Type, Descriptionrestricted_file_extensions array of strings RequiredThe file extensions that are restricted from being pushed to the commit graph.max_file_size object RequiredPrevent commits with individual files that exceed the specified limit from being pushed to the commit graph.Properties of max_file_sizeName, Type, Descriptiontype string RequiredValue: max_file_size parameters object Properties of parametersName, Type, Descriptionmax_file_size integer RequiredThe maximum file size allowed in megabytes. This limit does not apply to Git Large File Storage (Git LFS).workflows object RequiredRequire all changes made to a targeted branch to pass the specified workflows before they can be merged.Properties of workflowsName, Type, Descriptiontype string RequiredValue: workflows parameters object Properties of parametersName, Type, Descriptiondo_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it.workflows array of objects RequiredWorkflows that must pass for this rule to pass.Properties of workflowsName, Type, Descriptionpath string RequiredThe path to the workflow fileref string The ref (branch or tag) of the workflow file to userepository_id integer RequiredThe ID of the repository where the workflow is definedsha string The commit SHA of the workflow file to usecode_scanning object RequiredChoose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.Properties of code_scanningName, Type, Descriptiontype string RequiredValue: code_scanning parameters object Properties of parametersName, Type, Descriptioncode_scanning_tools array of objects RequiredTools that must provide code scanning results for this rule to pass.Properties of code_scanning_toolsName, Type, Descriptionalerts_threshold string RequiredThe severity level at which code scanning results that raise alerts block a reference update. For more information on alert severity levels, see "About code scanning alerts."Can be one of: none, errors, errors_and_warnings, all security_alerts_threshold string RequiredThe severity level at which code scanning results that raise security alerts block a reference update. For more information on security severity levels, see "About code scanning alerts."Can be one of: none, critical, high_or_higher, medium_or_higher, all tool string RequiredThe name of a code scanning tool |
HTTP response status codes for "Create a repository ruleset"
| Status code | Description |
|---|---|
| 201 | Created |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Create a repository ruleset"
Request example
post/repos/{owner}/{repo}/rulesets
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets \ -d '{"name":"super cool ruleset","target":"branch","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"ref_name":{"include":["refs/heads/main","refs/heads/master"],"exclude":["refs/heads/dev*"]}},"rules":[{"type":"commit_author_email_pattern","parameters":{"operator":"contains","pattern":"github"}}]}'
Response
Status: 201
{ "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ], "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }
Get a repository ruleset
Get a ruleset for a repository.
Note: To prevent leaking sensitive information, the bypass_actors property is only returned if the user making the API request has write access to the ruleset.
Fine-grained access tokens for "Get a repository ruleset"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Metadata" repository permissions (read)
This endpoint can be used without authentication or the aforementioned permissions if only public resources are requested.
Parameters for "Get a repository ruleset"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
| ruleset_id integer RequiredThe ID of the ruleset. |
Query parameters
| Name, Type, Description |
|---|
| includes_parents boolean Include rulesets configured at higher levels that apply to this repositoryDefault: true |
HTTP response status codes for "Get a repository ruleset"
| Status code | Description |
|---|---|
| 200 | OK |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Get a repository ruleset"
Request example
get/repos/{owner}/{repo}/rulesets/{ruleset_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID
Response
Status: 200
{ "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ], "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }
Update a repository ruleset
Update a ruleset for a repository.
Fine-grained access tokens for "Update a repository ruleset"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" repository permissions (write)
Parameters for "Update a repository ruleset"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
| ruleset_id integer RequiredThe ID of the ruleset. |
Body parameters
| Name, Type, Description |
|---|
| name string The name of the ruleset. |
| target string The target of the rulesetCan be one of: branch, tag, push |
| enforcement string The enforcement level of the ruleset. evaluate allows admins to test rules before enforcing them. Admins can view insights on the Rule Insights page (evaluate is only available with GitHub Enterprise).Can be one of: disabled, active, evaluate |
| bypass_actors array of objects The actors that can bypass the rules in this ruleset |
| Properties of bypass_actorsName, Type, Descriptionactor_id integer or null The ID of the actor that can bypass a ruleset. If actor_type is OrganizationAdmin, this should be 1. If actor_type is DeployKey, this should be null. OrganizationAdmin is not applicable for personal repositories.actor_type string RequiredThe type of actor that can bypass a ruleset.Can be one of: Integration, OrganizationAdmin, RepositoryRole, Team, DeployKey bypass_mode string When the specified actor can bypass the ruleset. pull_request means that an actor can only bypass rules on pull requests. pull_request is not applicable for the DeployKey actor type. Also, pull_request is only applicable to branch rulesets.Default: alwaysCan be one of: always, pull_request |
| conditions object Parameters for a repository ruleset ref name condition |
| Properties of conditionsName, Type, Descriptionref_name object Properties of ref_nameName, Type, Descriptioninclude array of strings Array of ref names or patterns to include. One of these patterns must match for the condition to pass. Also accepts ~DEFAULT_BRANCH to include the default branch or ~ALL to include all branches.exclude array of strings Array of ref names or patterns to exclude. The condition will not pass if any of these patterns match. |
| rules array of objects An array of rules within the ruleset. |
| Can be one of these objects:Name, Type, Descriptioncreation object RequiredOnly allow users with bypass permission to create matching refs.Properties of creationName, Type, Descriptiontype string RequiredValue: creation update object RequiredOnly allow users with bypass permission to update matching refs.Properties of updateName, Type, Descriptiontype string RequiredValue: update parameters object Properties of parametersName, Type, Descriptionupdate_allows_fetch_and_merge boolean RequiredBranch can pull changes from its upstream repositorydeletion object RequiredOnly allow users with bypass permissions to delete matching refs.Properties of deletionName, Type, Descriptiontype string RequiredValue: deletion required_linear_history object RequiredPrevent merge commits from being pushed to matching refs.Properties of required_linear_historyName, Type, Descriptiontype string RequiredValue: required_linear_history merge_queue object RequiredMerges must be performed via a merge queue.Properties of merge_queueName, Type, Descriptiontype string RequiredValue: merge_queue parameters object Properties of parametersName, Type, Descriptioncheck_response_timeout_minutes integer RequiredMaximum time for a required status check to report a conclusion. After this much time has elapsed, checks that have not reported a conclusion will be assumed to have failedgrouping_strategy string RequiredWhen set to ALLGREEN, the merge commit created by merge queue for each PR in the group must pass all required checks to merge. When set to HEADGREEN, only the commit at the head of the merge group, i.e. the commit containing changes from all of the PRs in the group, must pass its required checks to merge.Can be one of: ALLGREEN, HEADGREEN max_entries_to_build integer RequiredLimit the number of queued pull requests requesting checks and workflow runs at the same time.max_entries_to_merge integer RequiredThe maximum number of PRs that will be merged together in a group.merge_method string RequiredMethod to use when merging changes from queued pull requests.Can be one of: MERGE, SQUASH, REBASE min_entries_to_merge integer RequiredThe minimum number of PRs that will be merged together in a group.min_entries_to_merge_wait_minutes integer RequiredThe time merge queue should wait after the first PR is added to the queue for the minimum group size to be met. After this time has elapsed, the minimum group size will be ignored and a smaller group will be merged.required_deployments object RequiredChoose which environments must be successfully deployed to before refs can be pushed into a ref that matches this rule.Properties of required_deploymentsName, Type, Descriptiontype string RequiredValue: required_deployments parameters object Properties of parametersName, Type, Descriptionrequired_deployment_environments array of strings RequiredThe environments that must be successfully deployed to before branches can be merged.required_signatures object RequiredCommits pushed to matching refs must have verified signatures.Properties of required_signaturesName, Type, Descriptiontype string RequiredValue: required_signatures pull_request object RequiredRequire all commits be made to a non-target branch and submitted via a pull request before they can be merged.Properties of pull_requestName, Type, Descriptiontype string RequiredValue: pull_request parameters object Properties of parametersName, Type, Descriptionallowed_merge_methods array of strings Array of allowed merge methods. Allowed values include merge, squash, and rebase. At least one option must be enabled. Supported values are: merge, squash, rebaseautomatic_copilot_code_review_enabled boolean Automatically request review from Copilot for new pull requests, if the author has access to Copilot code review.dismiss_stale_reviews_on_push boolean RequiredNew, reviewable commits pushed will dismiss previous pull request review approvals.require_code_owner_review boolean RequiredRequire an approving review in pull requests that modify files that have a designated code owner.require_last_push_approval boolean RequiredWhether the most recent reviewable push must be approved by someone other than the person who pushed it.required_approving_review_count integer RequiredThe number of approving reviews that are required before a pull request can be merged.required_review_thread_resolution boolean RequiredAll conversations on code must be resolved before a pull request can be merged.required_status_checks object RequiredChoose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.Properties of required_status_checksName, Type, Descriptiontype string RequiredValue: required_status_checks parameters object Properties of parametersName, Type, Descriptiondo_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it.required_status_checks array of objects RequiredStatus checks that are required.Properties of required_status_checksName, Type, Descriptioncontext string RequiredThe status check context name that must be present on the commit.integration_id integer The optional integration ID that this status check must originate from.strict_required_status_checks_policy boolean RequiredWhether pull requests targeting a matching branch must be tested with the latest code. This setting will not take effect unless at least one status check is enabled.non_fast_forward object RequiredPrevent users with push access from force pushing to refs.Properties of non_fast_forwardName, Type, Descriptiontype string RequiredValue: non_fast_forward commit_message_pattern object RequiredParameters to be used for the commit_message_pattern ruleProperties of commit_message_patternName, Type, Descriptiontype string RequiredValue: commit_message_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.commit_author_email_pattern object RequiredParameters to be used for the commit_author_email_pattern ruleProperties of commit_author_email_patternName, Type, Descriptiontype string RequiredValue: commit_author_email_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.committer_email_pattern object RequiredParameters to be used for the committer_email_pattern ruleProperties of committer_email_patternName, Type, Descriptiontype string RequiredValue: committer_email_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.branch_name_pattern object RequiredParameters to be used for the branch_name_pattern ruleProperties of branch_name_patternName, Type, Descriptiontype string RequiredValue: branch_name_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.tag_name_pattern object RequiredParameters to be used for the tag_name_pattern ruleProperties of tag_name_patternName, Type, Descriptiontype string RequiredValue: tag_name_pattern parameters object Properties of parametersName, Type, Descriptionname string How this rule will appear to users.negate boolean If true, the rule will fail if the pattern matches.operator string RequiredThe operator to use for matching.Can be one of: starts_with, ends_with, contains, regex pattern string RequiredThe pattern to match with.file_path_restriction object RequiredPrevent commits that include changes in specified file and folder paths from being pushed to the commit graph. This includes absolute paths that contain file names.Properties of file_path_restrictionName, Type, Descriptiontype string RequiredValue: file_path_restriction parameters object Properties of parametersName, Type, Descriptionrestricted_file_paths array of strings RequiredThe file paths that are restricted from being pushed to the commit graph.max_file_path_length object RequiredPrevent commits that include file paths that exceed the specified character limit from being pushed to the commit graph.Properties of max_file_path_lengthName, Type, Descriptiontype string RequiredValue: max_file_path_length parameters object Properties of parametersName, Type, Descriptionmax_file_path_length integer RequiredThe maximum amount of characters allowed in file paths.file_extension_restriction object RequiredPrevent commits that include files with specified file extensions from being pushed to the commit graph.Properties of file_extension_restrictionName, Type, Descriptiontype string RequiredValue: file_extension_restriction parameters object Properties of parametersName, Type, Descriptionrestricted_file_extensions array of strings RequiredThe file extensions that are restricted from being pushed to the commit graph.max_file_size object RequiredPrevent commits with individual files that exceed the specified limit from being pushed to the commit graph.Properties of max_file_sizeName, Type, Descriptiontype string RequiredValue: max_file_size parameters object Properties of parametersName, Type, Descriptionmax_file_size integer RequiredThe maximum file size allowed in megabytes. This limit does not apply to Git Large File Storage (Git LFS).workflows object RequiredRequire all changes made to a targeted branch to pass the specified workflows before they can be merged.Properties of workflowsName, Type, Descriptiontype string RequiredValue: workflows parameters object Properties of parametersName, Type, Descriptiondo_not_enforce_on_create boolean Allow repositories and branches to be created if a check would otherwise prohibit it.workflows array of objects RequiredWorkflows that must pass for this rule to pass.Properties of workflowsName, Type, Descriptionpath string RequiredThe path to the workflow fileref string The ref (branch or tag) of the workflow file to userepository_id integer RequiredThe ID of the repository where the workflow is definedsha string The commit SHA of the workflow file to usecode_scanning object RequiredChoose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.Properties of code_scanningName, Type, Descriptiontype string RequiredValue: code_scanning parameters object Properties of parametersName, Type, Descriptioncode_scanning_tools array of objects RequiredTools that must provide code scanning results for this rule to pass.Properties of code_scanning_toolsName, Type, Descriptionalerts_threshold string RequiredThe severity level at which code scanning results that raise alerts block a reference update. For more information on alert severity levels, see "About code scanning alerts."Can be one of: none, errors, errors_and_warnings, all security_alerts_threshold string RequiredThe severity level at which code scanning results that raise security alerts block a reference update. For more information on security severity levels, see "About code scanning alerts."Can be one of: none, critical, high_or_higher, medium_or_higher, all tool string RequiredThe name of a code scanning tool |
HTTP response status codes for "Update a repository ruleset"
| Status code | Description |
|---|---|
| 200 | OK |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Update a repository ruleset"
Request example
put/repos/{owner}/{repo}/rulesets/{ruleset_id}
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID \ -d '{"name":"super cool ruleset","target":"branch","enforcement":"active","bypass_actors":[{"actor_id":234,"actor_type":"Team","bypass_mode":"always"}],"conditions":{"ref_name":{"include":["refs/heads/main","refs/heads/master"],"exclude":["refs/heads/dev*"]}},"rules":[{"type":"commit_author_email_pattern","parameters":{"operator":"contains","pattern":"github"}}]}'
Response
Status: 200
{ "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ], "node_id": "RRS_lACkVXNlcgQB", "_links": { "self": { "href": "https://api.github.com/repos/monalisa/my-repo/rulesets/42" }, "html": { "href": "https://github.com/monalisa/my-repo/rules/42" } }, "created_at": "2023-07-15T08:43:03Z", "updated_at": "2023-08-23T16:29:47Z" }
Delete a repository ruleset
Delete a ruleset for a repository.
Fine-grained access tokens for "Delete a repository ruleset"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" repository permissions (write)
Parameters for "Delete a repository ruleset"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
| ruleset_id integer RequiredThe ID of the ruleset. |
HTTP response status codes for "Delete a repository ruleset"
| Status code | Description |
|---|---|
| 204 | No Content |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Delete a repository ruleset"
Request example
delete/repos/{owner}/{repo}/rulesets/{ruleset_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID
Response
Get repository ruleset history
Get the history of a repository ruleset.
Fine-grained access tokens for "Get repository ruleset history"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" repository permissions (write)
Parameters for "Get repository ruleset history"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
| ruleset_id integer RequiredThe ID of the ruleset. |
Query parameters
| Name, Type, Description |
|---|
| per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API."Default: 30 |
| page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API."Default: 1 |
HTTP response status codes for "Get repository ruleset history"
| Status code | Description |
|---|---|
| 200 | OK |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Get repository ruleset history"
Request example
get/repos/{owner}/{repo}/rulesets/{ruleset_id}/history
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID/history
Response
Status: 200
[ { "version_id": 3, "actor": { "id": 1, "type": "User" }, "updated_at": "2024-010-23T16:29:47Z" }, { "version_id": 2, "actor": { "id": 2, "type": "User" }, "updated_at": "2024-09-23T16:29:47Z" }, { "version_id": 1, "actor": { "id": 1, "type": "User" }, "updated_at": "2024-08-23T16:29:47Z" } ]
Get repository ruleset version
Get a version of a repository ruleset.
Fine-grained access tokens for "Get repository ruleset version"
This endpoint works with the following fine-grained token types:
- GitHub App user access tokens
- GitHub App installation access tokens
- Fine-grained personal access tokens
The fine-grained token must have the following permission set:
- "Administration" repository permissions (write)
Parameters for "Get repository ruleset version"
Headers
| Name, Type, Description |
|---|
| accept string Setting to application/vnd.github+json is recommended. |
Path parameters
| Name, Type, Description |
|---|
| owner string RequiredThe account owner of the repository. The name is not case sensitive. |
| repo string RequiredThe name of the repository without the .git extension. The name is not case sensitive. |
| ruleset_id integer RequiredThe ID of the ruleset. |
| version_id integer RequiredThe ID of the version |
HTTP response status codes for "Get repository ruleset version"
| Status code | Description |
|---|---|
| 200 | OK |
| 404 | Resource not found |
| 500 | Internal Error |
Code samples for "Get repository ruleset version"
Request example
get/repos/{owner}/{repo}/rulesets/{ruleset_id}/history/{version_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/rulesets/RULESET_ID/history/VERSION_ID
Response
Status: 200
[ { "version_id": 3, "actor": { "id": 1, "type": "User" }, "updated_at": "2024-010-23T16:29:47Z", "state": { "id": 42, "name": "super cool ruleset", "target": "branch", "source_type": "Repository", "source": "monalisa/my-repo", "enforcement": "active", "bypass_actors": [ { "actor_id": 234, "actor_type": "Team", "bypass_mode": "always" } ], "conditions": { "ref_name": { "include": [ "refs/heads/main", "refs/heads/master" ], "exclude": [ "refs/heads/dev*" ] } }, "rules": [ { "type": "commit_author_email_pattern", "parameters": { "operator": "contains", "pattern": "github" } } ] } } ]