octokit/rest.js

octokit/rest.js

Usage

Import the Octokit constructor based on your platform.

Browsers

Load @octokit/rest directly from cdn.skypack.dev
<script type="module">
  import { Octokit } from "https://cdn.skypack.dev/@octokit/rest";
</script>

Node

Install with npm install @octokit/rest
const { Octokit } = require("@octokit/rest");
// or: import { Octokit } from "@octokit/rest";

const { Octokit } = require("@octokit/rest");

Now instantiate your octokit API. All options are optional, but authentication is strongly encouraged.

const octokit = new Octokit({

You can set auth to a personal access token string.

Learn more about authentication.

  auth: "secret123",

Setting a user agent is required. It defaults to octokit/rest.js v1.2.3 where v1.2.3 is the current version of @octokit/rest, but you should set it to something that identifies your app or script.

  userAgent: 'myApp v1.2.3',

API Previews can be enabled globally by setting the previews option. They can be set per-request as well.

Learn more about API Previews.

  previews: ['jean-grey', 'symmetra'],

A default time zone can be enabled by setting the timeZone option.

  timeZone: 'Europe/Amsterdam',

Learn more about using time zones with the GitHub API.

In order to use Octokit with GitHub Enterprise, set the baseUrl option.

  baseUrl: 'https://api.github.com',

For custom logging, pass an object with debug, info, warn and error methods as the log option.

Learn more about logging and debugging.

  log: {
    debug: () => {},
    info: () => {},
    warn: console.warn,
    error: console.error
  },

Custom request options can be passed as request.* options. See @octokit/request options. The same options can be passed to each endpoint request method.

  request: {
    agent: undefined,
    fetch: undefined,
    timeout: 0
  }
})

Most of GitHub’s REST API endpoints have matching methods. All endpoint methods are asynchronous, in order to use await in the code examples, we wrap them into an anonymous async function.

(async () => {

For example to retrieve a pull request, use octokit.rest.pulls.get(). We recommend to use the search above to find the endpoint method you are looking for

const { data: pullRequest } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 123,
});

Some API endpoints support alternative response formats, see Media types. For example, to request the above pull request in a diff format, pass the mediaType.format option.

Learn more about request formats.

const { data: diff } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 123,
  mediaType: {
    format: "diff",
  },
});

For the API endpoints that do not have a matching method, such as the root endpoint or legacy endpoints, you can send custom requests.

Learn more about custom requests.

const { data: root } = await octokit.request("GET /");

You can also register custom endpoint methods, which is particularly useful if you participate in a private beta.

Learn more about custom endpoint methods.

await octokit.registerEndpoints({
  misc: {
    getRoot: {
      method: "GET",
      url: "/",
    },
  },
});

Some endpoints return a list which has to be paginated in order to retrieve the complete data set.

Learn more about pagination.

  octokit.paginate(octokit.rest.issues.listForRepo, {
    owner: 'octokit',
    repo: 'rest.js'
  })
    .then(issues => {
      // issues is an array of all issue objects
    })
})

You can add more functionality with plugins. We recommend the retry and throttling plugins.

Learn more about throttling, automatic retries and building your own Plugins.

import { retry } from "@octokit/plugin-retry";
import { throttling } from "@octokit/plugin-throttling";

const MyOctokit = Octokit.plugin(retry, throttling);

Octokit.plugin() returns a new constructor. The same options can be passed to the constructor. The options are passed on to all plugin functions as the 2nd argument.

const myOctokit = new MyOctokit({
  auth: "secret123",
  throttle: {
    onRateLimit: (retryAfter, options) => {
      myOctokit.log.warn(
        `Request quota exhausted for request ${options.method} ${options.url}`
      );

      if (options.request.retryCount === 0) {
        // only retries once
        myOctokit.log.info(`Retrying after ${retryAfter} seconds!`);
        return true;
      }
    },
    onAbuseLimit: (retryAfter, options) => {
      // does not retry, only logs a warning
      myOctokit.log.warn(
        `Abuse detected for request ${options.method} ${options.url}`
      );
    },
  },
  retry: {
    doNotRetry: ["429"],
  },
});

Authentication

Authentication is optional for some REST API endpoints accessing public data, but is required for GraphQL queries. Using authentication also increases your API rate limit.

GitHub supports different authentication strategies:

  1. Personal access token (create). This is the default authentication strategy. Set the options.auth option to the token in new Octokit(options). Learn more about the built-in @octokit/auth-token authentication strategy.
  2. OAuth Apps: authenticate using user access token created by an OAuth app, to which you granted selected permissions, or as the OAuth App itself (OAuth using client_id and client_secret). Learn more about the optional @octokit/auth-oauth-app authentication strategy
  3. GitHub Apps: authenticate using an installation access token or as GitHub App itself. Learn more about the optional @octokit/auth-app authentication strategy.
  4. GitHub Actions: authenticate using the GITHUB_TOKEN secret which is provided to GitHub Actions Workflows. Learn more about the optional @octokit/auth-action authentication strategy.

Learn more about all official and community authentication strategies.

By default, @octokit/rest authenticates using the token authentication strategy. Pass in a token using options.auth. It can be a personal access token, an OAuth token, an installation access token or a JSON Web Token for GitHub App authentication. The Authorization request header will be set according to the type of token.

const { Octokit } = require("@octokit/rest");

const octokit = new Octokit({
  auth: "mypersonalaccesstoken123",
});

// sends request with `Authorization: token mypersonalaccesstoken123` header
const { data } = await octokit.request("/user");

To use a different authentication strategy, set options.authStrategy. Here is an example for GitHub App authentication

const { Octokit } = require("@octokit/rest");
const { createAppAuth } = require("@octokit/auth-app");

const appOctokit = new Octokit({
  authStrategy: createAppAuth,
  auth: {
    appId: 123,
    privateKey: process.env.PRIVATE_KEY,
    // optional: this will make appOctokit authenticate as app (JWT)
    //           or installation (access token), depending on the request URL
    installationId: 123,
  },
});

const { data } = await appOctokit.request("/app");

The .auth() method returned by the current authentication strategy can be accessed at octokit.auth(). Example

const { token } = await appOctokit.auth({
  type: "installation",
  // defaults to `options.auth.installationId` set in the constructor
  installationId: 123,
});

Previews

To enable any of GitHub’s API Previews, pass the previews option to the GitHub constructor

const octokit = new Octokit({
  previews: ["mercy-preview"],
});

Previews can also be enabled for a single request by passing the mediaType.preview option

const {
  data: { topics },
} = await octokit.rest.repos.get({
  owner: "octokit",
  repo: "rest.js",
  mediaType: {
    previews: ["symmetra"],
  },
});

Request formats & aborts

Some API endpoints support alternative response formats, see Media types.

For example, to request a pull request as diff format, set the mediaType.format option

const { data: prDiff } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 1278,
  mediaType: {
    format: "diff",
  },
});

The AbortController interface can be used to abort one or more requests as and when desired. When the request is initiated, an AbortSignal instance can be passed as an option inside the request's options object. For usage in Node, the abort-controller package can be used.

const controller = new AbortController();
const { data: prDiff } = await octokit.rest.pulls.get({
  owner: "octokit",
  repo: "rest.js",
  pull_number: 1278,
  request: {
    signal: controller.signal,
  },
});

Use controller.abort() to abort the request when desired.

Custom requests

To send custom requests you can use the lower-level octokit.request() method

octokit.request("GET /");

The baseUrl, headers and other defaults are already set. For more information on the octokit.request() API see octokit/request.js

All the endpoint methods such as octokit.rest.repos.get() are aliases of octokit.request() with pre-bound default options. So you can use the @octokit/request API to get the default options or get generic request option to use with your preferred request library.

const defaultOptions = octokit.rest.repos.get.endpoint.DEFAULTS;
const requestOptions = octokit.rest.repos.get.endpoint({
  owner: "octokit",
  repo: "rest.js",
});

Note that authentication is not applied when retrieving request options from the *.endpoint APIs.

Pagination

All endpoint methods starting with .list* do not return all results at once but instead return the first 30 items by default, see also GitHub’s REST API pagination documentation.

To automatically receive all results across all pages, you can use the octokit.paginate() method:

octokit
  .paginate("GET /repos/{owner}/{repo}/issues", {
    owner: "octokit",
    repo: "rest.js",
  })
  .then((issues) => {
    // issues is an array of all issue objects. It is not wrapped in a { data, headers, status, url } object
    // like results from `octokit.request()` or any of the endpoint methods such as `octokit.rest.issues.listForRepo()`
  });

octokit.paginate() accepts the same options as octokit.request(). You can optionally pass an additional function to map the results from each response. The map must return a new value, usually an array with mapped data.

Note: the map function is called with the { data, headers, status, url } response object. The data property is guaranteed to be an array of the result items, even for list endpoints that respond with an object instead of an array, such as the search endpoints.

octokit
  .paginate(
    "GET /repos/{owner}/{repo}/issues",
    { owner: "octokit", repo: "rest.js" },
    (response) => response.data.map((issue) => issue.title)
  )
  .then((issueTitles) => {
    // issueTitles is now an array with the titles only
  });

To stop paginating early, you can call the done() function passed as 2nd argument to the response map function. Note that you still have to return the value you want to map the response to, otherwise the last response will be mapped to undefined.

octokit.paginate("GET /organizations", (response, done) => {
  if (response.data.find((issues) => issue.body.includes("something"))) {
    done();
  }
  return response.data;
});

To paginate responses for one of the registered endpoint methods such as octokit.rest.issues.listForRepo() you can pass the method directly as first argument to octokit.paginate:

octokit
  .paginate(octokit.rest.issues.listForRepo, {
    owner: "octokit",
    repo: "rest.js",
  })
  .then((issues) => {
    // issues is an array of all issue objects
  });

If your runtime environment supports async iterators (such as most modern browsers and Node 10+), you can iterate through each response

for await (const response of octokit.paginate.iterator(
  octokit.rest.issues.listForRepo,
  {
    owner: "octokit",
    repo: "rest.js",
  }
)) {
  // do whatever you want with each response, break out of the loop, etc.
}

octokit.paginate.iterator() accepts the same options as octokit.paginate().

Hooks

You can customize Octokit’s request lifecycle with hooks. Available methods are

octokit.hook.before("request", async (options) => {
  validate(options);
});
octokit.hook.after("request", async (response, options) => {
  console.log(`${options.method} ${options.url}: ${response.status}`);
});
octokit.hook.error("request", async (error, options) => {
  if (error.status === 304) {
    return findInCache(error.response.headers.etag);
  }

  throw error;
});
octokit.hook.wrap("request", async (request, options) => {
  // add logic before, after, catch errors or replace the request altogether
  return request(options);
});

See before-after-hook for more details on the 4 methods.

Custom endpoint methods

Note: octokit.registerEndpoints() has been deprecated.

Instead of

await octokit.registerEndpoints({
  misc: {
    getRoot: {
      method: "GET",
      url: "/",
    },
  },
});

do

Object.assign(octokit.misc, {
  getRoot: octokit.request.defaults({
    method: "GET",
    url: "/",
  }),
});

If you use octokit.registerEndpoints() in a plugin, return an object instead:

function myPlugin(octokit, options) {
  return {
    misc: {
      octokit.request.defaults({ method: "GET", url: "/" })
    }
  }
}

You can register custom endpoint methods such as octokit.rest.repos.get() using the octokit.registerEndpoints(routes) method

octokit.registerEndpoints({
  foo: {
    bar: {
      method: "PATCH",
      url: "/repos/{owner}/{repo}/foo",
      headers: {
        accept: "application/vnd.github.foo-bar-preview+json",
      },
      params: {
        owner: {
          required: true,
          type: "string",
        },
        repo: {
          required: true,
          type: "string",
        },
        baz: {
          required: true,
          type: "string",
          enum: ["qux", "quux", "quuz"],
        },
      },
    },
  },
});

octokit.foo.bar({
  owner: "octokit",
  repo: "rest.js",
  baz: "quz",
});

This is useful when you participate in private beta features and prefer the convenience of methods for the new endpoints instead of using octokit.request().

Plugins

You can customize and extend Octokit’s functionality using plugins

// index.js
const { Octokit } = require("@octokit/rest");
const MyOctokit = Octokit.plugin(
  require("./lib/my-plugin"),
  require("octokit-plugin-example")
);

// lib/my-plugin.js
module.exports = (octokit, options = { greeting: "Hello" }) => {
  // hook into the request lifecycle
  octokit.hook.wrap("request", async (request, options) => {
    const time = Date.now();
    const response = await request(options);
    octokit.log.info(
      `${options.method} ${options.url}${response.status} in ${
        Date.now() - time
      }ms`
    );
    return response;
  });

  // add a custom method: octokit.helloWorld()
  return {
    helloWorld: () => console.log(`${options.greeting}, world!`),
  };
};

.plugin accepts a function or an array of functions.

We recommend using Octokit’s log methods to help users of your plugin with debugging.

You can add new methods to the octokit instance passed as the first argument to the plugin function. The 2nd argument is the options object passed to the constructor when instantiating the octokit client.

const octokit = new MyOctokit({ greeting: "Hola" });
octokit.helloWorld();
// Hola, world!

Throttling

When you send too many requests in too little time you will likely hit errors due to rate and/or abuse limits.

In order to automatically throttle requests as recommended in GitHub’s best practices for integrators, we recommend you install the @octokit/plugin-throttling plugin.

The throttle.onAbuseLimit and throttle.onRateLimit options are required.

Return true from these functions to automatically retry the request after retryAfter seconds. Return false or undefined to skip retry and throw the error. For rate limit errors, retryAfter defaults to seconds until X-RateLimit-Reset. For abuse errors, retryAfter defaults to the retry-after header but is a minimum of five seconds.

const { Octokit } = require("@octokit/rest");
const { throttling } = require("@octokit/plugin-throttling");
const MyOctokit = Octokit.plugin(throttling);

const octokit = new MyOctokit({
  auth: "token " + process.env.TOKEN,
  throttle: {
    onRateLimit: (retryAfter, options) => {
      octokit.log.warn(
        `Request quota exhausted for request ${options.method} ${options.url}`
      );

      // Retry twice after hitting a rate limit error, then give up
      if (options.request.retryCount <= 2) {
        console.log(`Retrying after ${retryAfter} seconds!`);
        return true;
      }
    },
    onAbuseLimit: (retryAfter, options) => {
      // does not retry, only logs a warning
      octokit.log.warn(
        `Abuse detected for request ${options.method} ${options.url}`
      );
    },
  },
});

Automatic retries

Many common request errors can be easily remediated by retrying the request. We recommend installing the @octokit/plugin-retry plugin for Automatic retries in these cases

const { Octokit } = require("@octokit/rest");
const { retry } = require("@octokit/plugin-retry");
const MyOctokit = Octokit.plugin(retry);

const octokit = new MyOctokit();

// all requests sent with the `octokit` instance are now retried up to 3 times for recoverable errors.

Logging

Octokit has 4 built-in log methods

  1. octokit.log.debug(message[, additionalInfo])
  2. octokit.log.info(message[, additionalInfo])
  3. octokit.log.warn(message[, additionalInfo])
  4. octokit.log.error(message[, additionalInfo])

They can be configured using the log client option. By default, octokit.log.debug() and octokit.log.info() are no-ops, while the other two call console.warn() and console.error() respectively.

This is useful if you build reusable plugins.

Debug

The simplest way to receive debug information is to set the log client option to console.

const octokit = require("@octokit/rest")({
  log: console,
});

octokit.request("/");

This will log

request { method: 'GET',
  baseUrl: 'https://api.github.com',
  headers:
   { accept: 'application/vnd.github.v3+json',
     'user-agent':
      'octokit.js/0.0.0-development Node.js/10.15.0 (macOS Mojave; x64)' },
  request: {},
  url: '/' }
GET / - 200 in 514ms

If you like to support a configurable log level, we recommend using the console-log-level module

const octokit = require("@octokit/rest")({
  log: require("console-log-level")({ level: "info" }),
});

octokit.request("/");

This will only log

GET / - 200 in 514ms

Actions

Add custom labels to a self-hosted runner for an organization

Add custom labels to a self-hosted runner configured in an organization.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.addCustomLabelsToSelfHostedRunnerForOrg({
  org,
  runner_id,
  labels,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to add to the runner.

See also: GitHub Developer Guide documentation.

Add custom labels to a self-hosted runner for a repository

Add custom labels to a self-hosted runner configured in a repository.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.addCustomLabelsToSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
  labels,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to add to the runner.

See also: GitHub Developer Guide documentation.

Add selected repository to an organization secret

Adds a repository to an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.addSelectedRepoToOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Approve a workflow run for a fork pull request

Approves a workflow run for a pull request from a public fork of a first time contributor. For more information, see "Approving workflow runs from public forks."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.approveWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Cancel a workflow run

Cancels a workflow run using its id. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.cancelWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Create or update an environment secret

Creates or updates an environment secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.actions.createOrUpdateEnvironmentSecret({
  repository_id,
  environment_name,
  secret_name,
  encrypted_value,
  key_id,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment

secret_nameyes

The name of the secret.

encrypted_valueyes

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an environment public key endpoint.

key_idyes

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Create or update an organization secret

Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.actions.createOrUpdateOrgSecret({
  org,
  secret_name,
  visibility,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

visibilityyes

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

selected_repository_idsno

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Create or update a repository secret

Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.actions.createOrUpdateRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Create a registration token for an organization

Returns a token that you can pass to the config script. The token expires after one hour.

You must authenticate using an access token with the admin:org scope to use this endpoint.

Example using registration token

Configure your self-hosted runner, replacing TOKEN with the registration token provided by this endpoint.

./config.sh --url https://github.com/octo-org --token TOKEN
octokit.rest.actions.createRegistrationTokenForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a registration token for a repository

Returns a token that you can pass to the config script. The token expires after one hour. You must authenticate using an access token with the repo scope to use this endpoint.

Example using registration token

Configure your self-hosted runner, replacing TOKEN with the registration token provided by this endpoint.

./config.sh --url https://github.com/octo-org/octo-repo-artifacts --token TOKEN
octokit.rest.actions.createRegistrationTokenForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a remove token for an organization

Returns a token that you can pass to the config script to remove a self-hosted runner from an organization. The token expires after one hour.

You must authenticate using an access token with the admin:org scope to use this endpoint.

Example using remove token

To remove your self-hosted runner from an organization, replace TOKEN with the remove token provided by this endpoint.

./config.sh remove --token TOKEN
octokit.rest.actions.createRemoveTokenForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a remove token for a repository

Returns a token that you can pass to remove a self-hosted runner from a repository. The token expires after one hour. You must authenticate using an access token with the repo scope to use this endpoint.

Example using remove token

To remove your self-hosted runner from a repository, replace TOKEN with the remove token provided by this endpoint.

./config.sh remove --token TOKEN
octokit.rest.actions.createRemoveTokenForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a workflow dispatch event

You can use this endpoint to manually trigger a GitHub Actions workflow run. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

You must configure your GitHub Actions workflow to run when the workflow_dispatch webhook event occurs. The inputs are configured in the workflow file. For more information about how to configure the workflow_dispatch event in the workflow file, see "Events that trigger workflows."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint. For more information, see "Creating a personal access token for the command line."

octokit.rest.actions.createWorkflowDispatch({
  owner,
  repo,
  workflow_id,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

refyes

The git reference for the workflow. The reference can be a branch or tag name.

inputsno

Input keys and values configured in the workflow file. The maximum number of properties is 10. Any default properties configured in the workflow file will be used when inputs are omitted.

inputs.*no

See also: GitHub Developer Guide documentation.

Delete a GitHub Actions cache for a repository (using a cache ID)

Deletes a GitHub Actions cache for a repository, using a cache ID.

You must authenticate using an access token with the repo scope to use this endpoint.

GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.deleteActionsCacheById({
  owner,
  repo,
  cache_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

cache_idyes

The unique identifier of the GitHub Actions cache.

See also: GitHub Developer Guide documentation.

Delete GitHub Actions caches for a repository (using a cache key)

Deletes one or more GitHub Actions caches for a repository, using a complete cache key. By default, all caches that match the provided key are deleted, but you can optionally provide a Git ref to restrict deletions to caches that match both the provided key and the Git ref.

You must authenticate using an access token with the repo scope to use this endpoint.

GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.deleteActionsCacheByKey({
  owner,
  repo,
  key,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

keyyes

A key for identifying the cache.

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

See also: GitHub Developer Guide documentation.

Delete an artifact

Deletes an artifact for a workflow run. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.deleteArtifact({
  owner,
  repo,
  artifact_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

artifact_idyes

The unique identifier of the artifact.

See also: GitHub Developer Guide documentation.

Delete an environment secret

Deletes a secret in an environment using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.deleteEnvironmentSecret({
  repository_id,
  environment_name,
  secret_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete an organization secret

Deletes a secret in an organization using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.deleteOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a repository secret

Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.deleteRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a self-hosted runner from an organization

Forces the removal of a self-hosted runner from an organization. You can use this endpoint to completely remove the runner when the machine you were using no longer exists.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.deleteSelfHostedRunnerFromOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Delete a self-hosted runner from a repository

Forces the removal of a self-hosted runner from a repository. You can use this endpoint to completely remove the runner when the machine you were using no longer exists.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.deleteSelfHostedRunnerFromRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Delete a workflow run

Delete a specific workflow run. Anyone with write access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.deleteWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Delete workflow run logs

Deletes all logs for a workflow run. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.deleteWorkflowRunLogs({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Disable a selected repository for GitHub Actions in an organization

Removes a repository from the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.disableSelectedRepositoryGithubActionsOrganization({
  org,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Disable a workflow

Disables a workflow and sets the state of the workflow to disabled_manually. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.disableWorkflow({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

Download an artifact

Gets a redirect URL to download an archive for a repository. This URL expires after 1 minute. Look for Location: in the response header to find the URL for the download. The :archive_format must be zip. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.downloadArtifact({
  owner,
  repo,
  artifact_id,
  archive_format,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

artifact_idyes

The unique identifier of the artifact.

archive_formatyes

See also: GitHub Developer Guide documentation.

Download job logs for a workflow run

Gets a redirect URL to download a plain text file of logs for a workflow job. This link expires after 1 minute. Look for Location: in the response header to find the URL for the download. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.downloadJobLogsForWorkflowRun({
  owner,
  repo,
  job_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

job_idyes

The unique identifier of the job.

See also: GitHub Developer Guide documentation.

Download workflow run attempt logs

Gets a redirect URL to download an archive of log files for a specific workflow run attempt. This link expires after 1 minute. Look for Location: in the response header to find the URL for the download. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.downloadWorkflowRunAttemptLogs({
  owner,
  repo,
  run_id,
  attempt_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

attempt_numberyes

The attempt number of the workflow run.

See also: GitHub Developer Guide documentation.

Download workflow run logs

Gets a redirect URL to download an archive of log files for a workflow run. This link expires after 1 minute. Look for Location: in the response header to find the URL for the download. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.downloadWorkflowRunLogs({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Enable a selected repository for GitHub Actions in an organization

Adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.enableSelectedRepositoryGithubActionsOrganization({
  org,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Enable a workflow

Enables a workflow and sets the state of the workflow to active. You can replace workflow_id with the workflow file name. For example, you could use main.yaml.

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.enableWorkflow({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

List GitHub Actions caches for a repository

Lists the GitHub Actions caches for a repository. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getActionsCacheList({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

keyno

An explicit key or prefix for identifying the cache

sortno

The property to sort the results by. created_at means when the cache was created. last_accessed_at means when the cache was last accessed. size_in_bytes is the size of the cache in bytes.

directionno

The direction to sort the results by.

See also: GitHub Developer Guide documentation.

Get GitHub Actions cache usage for a repository

Gets GitHub Actions cache usage for a repository. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getActionsCacheUsage({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List repositories with GitHub Actions cache usage for an organization

Lists repositories and their GitHub Actions cache usage for an organization. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. You must authenticate using an access token with the read:org scope to use this endpoint. GitHub Apps must have the organization_admistration:read permission to use this endpoint.

octokit.rest.actions.getActionsCacheUsageByRepoForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Get GitHub Actions cache usage for an enterprise

Gets the total GitHub Actions cache usage for an enterprise. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.actions.getActionsCacheUsageForEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

See also: GitHub Developer Guide documentation.

Get GitHub Actions cache usage for an organization

Gets the total GitHub Actions cache usage for an organization. The data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated. You must authenticate using an access token with the read:org scope to use this endpoint. GitHub Apps must have the organization_admistration:read permission to use this endpoint.

octokit.rest.actions.getActionsCacheUsageForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get allowed actions and reusable workflows for an organization

Gets the selected actions and reusable workflows that are allowed in an organization. To use this endpoint, the organization permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization.""

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.getAllowedActionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get allowed actions and reusable workflows for a repository

Gets the settings for selected actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for a repository."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the administration repository permission to use this API.

octokit.rest.actions.getAllowedActionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an artifact

Gets a specific artifact for a workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getArtifact({
  owner,
  repo,
  artifact_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

artifact_idyes

The unique identifier of the artifact.

See also: GitHub Developer Guide documentation.

Get an environment public key

Get the public key for an environment, which you need to encrypt environment secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.getEnvironmentPublicKey({
  repository_id,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment

See also: GitHub Developer Guide documentation.

Get an environment secret

Gets a single environment secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.getEnvironmentSecret({
  repository_id,
  environment_name,
  secret_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get default workflow permissions for an enterprise

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise, as well as whether GitHub Actions can submit approving pull request reviews. For more information, see "Enforcing a policy for workflow permissions in your enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint. GitHub Apps must have the enterprise_administration:write permission to use this endpoint.

octokit.rest.actions.getGithubActionsDefaultWorkflowPermissionsEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

See also: GitHub Developer Guide documentation.

Get default workflow permissions for an organization

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an organization, as well as whether GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your organization."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.getGithubActionsDefaultWorkflowPermissionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get default workflow permissions for a repository

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in a repository, as well as if GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your repository."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the repository administration permission to use this API.

octokit.rest.actions.getGithubActionsDefaultWorkflowPermissionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for an organization

Gets the GitHub Actions permissions policy for repositories and allowed actions and reusable workflows in an organization.

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.getGithubActionsPermissionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for a repository

Gets the GitHub Actions permissions policy for a repository, including whether GitHub Actions is enabled and the actions and reusable workflows allowed to run in the repository.

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the administration repository permission to use this API.

octokit.rest.actions.getGithubActionsPermissionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a job for a workflow run

Gets a specific job in a workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getJobForWorkflowRun({
  owner,
  repo,
  job_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

job_idyes

The unique identifier of the job.

See also: GitHub Developer Guide documentation.

Get an organization public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.getOrgPublicKey({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an organization secret

Gets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.getOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get pending deployments for a workflow run

Get all deployment environments for a workflow run that are waiting for protection rules to pass.

Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getPendingDeploymentsForRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for a repository

Deprecated: This method has been renamed to actions.getGithubActionsPermissionsRepository

Gets the GitHub Actions permissions policy for a repository, including whether GitHub Actions is enabled and the actions and reusable workflows allowed to run in the repository.

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the administration repository permission to use this API.

octokit.rest.actions.getRepoPermissions({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.getRepoPublicKey({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository secret

Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.getRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get the review history for a workflow run

Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getReviewsForRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Get a self-hosted runner for an organization

Gets a specific self-hosted runner configured in an organization.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.getSelfHostedRunnerForOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Get a self-hosted runner for a repository

Gets a specific self-hosted runner configured in a repository.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.getSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Get a workflow

Gets a specific workflow. You can replace workflow_id with the workflow file name. For example, you could use main.yaml. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getWorkflow({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

Get the level of access for workflows outside of the repository

Gets the level of access that workflows outside of the repository have to actions and reusable workflows in the repository. This endpoint only applies to internal repositories. For more information, see "Managing GitHub Actions settings for a repository."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the repository administration permission to use this endpoint.

octokit.rest.actions.getWorkflowAccessToRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a workflow run

Gets a specific workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

See also: GitHub Developer Guide documentation.

Get a workflow run attempt

Gets a specific workflow run attempt. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getWorkflowRunAttempt({
  owner,
  repo,
  run_id,
  attempt_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

attempt_numberyes

The attempt number of the workflow run.

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

See also: GitHub Developer Guide documentation.

Get workflow run usage

Gets the number of billable minutes and total run time for a specific workflow run. Billable minutes only apply to workflows in private repositories that use GitHub-hosted runners. Usage is listed for each GitHub-hosted runner operating system in milliseconds. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getWorkflowRunUsage({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

See also: GitHub Developer Guide documentation.

Get workflow usage

Gets the number of billable minutes used by a specific workflow during the current billing cycle. Billable minutes only apply to workflows in private repositories that use GitHub-hosted runners. Usage is listed for each GitHub-hosted runner operating system in milliseconds. Any job re-runs are also included in the usage. The usage does not include the multiplier for macOS and Windows runners and is not rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

You can replace workflow_id with the workflow file name. For example, you could use main.yaml. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.getWorkflowUsage({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

See also: GitHub Developer Guide documentation.

List artifacts for a repository

Lists all artifacts for a repository. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.listArtifactsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List environment secrets

Lists all secrets available in an environment without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.listEnvironmentSecrets({
  repository_id,
  environment_name,
});

Parameters

namerequireddescription
repository_idyes

The unique identifier of the repository.

environment_nameyes

The name of the environment

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List jobs for a workflow run

Lists jobs for a workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

octokit.rest.actions.listJobsForWorkflowRun({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

filterno

Filters jobs by their completed_at timestamp. latest returns jobs from the most recent execution of the workflow run. all returns all jobs for a workflow run, including from old executions of the workflow run.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List jobs for a workflow run attempt

Lists jobs for a specific workflow run attempt. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

octokit.rest.actions.listJobsForWorkflowRunAttempt({
  owner,
  repo,
  run_id,
  attempt_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

attempt_numberyes

The attempt number of the workflow run.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List labels for a self-hosted runner for an organization

Lists all labels for a self-hosted runner configured in an organization.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.listLabelsForSelfHostedRunnerForOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

List labels for a self-hosted runner for a repository

Lists all labels for a self-hosted runner configured in a repository.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.listLabelsForSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

List organization secrets

Lists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.listOrgSecrets({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository secrets

Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the secrets repository permission to use this endpoint.

octokit.rest.actions.listRepoSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository workflows

Lists the workflows in a repository. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.listRepoWorkflows({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List runner applications for an organization

Lists binaries for the runner application that you can download and run.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.listRunnerApplicationsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List runner applications for a repository

Lists binaries for the runner application that you can download and run.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.listRunnerApplicationsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List selected repositories for an organization secret

Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.listSelectedReposForOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

See also: GitHub Developer Guide documentation.

List selected repositories enabled for GitHub Actions in an organization

Lists the selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.listSelectedRepositoriesEnabledGithubActionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List self-hosted runners for an organization

Lists all self-hosted runners configured in an organization.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.listSelfHostedRunnersForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List self-hosted runners for a repository

Lists all self-hosted runners configured in a repository. You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.listSelfHostedRunnersForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List workflow run artifacts

Lists artifacts for a workflow run. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.listWorkflowRunArtifacts({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List workflow runs

List all workflow runs for a workflow. You can replace workflow_id with the workflow file name. For example, you could use main.yaml. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope.

octokit.rest.actions.listWorkflowRuns({
  owner,
  repo,
  workflow_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

workflow_idyes

The ID of the workflow. You can also pass the workflow file name as a string.

actorno

Returns someone's workflow runs. Use the login for the user who created the push associated with the check suite or workflow run.

branchno

Returns workflow runs associated with a branch. Use the name of the branch of the push.

eventno

Returns workflow run triggered by the event you specify. For example, push, pull_request or issue. For more information, see "Events that trigger workflows."

statusno

Returns workflow runs with the check run status or conclusion that you specify. For example, a conclusion can be success or a status can be in_progress. Only GitHub can set a status of waiting or requested. For a list of the possible status and conclusion options, see "Create a check run."

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

createdno

Returns workflow runs created within the given date-time range. For more information on the syntax, see "Understanding the search syntax."

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

check_suite_idno

Returns workflow runs with the check_suite_id that you specify.

See also: GitHub Developer Guide documentation.

List workflow runs for a repository

Lists all workflow runs for a repository. You can use parameters to narrow the list of results. For more information about using parameters, see Parameters.

Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.actions.listWorkflowRunsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

actorno

Returns someone's workflow runs. Use the login for the user who created the push associated with the check suite or workflow run.

branchno

Returns workflow runs associated with a branch. Use the name of the branch of the push.

eventno

Returns workflow run triggered by the event you specify. For example, push, pull_request or issue. For more information, see "Events that trigger workflows."

statusno

Returns workflow runs with the check run status or conclusion that you specify. For example, a conclusion can be success or a status can be in_progress. Only GitHub can set a status of waiting or requested. For a list of the possible status and conclusion options, see "Create a check run."

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

createdno

Returns workflow runs created within the given date-time range. For more information on the syntax, see "Understanding the search syntax."

exclude_pull_requestsno

If true pull requests are omitted from the response (empty array).

check_suite_idno

Returns workflow runs with the check_suite_id that you specify.

See also: GitHub Developer Guide documentation.

Re-run a job from a workflow run

Re-run a job and its dependent jobs in a workflow run. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.reRunJobForWorkflowRun({
  owner,
  repo,
  job_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

job_idyes

The unique identifier of the job.

enable_debug_loggingno

Whether to enable debug logging for the re-run.

See also: GitHub Developer Guide documentation.

Re-run a workflow

Re-runs your workflow run using its id. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.

octokit.rest.actions.reRunWorkflow({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

enable_debug_loggingno

Whether to enable debug logging for the re-run.

See also: GitHub Developer Guide documentation.

Re-run failed jobs from a workflow run

Re-run all of the failed jobs and their dependent jobs in a workflow run using the id of the workflow run. You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.reRunWorkflowFailedJobs({
  owner,
  repo,
  run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

enable_debug_loggingno

Whether to enable debug logging for the re-run.

See also: GitHub Developer Guide documentation.

Remove all custom labels from a self-hosted runner for an organization

Remove all custom labels from a self-hosted runner configured in an organization. Returns the remaining read-only labels from the runner.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.removeAllCustomLabelsFromSelfHostedRunnerForOrg({
  org,
  runner_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Remove all custom labels from a self-hosted runner for a repository

Remove all custom labels from a self-hosted runner configured in a repository. Returns the remaining read-only labels from the runner.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.removeAllCustomLabelsFromSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Remove a custom label from a self-hosted runner for an organization

Remove a custom label from a self-hosted runner configured in an organization. Returns the remaining labels from the runner.

This endpoint returns a 404 Not Found status if the custom label is not present on the runner.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.removeCustomLabelFromSelfHostedRunnerForOrg({
  org,
  runner_id,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

nameyes

The name of a self-hosted runner's custom label.

See also: GitHub Developer Guide documentation.

Remove a custom label from a self-hosted runner for a repository

Remove a custom label from a self-hosted runner configured in a repository. Returns the remaining labels from the runner.

This endpoint returns a 404 Not Found status if the custom label is not present on the runner.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.removeCustomLabelFromSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

nameyes

The name of a self-hosted runner's custom label.

See also: GitHub Developer Guide documentation.

Remove selected repository from an organization secret

Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.removeSelectedRepoFromOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Review pending deployments for a workflow run

Approve or reject pending deployments that are waiting on approval by a required reviewer.

Required reviewers with read access to the repository contents and deployments can use this endpoint. Required reviewers must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.reviewPendingDeploymentsForRun({
  owner,
  repo,
  run_id,
  environment_ids,
  state,
  comment,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

run_idyes

The unique identifier of the workflow run.

environment_idsyes

The list of environment ids to approve or reject

stateyes

Whether to approve or reject deployment to the specified environments.

commentyes

A comment to accompany the deployment review

See also: GitHub Developer Guide documentation.

Set allowed actions and reusable workflows for an organization

Sets the actions and reusable workflows that are allowed in an organization. To use this endpoint, the organization permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

If the organization belongs to an enterprise that has selected actions and reusable workflows set at the enterprise level, then you cannot override any of the enterprise's allowed actions and reusable workflows settings.

To use the patterns_allowed setting for private repositories, the organization must belong to an enterprise. If the organization does not belong to an enterprise, then the patterns_allowed setting only applies to public repositories in the organization.

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.setAllowedActionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

github_owned_allowedno

Whether GitHub-owned actions are allowed. For example, this includes the actions in the actions organization.

verified_allowedno

Whether actions from GitHub Marketplace verified creators are allowed. Set to true to allow all actions by GitHub Marketplace verified creators.

patterns_allowedno

Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."

See also: GitHub Developer Guide documentation.

Set allowed actions and reusable workflows for a repository

Sets the actions and reusable workflows that are allowed in a repository. To use this endpoint, the repository permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for a repository."

If the repository belongs to an organization or enterprise that has selected actions and reusable workflows set at the organization or enterprise levels, then you cannot override any of the allowed actions and reusable workflows settings.

To use the patterns_allowed setting for private repositories, the repository must belong to an enterprise. If the repository does not belong to an enterprise, then the patterns_allowed setting only applies to public repositories.

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the administration repository permission to use this API.

octokit.rest.actions.setAllowedActionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

github_owned_allowedno

Whether GitHub-owned actions are allowed. For example, this includes the actions in the actions organization.

verified_allowedno

Whether actions from GitHub Marketplace verified creators are allowed. Set to true to allow all actions by GitHub Marketplace verified creators.

patterns_allowedno

Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."

See also: GitHub Developer Guide documentation.

Set custom labels for a self-hosted runner for an organization

Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in an organization.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.actions.setCustomLabelsForSelfHostedRunnerForOrg({
  org,
  runner_id,
  labels,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to set for the runner. You can pass an empty array to remove all custom labels.

See also: GitHub Developer Guide documentation.

Set custom labels for a self-hosted runner for a repository

Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in a repository.

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.actions.setCustomLabelsForSelfHostedRunnerForRepo({
  owner,
  repo,
  runner_id,
  labels,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to set for the runner. You can pass an empty array to remove all custom labels.

See also: GitHub Developer Guide documentation.

Set default workflow permissions for an enterprise

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise, and sets whether GitHub Actions can submit approving pull request reviews. For more information, see "Enforcing a policy for workflow permissions in your enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint. GitHub Apps must have the enterprise_administration:write permission to use this endpoint.

octokit.rest.actions.setGithubActionsDefaultWorkflowPermissionsEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

default_workflow_permissionsno

The default workflow permissions granted to the GITHUB_TOKEN when running workflows.

can_approve_pull_request_reviewsno

Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.

See also: GitHub Developer Guide documentation.

Set default workflow permissions for an organization

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an organization, and sets if GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your organization."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.setGithubActionsDefaultWorkflowPermissionsOrganization({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

default_workflow_permissionsno

The default workflow permissions granted to the GITHUB_TOKEN when running workflows.

can_approve_pull_request_reviewsno

Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.

See also: GitHub Developer Guide documentation.

Set default workflow permissions for a repository

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in a repository, and sets if GitHub Actions can submit approving pull request reviews. For more information, see "Setting the permissions of the GITHUB_TOKEN for your repository."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the repository administration permission to use this API.

octokit.rest.actions.setGithubActionsDefaultWorkflowPermissionsRepository({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

default_workflow_permissionsno

The default workflow permissions granted to the GITHUB_TOKEN when running workflows.

can_approve_pull_request_reviewsno

Whether GitHub Actions can approve pull requests. Enabling this can be a security risk.

See also: GitHub Developer Guide documentation.

Set GitHub Actions permissions for an organization

Sets the GitHub Actions permissions policy for repositories and allowed actions and reusable workflows in an organization.

If the organization belongs to an enterprise that has set restrictive permissions at the enterprise level, such as allowed_actions to selected actions and reusable workflows, then you cannot override them for the organization.

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.setGithubActionsPermissionsOrganization({
  org,
  enabled_repositories,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

enabled_repositoriesyes

The policy that controls the repositories in the organization that are allowed to run GitHub Actions.

allowed_actionsno

The permissions policy that controls the actions and reusable workflows that are allowed to run.

See also: GitHub Developer Guide documentation.

Set GitHub Actions permissions for a repository

Sets the GitHub Actions permissions policy for enabling GitHub Actions and allowed actions and reusable workflows in the repository.

If the repository belongs to an organization or enterprise that has set restrictive permissions at the organization or enterprise levels, such as allowed_actions to selected actions and reusable workflows, then you cannot override them for the repository.

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the administration repository permission to use this API.

octokit.rest.actions.setGithubActionsPermissionsRepository({
  owner,
  repo,
  enabled,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

enabledyes

Whether GitHub Actions is enabled on the repository.

allowed_actionsno

The permissions policy that controls the actions and reusable workflows that are allowed to run.

See also: GitHub Developer Guide documentation.

Set selected repositories for an organization secret

Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the secrets organization permission to use this endpoint.

octokit.rest.actions.setSelectedReposForOrgSecret({
  org,
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Set selected repositories for an organization secret and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Set selected repositories enabled for GitHub Actions in an organization

Replaces the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see "Set GitHub Actions permissions for an organization."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the administration organization permission to use this API.

octokit.rest.actions.setSelectedRepositoriesEnabledGithubActionsOrganization({
  org,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

selected_repository_idsyes

List of repository IDs to enable for GitHub Actions.

See also: GitHub Developer Guide documentation.

Set the level of access for workflows outside of the repository

Sets the level of access that workflows outside of the repository have to actions and reusable workflows in the repository. This endpoint only applies to internal repositories. For more information, see "Managing GitHub Actions settings for a repository."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the repository administration permission to use this endpoint.

octokit.rest.actions.setWorkflowAccessToRepository({
  owner,
  repo,
  access_level,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

access_levelyes

Defines the level of access that workflows outside of the repository have to actions and reusable workflows within the repository. none means access is only possible from workflows in this repository.

See also: GitHub Developer Guide documentation.

Activity

Check if a repository is starred by the authenticated user

octokit.rest.activity.checkRepoIsStarredByAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete a repository subscription

This endpoint should only be used to stop watching a repository. To control whether or not you wish to receive notifications from a repository, set the repository's subscription manually.

octokit.rest.activity.deleteRepoSubscription({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete a thread subscription

Mutes all future notifications for a conversation until you comment on the thread or get an @mention. If you are watching the repository of the thread, you will still receive notifications. To ignore future notifications for a repository you are watching, use the Set a thread subscription endpoint and set ignore to true.

octokit.rest.activity.deleteThreadSubscription({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the pull request thread.

See also: GitHub Developer Guide documentation.

Get feeds

GitHub provides several timeline resources in Atom format. The Feeds API lists all the feeds available to the authenticated user:

  • Timeline: The GitHub global public timeline
  • User: The public timeline for any user, using URI template
  • Current user public: The public timeline for the authenticated user
  • Current user: The private timeline for the authenticated user
  • Current user actor: The private timeline for activity created by the authenticated user
  • Current user organizations: The private timeline for the organizations the authenticated user is a member of.
  • Security advisories: A collection of public announcements that provide information about security-related vulnerabilities in software on GitHub.

Note: Private feeds are only returned when authenticating via Basic Auth since current feed URIs use the older, non revocable auth tokens.

octokit.rest.activity.getFeeds();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a repository subscription

octokit.rest.activity.getRepoSubscription({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a thread

octokit.rest.activity.getThread({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the pull request thread.

See also: GitHub Developer Guide documentation.

Get a thread subscription for the authenticated user

This checks to see if the current user is subscribed to a thread. You can also get a repository subscription.

Note that subscriptions are only generated if a user is participating in a conversation--for example, they've replied to the thread, were @mentioned, or manually subscribe to a thread.

octokit.rest.activity.getThreadSubscriptionForAuthenticatedUser({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the pull request thread.

See also: GitHub Developer Guide documentation.

List events for the authenticated user

If you are authenticated as the given user, you will see your private events. Otherwise, you'll only see public events.

octokit.rest.activity.listEventsForAuthenticatedUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List notifications for the authenticated user

List all notifications for the current user, sorted by most recently updated.

octokit.rest.activity.listNotificationsForAuthenticatedUser();

Parameters

namerequireddescription
allno

If true, show notifications marked as read.

participatingno

If true, only shows notifications in which the user is directly participating or mentioned.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

beforeno

Only show notifications updated before the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization events for the authenticated user

This is the user's organization dashboard. You must be authenticated as the user to view this.

octokit.rest.activity.listOrgEventsForAuthenticatedUser({
  username,
  org,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public events

We delay the public events feed by five minutes, which means the most recent event returned by the public events API actually occurred at least five minutes ago.

octokit.rest.activity.listPublicEvents();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public events for a network of repositories

octokit.rest.activity.listPublicEventsForRepoNetwork({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public events for a user

octokit.rest.activity.listPublicEventsForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public organization events

octokit.rest.activity.listPublicOrgEvents({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List events received by the authenticated user

These are events that you've received by watching repos and following users. If you are authenticated as the given user, you will see private events. Otherwise, you'll only see public events.

octokit.rest.activity.listReceivedEventsForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public events received by a user

octokit.rest.activity.listReceivedPublicEventsForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository events

octokit.rest.activity.listRepoEvents({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository notifications for the authenticated user

List all notifications for the current user.

octokit.rest.activity.listRepoNotificationsForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

allno

If true, show notifications marked as read.

participatingno

If true, only shows notifications in which the user is directly participating or mentioned.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

beforeno

Only show notifications updated before the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories starred by the authenticated user

Lists repositories the authenticated user has starred.

You can also find out when stars were created by passing the following custom media type via the Accept header:

octokit.rest.activity.listReposStarredByAuthenticatedUser();

Parameters

namerequireddescription
sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories starred by a user

Lists repositories a user has starred.

You can also find out when stars were created by passing the following custom media type via the Accept header:

octokit.rest.activity.listReposStarredByUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories watched by a user

Lists repositories a user is watching.

octokit.rest.activity.listReposWatchedByUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List stargazers

Lists the people that have starred the repository.

You can also find out when stars were created by passing the following custom media type via the Accept header:

octokit.rest.activity.listStargazersForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories watched by the authenticated user

Lists repositories the authenticated user is watching.

octokit.rest.activity.listWatchedReposForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List watchers

Lists the people watching the specified repository.

octokit.rest.activity.listWatchersForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Mark notifications as read

Marks all notifications as "read" removes it from the default view on GitHub. If the number of notifications is too large to complete in one request, you will receive a 202 Accepted status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the List notifications for the authenticated user endpoint and pass the query parameter all=false.

octokit.rest.activity.markNotificationsAsRead();

Parameters

namerequireddescription
last_read_atno

Describes the last point that notifications were checked. Anything updated since this time will not be marked as read. If you omit this parameter, all notifications are marked as read. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. Default: The current timestamp.

readno

Whether the notification has been read.

See also: GitHub Developer Guide documentation.

Mark repository notifications as read

Marks all notifications in a repository as "read" removes them from the default view on GitHub. If the number of notifications is too large to complete in one request, you will receive a 202 Accepted status and GitHub will run an asynchronous process to mark notifications as "read." To check whether any "unread" notifications remain, you can use the List repository notifications for the authenticated user endpoint and pass the query parameter all=false.

octokit.rest.activity.markRepoNotificationsAsRead({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

last_read_atno

Describes the last point that notifications were checked. Anything updated since this time will not be marked as read. If you omit this parameter, all notifications are marked as read. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. Default: The current timestamp.

See also: GitHub Developer Guide documentation.

Mark a thread as read

octokit.rest.activity.markThreadAsRead({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the pull request thread.

See also: GitHub Developer Guide documentation.

Set a repository subscription

If you would like to watch a repository, set subscribed to true. If you would like to ignore notifications made within a repository, set ignored to true. If you would like to stop watching a repository, delete the repository's subscription completely.

octokit.rest.activity.setRepoSubscription({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

subscribedno

Determines if notifications should be received from this repository.

ignoredno

Determines if all notifications should be blocked from this repository.

See also: GitHub Developer Guide documentation.

Set a thread subscription

If you are watching a repository, you receive notifications for all threads by default. Use this endpoint to ignore future notifications for threads until you comment on the thread or get an @mention.

You can also use this endpoint to subscribe to threads that you are currently not receiving notifications for or to subscribed to threads that you have previously ignored.

Unsubscribing from a conversation in a repository that you are not watching is functionally equivalent to the Delete a thread subscription endpoint.

octokit.rest.activity.setThreadSubscription({
  thread_id,
});

Parameters

namerequireddescription
thread_idyes

The unique identifier of the pull request thread.

ignoredno

Whether to block all notifications from a thread.

See also: GitHub Developer Guide documentation.

Star a repository for the authenticated user

Note that you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

octokit.rest.activity.starRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Unstar a repository for the authenticated user

octokit.rest.activity.unstarRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Apps

Add a repository to an app installation

Deprecated: This method has been renamed to apps.addRepoToInstallationForAuthenticatedUser

Add a single repository to an installation. The authenticated user must have admin access to the repository.

You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.

octokit.rest.apps.addRepoToInstallation({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Add a repository to an app installation

Add a single repository to an installation. The authenticated user must have admin access to the repository.

You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.

octokit.rest.apps.addRepoToInstallationForAuthenticatedUser({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Check a token

OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use Basic Authentication to use this endpoint, where the username is the OAuth application client_id and the password is its client_secret. Invalid tokens will return 404 NOT FOUND.

octokit.rest.apps.checkToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The access_token of the OAuth application.

See also: GitHub Developer Guide documentation.

Create a GitHub App from a manifest

Use this endpoint to complete the handshake necessary when implementing the GitHub App Manifest flow. When you create a GitHub App with the manifest flow, you receive a temporary code used to retrieve the GitHub App's id, pem (private key), and webhook_secret.

octokit.rest.apps.createFromManifest({
  code,
});

Parameters

namerequireddescription
codeyes

See also: GitHub Developer Guide documentation.

Create an installation access token for an app

Creates an installation access token that enables a GitHub App to make authenticated API requests for the app's installation on an organization or individual account. Installation tokens expire one hour from the time you create them. Using an expired token produces a status code of 401 - Unauthorized, and requires creating a new installation token. By default the installation token has access to all repositories that the installation can access. To restrict the access to specific repositories, you can provide the repository_ids when creating the token. When you omit repository_ids, the response does not contain the repositories key.

You must use a JWT to access this endpoint.

octokit.rest.apps.createInstallationAccessToken({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repositoriesno

List of repository names that the token should have access to

repository_idsno

List of repository IDs that the token should have access to

permissionsno

The permissions granted to the user-to-server access token.

permissions.actionsno

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts.

permissions.administrationno

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation.

permissions.checksno

The level of permission to grant the access token for checks on code.

permissions.contentsno

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges.

permissions.deploymentsno

The level of permission to grant the access token for deployments and deployment statuses.

permissions.environmentsno

The level of permission to grant the access token for managing repository environments.

permissions.issuesno

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones.

permissions.metadatano

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.

permissions.packagesno

The level of permission to grant the access token for packages published to GitHub Packages.

permissions.pagesno

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds.

permissions.pull_requestsno

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges.

permissions.repository_hooksno

The level of permission to grant the access token to manage the post-receive hooks for a repository.

permissions.repository_projectsno

The level of permission to grant the access token to manage repository projects, columns, and cards.

permissions.secret_scanning_alertsno

The level of permission to grant the access token to view and manage secret scanning alerts.

permissions.secretsno

The level of permission to grant the access token to manage repository secrets.

permissions.security_eventsno

The level of permission to grant the access token to view and manage security events like code scanning alerts.

permissions.single_fileno

The level of permission to grant the access token to manage just a single file.

permissions.statusesno

The level of permission to grant the access token for commit statuses.

permissions.vulnerability_alertsno

The level of permission to grant the access token to manage Dependabot alerts.

permissions.workflowsno

The level of permission to grant the access token to update GitHub Actions workflow files.

permissions.membersno

The level of permission to grant the access token for organization teams and members.

permissions.organization_administrationno

The level of permission to grant the access token to manage access to an organization.

permissions.organization_hooksno

The level of permission to grant the access token to manage the post-receive hooks for an organization.

permissions.organization_planno

The level of permission to grant the access token for viewing an organization's plan.

permissions.organization_projectsno

The level of permission to grant the access token to manage organization projects and projects beta (where available).

permissions.organization_packagesno

The level of permission to grant the access token for organization packages published to GitHub Packages.

permissions.organization_secretsno

The level of permission to grant the access token to manage organization secrets.

permissions.organization_self_hosted_runnersno

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization.

permissions.organization_user_blockingno

The level of permission to grant the access token to view and manage users blocked by the organization.

permissions.team_discussionsno

The level of permission to grant the access token to manage team discussions and related comments.

See also: GitHub Developer Guide documentation.

Delete an app authorization

OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. You must also provide a valid OAuth access_token as an input parameter and the grant for the token's owner will be deleted. Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on the application authorizations settings screen within GitHub.

octokit.rest.apps.deleteAuthorization({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The OAuth access token used to authenticate to the GitHub API.

See also: GitHub Developer Guide documentation.

Delete an installation for the authenticated app

Uninstalls a GitHub App on a user, organization, or business account. If you prefer to temporarily suspend an app's access to your account's resources, then we recommend the "Suspend an app installation" endpoint.

You must use a JWT to access this endpoint.

octokit.rest.apps.deleteInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Delete an app token

OAuth application owners can revoke a single token for an OAuth application. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password.

octokit.rest.apps.deleteToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The OAuth access token used to authenticate to the GitHub API.

See also: GitHub Developer Guide documentation.

Get the authenticated app

Returns the GitHub App associated with the authentication credentials used. To see how many app installations are associated with this GitHub App, see the installations_count in the response. For more details about your app's installations, see the "List installations for the authenticated app" endpoint.

You must use a JWT to access this endpoint.

octokit.rest.apps.getAuthenticated();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get an app

Note: The :app_slug is just the URL-friendly name of your GitHub App. You can find this on the settings page for your GitHub App (e.g., https://github.com/settings/apps/:app_slug).

If the GitHub App you specify is public, you can access this endpoint without authenticating. If the GitHub App you specify is private, you must authenticate with a personal access token or an installation access token to access this endpoint.

octokit.rest.apps.getBySlug({
  app_slug,
});

Parameters

namerequireddescription
app_slugyes

See also: GitHub Developer Guide documentation.

Get an installation for the authenticated app

Enables an authenticated GitHub App to find an installation's information using the installation id.

You must use a JWT to access this endpoint.

octokit.rest.apps.getInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Get an organization installation for the authenticated app

Enables an authenticated GitHub App to find the organization's installation information.

You must use a JWT to access this endpoint.

octokit.rest.apps.getOrgInstallation({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository installation for the authenticated app

Enables an authenticated GitHub App to find the repository's installation information. The installation's account type will be either an organization or a user account, depending which account the repository belongs to.

You must use a JWT to access this endpoint.

octokit.rest.apps.getRepoInstallation({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a subscription plan for an account

Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.getSubscriptionPlanForAccount({
  account_id,
});

Parameters

namerequireddescription
account_idyes

account_id parameter

See also: GitHub Developer Guide documentation.

Get a subscription plan for an account (stubbed)

Shows whether the user or organization account actively subscribes to a plan listed by the authenticated GitHub App. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.getSubscriptionPlanForAccountStubbed({
  account_id,
});

Parameters

namerequireddescription
account_idyes

account_id parameter

See also: GitHub Developer Guide documentation.

Get a user installation for the authenticated app

Enables an authenticated GitHub App to find the user’s installation information.

You must use a JWT to access this endpoint.

octokit.rest.apps.getUserInstallation({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get a webhook configuration for an app

Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

octokit.rest.apps.getWebhookConfigForApp();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a delivery for an app webhook

Returns a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

octokit.rest.apps.getWebhookDelivery({
  delivery_id,
});

Parameters

namerequireddescription
delivery_idyes

See also: GitHub Developer Guide documentation.

List accounts for a plan

Returns user and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listAccountsForPlan({
  plan_id,
});

Parameters

namerequireddescription
plan_idyes

The unique identifier of the plan.

sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

To return the oldest accounts first, set to asc. Ignored without the sort parameter.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List accounts for a plan (stubbed)

Returns repository and organization accounts associated with the specified plan, including free plans. For per-seat pricing, you see the list of accounts that have purchased the plan, including the number of seats purchased. When someone submits a plan change that won't be processed until the end of their billing cycle, you will also see the upcoming pending change.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listAccountsForPlanStubbed({
  plan_id,
});

Parameters

namerequireddescription
plan_idyes

The unique identifier of the plan.

sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

To return the oldest accounts first, set to asc. Ignored without the sort parameter.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories accessible to the user access token

List repositories that the authenticated user has explicit permission (:read, :write, or :admin) to access for an installation.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.

The access the user has to each repository is included in the hash under the permissions key.

octokit.rest.apps.listInstallationReposForAuthenticatedUser({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List installations for the authenticated app

You must use a JWT to access this endpoint.

The permissions the installation has are included under the permissions key.

octokit.rest.apps.listInstallations();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

outdatedno

See also: GitHub Developer Guide documentation.

List app installations accessible to the user access token

Lists installations of your GitHub App that the authenticated user has explicit permission (:read, :write, or :admin) to access.

You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

You can find the permissions for the installation under the permissions key.

octokit.rest.apps.listInstallationsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List plans

Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listPlans();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List plans (stubbed)

Lists all plans that are part of your GitHub Marketplace listing.

GitHub Apps must use a JWT to access this endpoint. OAuth Apps must use basic authentication with their client ID and client secret to access this endpoint.

octokit.rest.apps.listPlansStubbed();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories accessible to the app installation

List repositories that an app installation can access.

You must use an installation access token to access this endpoint.

octokit.rest.apps.listReposAccessibleToInstallation();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List subscriptions for the authenticated user

Lists the active subscriptions for the authenticated user. You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint. . OAuth Apps must authenticate using an OAuth token.

octokit.rest.apps.listSubscriptionsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List subscriptions for the authenticated user (stubbed)

Lists the active subscriptions for the authenticated user. You must use a user-to-server OAuth access token, created for a user who has authorized your GitHub App, to access this endpoint. . OAuth Apps must authenticate using an OAuth token.

octokit.rest.apps.listSubscriptionsForAuthenticatedUserStubbed();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List deliveries for an app webhook

Returns a list of webhook deliveries for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

octokit.rest.apps.listWebhookDeliveries();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

cursorno

Used for pagination: the starting delivery from which the page of deliveries is fetched. Refer to the link header for the next and previous page cursors.

See also: GitHub Developer Guide documentation.

Redeliver a delivery for an app webhook

Redeliver a delivery for the webhook configured for a GitHub App.

You must use a JWT to access this endpoint.

octokit.rest.apps.redeliverWebhookDelivery({
  delivery_id,
});

Parameters

namerequireddescription
delivery_idyes

See also: GitHub Developer Guide documentation.

Remove a repository from an app installation

Deprecated: This method has been renamed to apps.removeRepoFromInstallationForAuthenticatedUser

Remove a single repository from an installation. The authenticated user must have admin access to the repository.

You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.

octokit.rest.apps.removeRepoFromInstallation({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Remove a repository from an app installation

Remove a single repository from an installation. The authenticated user must have admin access to the repository.

You must use a personal access token (which you can create via the command line or Basic Authentication) to access this endpoint.

octokit.rest.apps.removeRepoFromInstallationForAuthenticatedUser({
  installation_id,
  repository_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

repository_idyes

The unique identifier of the repository.

See also: GitHub Developer Guide documentation.

Reset a token

OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the "token" property in the response because changes take effect immediately. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

octokit.rest.apps.resetToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The access_token of the OAuth application.

See also: GitHub Developer Guide documentation.

Revoke an installation access token

Revokes the installation token you're using to authenticate as an installation and access this endpoint.

Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the "Create an installation access token for an app" endpoint.

You must use an installation access token to access this endpoint.

octokit.rest.apps.revokeInstallationAccessToken();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Create a scoped access token

Use a non-scoped user-to-server OAuth access token to create a repository scoped and/or permission scoped user-to-server OAuth access token. You can specify which repositories the token can access and which permissions are granted to the token. You must use Basic Authentication when accessing this endpoint, using the OAuth application's client_id and client_secret as the username and password. Invalid tokens will return 404 NOT FOUND.

octokit.rest.apps.scopeToken({
  client_id,
  access_token,
});

Parameters

namerequireddescription
client_idyes

The client ID of the GitHub app.

access_tokenyes

The OAuth access token used to authenticate to the GitHub API.

targetno

The name of the user or organization to scope the user-to-server access token to. Required unless target_id is specified.

target_idno

The ID of the user or organization to scope the user-to-server access token to. Required unless target is specified.

repositoriesno

The list of repository names to scope the user-to-server access token to. repositories may not be specified if repository_ids is specified.

repository_idsno

The list of repository IDs to scope the user-to-server access token to. repository_ids may not be specified if repositories is specified.

permissionsno

The permissions granted to the user-to-server access token.

permissions.actionsno

The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts.

permissions.administrationno

The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation.

permissions.checksno

The level of permission to grant the access token for checks on code.

permissions.contentsno

The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges.

permissions.deploymentsno

The level of permission to grant the access token for deployments and deployment statuses.

permissions.environmentsno

The level of permission to grant the access token for managing repository environments.

permissions.issuesno

The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones.

permissions.metadatano

The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.

permissions.packagesno

The level of permission to grant the access token for packages published to GitHub Packages.

permissions.pagesno

The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds.

permissions.pull_requestsno

The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges.

permissions.repository_hooksno

The level of permission to grant the access token to manage the post-receive hooks for a repository.

permissions.repository_projectsno

The level of permission to grant the access token to manage repository projects, columns, and cards.

permissions.secret_scanning_alertsno

The level of permission to grant the access token to view and manage secret scanning alerts.

permissions.secretsno

The level of permission to grant the access token to manage repository secrets.

permissions.security_eventsno

The level of permission to grant the access token to view and manage security events like code scanning alerts.

permissions.single_fileno

The level of permission to grant the access token to manage just a single file.

permissions.statusesno

The level of permission to grant the access token for commit statuses.

permissions.vulnerability_alertsno

The level of permission to grant the access token to manage Dependabot alerts.

permissions.workflowsno

The level of permission to grant the access token to update GitHub Actions workflow files.

permissions.membersno

The level of permission to grant the access token for organization teams and members.

permissions.organization_administrationno

The level of permission to grant the access token to manage access to an organization.

permissions.organization_hooksno

The level of permission to grant the access token to manage the post-receive hooks for an organization.

permissions.organization_planno

The level of permission to grant the access token for viewing an organization's plan.

permissions.organization_projectsno

The level of permission to grant the access token to manage organization projects and projects beta (where available).

permissions.organization_packagesno

The level of permission to grant the access token for organization packages published to GitHub Packages.

permissions.organization_secretsno

The level of permission to grant the access token to manage organization secrets.

permissions.organization_self_hosted_runnersno

The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization.

permissions.organization_user_blockingno

The level of permission to grant the access token to view and manage users blocked by the organization.

permissions.team_discussionsno

The level of permission to grant the access token to manage team discussions and related comments.

See also: GitHub Developer Guide documentation.

Suspend an app installation

Suspends a GitHub App on a user, organization, or business account, which blocks the app from accessing the account's resources. When a GitHub App is suspended, the app's access to the GitHub API or webhook events is blocked for that account.

You must use a JWT to access this endpoint.

octokit.rest.apps.suspendInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Unsuspend an app installation

Removes a GitHub App installation suspension.

You must use a JWT to access this endpoint.

octokit.rest.apps.unsuspendInstallation({
  installation_id,
});

Parameters

namerequireddescription
installation_idyes

The unique identifier of the installation.

See also: GitHub Developer Guide documentation.

Update a webhook configuration for an app

Updates the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see "Creating a GitHub App."

You must use a JWT to access this endpoint.

octokit.rest.apps.updateWebhookConfigForApp();

Parameters

namerequireddescription
urlno

The URL to which the payloads will be delivered.

content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

insecure_sslno

See also: GitHub Developer Guide documentation.

Billing

Get GitHub Actions billing for an organization

Gets the summary of the free and paid GitHub Actions minutes used.

Paid minutes only apply to workflows in private repositories that use GitHub-hosted runners. Minutes used is listed for each GitHub-hosted runner operating system. Any job re-runs are also included in the usage. The usage returned includes any minute multipliers for macOS and Windows runners, and is rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

Access tokens must have the repo or admin:org scope.

octokit.rest.billing.getGithubActionsBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Actions billing for a user

Gets the summary of the free and paid GitHub Actions minutes used.

Paid minutes only apply to workflows in private repositories that use GitHub-hosted runners. Minutes used is listed for each GitHub-hosted runner operating system. Any job re-runs are also included in the usage. The usage returned includes any minute multipliers for macOS and Windows runners, and is rounded up to the nearest whole minute. For more information, see "Managing billing for GitHub Actions".

Access tokens must have the user scope.

octokit.rest.billing.getGithubActionsBillingUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get GitHub Advanced Security active committers for an enterprise

Gets the GitHub Advanced Security active committers for an enterprise per repository. Each distinct user login across all repositories is counted as a single Advanced Security seat, so the total_advanced_security_committers is not the sum of active_users for each repository.

octokit.rest.billing.getGithubAdvancedSecurityBillingGhe({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Get GitHub Advanced Security active committers for an organization

Gets the GitHub Advanced Security active committers for an organization per repository. Each distinct user login across all repositories is counted as a single Advanced Security seat, so the total_advanced_security_committers is not the sum of advanced_security_committers for each repository. If this organization defers to an enterprise for billing, the total_advanced_security_committers returned from the organization API may include some users that are in more than one organization, so they will only consume a single Advanced Security seat at the enterprise level.

octokit.rest.billing.getGithubAdvancedSecurityBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Get GitHub Packages billing for an organization

Gets the free and paid storage used for GitHub Packages in gigabytes.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

Access tokens must have the repo or admin:org scope.

octokit.rest.billing.getGithubPackagesBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Packages billing for a user

Gets the free and paid storage used for GitHub Packages in gigabytes.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

Access tokens must have the user scope.

octokit.rest.billing.getGithubPackagesBillingUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get shared storage billing for an organization

Gets the estimated paid and estimated total storage used for GitHub Actions and GitHub Packages.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

Access tokens must have the repo or admin:org scope.

octokit.rest.billing.getSharedStorageBillingOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get shared storage billing for a user

Gets the estimated paid and estimated total storage used for GitHub Actions and GitHub Packages.

Paid minutes only apply to packages stored for private repositories. For more information, see "Managing billing for GitHub Packages."

Access tokens must have the user scope.

octokit.rest.billing.getSharedStorageBillingUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Checks

Create a check run

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

Creates a new check run for a specific commit in a repository. Your GitHub App must have the checks:write permission to create check runs.

In a check suite, GitHub limits the number of check runs with the same name to 1000. Once these check runs exceed 1000, GitHub will start to automatically delete older check runs.

octokit.rest.checks.create({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

statusno
*no

See also: GitHub Developer Guide documentation.

Create a check suite

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

By default, check suites are automatically created when you create a check run. You only need to use this endpoint for manually creating check suites when you've disabled automatic creation using "Update repository preferences for check suites". Your GitHub App must have the checks:write permission to create check suites.

octokit.rest.checks.createSuite({
  owner,
  repo,
  head_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

head_shayes

The sha of the head commit.

See also: GitHub Developer Guide documentation.

Get a check run

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

Gets a single check run using its id. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to get check runs. OAuth Apps and authenticated users must have the repo scope to get check runs in a private repository.

octokit.rest.checks.get({
  owner,
  repo,
  check_run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

See also: GitHub Developer Guide documentation.

Get a check suite

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

Gets a single check suite using its id. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to get check suites. OAuth Apps and authenticated users must have the repo scope to get check suites in a private repository.

octokit.rest.checks.getSuite({
  owner,
  repo,
  check_suite_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_suite_idyes

The unique identifier of the check suite.

See also: GitHub Developer Guide documentation.

List check run annotations

Lists annotations for a check run using the annotation id. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to get annotations for a check run. OAuth Apps and authenticated users must have the repo scope to get annotations for a check run in a private repository.

octokit.rest.checks.listAnnotations({
  owner,
  repo,
  check_run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List check runs for a Git reference

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

Lists check runs for a commit ref. The ref can be a SHA, branch name, or a tag name. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to get check runs. OAuth Apps and authenticated users must have the repo scope to get check runs in a private repository.

octokit.rest.checks.listForRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

check_nameno

Returns check runs with the specified name.

statusno

Returns check runs with the specified status.

filterno

Filters check runs by their completed_at timestamp. latest returns the most recent check runs.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

app_idno

See also: GitHub Developer Guide documentation.

List check runs in a check suite

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

Lists check runs for a check suite using its id. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to get check runs. OAuth Apps and authenticated users must have the repo scope to get check runs in a private repository.

octokit.rest.checks.listForSuite({
  owner,
  repo,
  check_suite_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_suite_idyes

The unique identifier of the check suite.

check_nameno

Returns check runs with the specified name.

statusno

Returns check runs with the specified status.

filterno

Filters check runs by their completed_at timestamp. latest returns the most recent check runs.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List check suites for a Git reference

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

Lists check suites for a commit ref. The ref can be a SHA, branch name, or a tag name. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to list check suites. OAuth Apps and authenticated users must have the repo scope to get check suites in a private repository.

octokit.rest.checks.listSuitesForRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

app_idno

Filters check suites by GitHub App id.

check_nameno

Returns check runs with the specified name.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Rerequest a check run

Triggers GitHub to rerequest an existing check run, without pushing new code to a repository. This endpoint will trigger the check_run webhook event with the action rerequested. When a check run is rerequested, its status is reset to queued and the conclusion is cleared.

To rerequest a check run, your GitHub App must have the checks:read permission on a private repository or pull access to a public repository.

octokit.rest.checks.rerequestRun({
  owner,
  repo,
  check_run_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

See also: GitHub Developer Guide documentation.

Rerequest a check suite

Triggers GitHub to rerequest an existing check suite, without pushing new code to a repository. This endpoint will trigger the check_suite webhook event with the action rerequested. When a check suite is rerequested, its status is reset to queued and the conclusion is cleared.

To rerequest a check suite, your GitHub App must have the checks:read permission on a private repository or pull access to a public repository.

octokit.rest.checks.rerequestSuite({
  owner,
  repo,
  check_suite_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_suite_idyes

The unique identifier of the check suite.

See also: GitHub Developer Guide documentation.

Update repository preferences for check suites

Changes the default automatic flow when creating check suites. By default, a check suite is automatically created each time code is pushed to a repository. When you disable the automatic creation of check suites, you can manually Create a check suite. You must have admin permissions in the repository to set preferences for check suites.

octokit.rest.checks.setSuitesPreferences({
        owner,
repo,
auto_trigger_checks[].app_id,
auto_trigger_checks[].setting
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

auto_trigger_checksno

Enables or disables automatic creation of CheckSuite events upon pushes to the repository. Enabled by default. See the auto_trigger_checks object description for details.

auto_trigger_checks[].app_idyes

The id of the GitHub App.

auto_trigger_checks[].settingyes

Set to true to enable automatic creation of CheckSuite events upon pushes to the repository, or false to disable them.

See also: GitHub Developer Guide documentation.

Update a check run

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array.

Updates a check run for a specific commit in a repository. Your GitHub App must have the checks:write permission to edit check runs.

octokit.rest.checks.update({
        owner,
repo,
check_run_id,
output.summary,
output.annotations[].path,
output.annotations[].start_line,
output.annotations[].end_line,
output.annotations[].annotation_level,
output.annotations[].message,
output.images[].alt,
output.images[].image_url,
actions[].label,
actions[].description,
actions[].identifier
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

check_run_idyes

The unique identifier of the check run.

nameno

The name of the check. For example, "code-coverage".

details_urlno

The URL of the integrator's site that has the full details of the check.

external_idno

A reference for the run on the integrator's system.

started_atno

This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

statusno

The current status.

conclusionno

Required if you provide completed_at or a status of completed. The final conclusion of the check. Note: Providing conclusion will automatically set the status parameter to completed. You cannot change a check run conclusion to stale, only GitHub can set this.

completed_atno

The time the check completed. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

outputno

Check runs can accept a variety of data in the output object, including a title and summary and can optionally provide descriptive details about the run. See the output object description.

output.titleno

Required.

output.summaryyes

Can contain Markdown.

output.textno

Can contain Markdown.

output.annotationsno

Adds information from your analysis to specific lines of code. Annotations are visible in GitHub's pull request UI. Annotations are visible in GitHub's pull request UI. The Checks API limits the number of annotations to a maximum of 50 per API request. To create more than 50 annotations, you have to make multiple requests to the Update a check run endpoint. Each time you update the check run, annotations are appended to the list of annotations that already exist for the check run. For details about annotations in the UI, see "About status checks". See the annotations object description for details.

output.annotations[].pathyes

The path of the file to add an annotation to. For example, assets/css/main.css.

output.annotations[].start_lineyes

The start line of the annotation.

output.annotations[].end_lineyes

The end line of the annotation.

output.annotations[].start_columnno

The start column of the annotation. Annotations only support start_column and end_column on the same line. Omit this parameter if start_line and end_line have different values.

output.annotations[].end_columnno

The end column of the annotation. Annotations only support start_column and end_column on the same line. Omit this parameter if start_line and end_line have different values.

output.annotations[].annotation_levelyes

The level of the annotation.

output.annotations[].messageyes

A short description of the feedback for these lines of code. The maximum size is 64 KB.

output.annotations[].titleno

The title that represents the annotation. The maximum size is 255 characters.

output.annotations[].raw_detailsno

Details about this annotation. The maximum size is 64 KB.

output.imagesno

Adds images to the output displayed in the GitHub pull request UI. See the images object description for details.

output.images[].altyes

The alternative text for the image.

output.images[].image_urlyes

The full URL of the image.

output.images[].captionno

A short image description.

actionsno

Possible further actions the integrator can perform, which a user may trigger. Each action includes a label, identifier and description. A maximum of three actions are accepted. See the actions object description. To learn more about check runs and requested actions, see "Check runs and requested actions."

actions[].labelyes

The text to be displayed on a button in the web UI. The maximum size is 20 characters.

actions[].descriptionyes

A short explanation of what this action would do. The maximum size is 40 characters.

actions[].identifieryes

A reference for the action on the integrator's system. The maximum size is 20 characters.

See also: GitHub Developer Guide documentation.

Code-Scanning

Delete a code scanning analysis from a repository

Deletes a specified code scanning analysis from a repository. For private repositories, you must use an access token with the repo scope. For public repositories, you must use an access token with public_repo scope. GitHub Apps must have the security_events write permission to use this endpoint.

You can delete one analysis at a time. To delete a series of analyses, start with the most recent analysis and work backwards. Conceptually, the process is similar to the undo function in a text editor.

When you list the analyses for a repository, one or more will be identified as deletable in the response:

"deletable": true

An analysis is deletable when it's the most recent in a set of analyses. Typically, a repository will have multiple sets of analyses for each enabled code scanning tool, where a set is determined by a unique combination of analysis values:

  • ref
  • tool
  • analysis_key
  • environment

If you attempt to delete an analysis that is not the most recent in a set, you'll get a 400 response with the message:

Analysis specified is not deletable.

The response from a successful DELETE operation provides you with two alternative URLs for deleting the next analysis in the set: next_analysis_url and confirm_delete_url. Use the next_analysis_url URL if you want to avoid accidentally deleting the final analysis in a set. This is a useful option if you want to preserve at least one analysis for the specified tool in your repository. Use the confirm_delete_url URL if you are content to remove all analyses for a tool. When you delete the last analysis in a set, the value of next_analysis_url and confirm_delete_url in the 200 response is null.

As an example of the deletion process, let's imagine that you added a workflow that configured a particular code scanning tool to analyze the code in a repository. This tool has added 15 analyses: 10 on the default branch, and another 5 on a topic branch. You therefore have two separate sets of analyses for this tool. You've now decided that you want to remove all of the analyses for the tool. To do this you must make 15 separate deletion requests. To start, you must find an analysis that's identified as deletable. Each set of analyses always has one that's identified as deletable. Having found the deletable analysis for one of the two sets, delete this analysis and then continue deleting the next analysis in the set until they're all deleted. Then repeat the process for the second set. The procedure therefore consists of a nested loop:

Outer loop:

  • List the analyses for the repository, filtered by tool.

  • Parse this list to find a deletable analysis. If found:

    Inner loop:

    • Delete the identified analysis.
    • Parse the response for the value of confirm_delete_url and, if found, use this in the next iteration.

The above process assumes that you want to remove all trace of the tool's analyses from the GitHub user interface, for the specified repository, and it therefore uses the confirm_delete_url value. Alternatively, you could use the next_analysis_url value, which would leave the last analysis in each set undeleted to avoid removing a tool's analysis entirely.

octokit.rest.codeScanning.deleteAnalysis({
  owner,
  repo,
  analysis_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

analysis_idyes

The ID of the analysis, as returned from the GET /repos/{owner}/{repo}/code-scanning/analyses operation.

confirm_deleteno

Allow deletion if the specified analysis is the last in a set. If you attempt to delete the final analysis in a set without setting this parameter to true, you'll get a 400 response with the message: Analysis is last of its type and deletion may result in the loss of historical alert data. Please specify confirm_delete.

See also: GitHub Developer Guide documentation.

Get a code scanning alert

Gets a single code scanning alert. You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

Deprecation notice: The instances field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The same information can now be retrieved via a GET request to the URL specified by instances_url.

octokit.rest.codeScanning.getAlert({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

alert_idno

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

See also: GitHub Developer Guide documentation.

Get a code scanning analysis for a repository

Gets a specified code scanning analysis for a repository. You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

The default JSON response contains fields that describe the analysis. This includes the Git reference and commit SHA to which the analysis relates, the datetime of the analysis, the name of the code scanning tool, and the number of alerts.

The rules_count field in the default response give the number of rules that were run in the analysis. For very old analyses this data is not available, and 0 is returned in this field.

If you use the Accept header application/sarif+json, the response contains the analysis data that was uploaded. This is formatted as SARIF version 2.1.0.

octokit.rest.codeScanning.getAnalysis({
  owner,
  repo,
  analysis_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

analysis_idyes

The ID of the analysis, as returned from the GET /repos/{owner}/{repo}/code-scanning/analyses operation.

See also: GitHub Developer Guide documentation.

Get information about a SARIF upload

Gets information about a SARIF upload, including the status and the URL of the analysis that was uploaded so that you can retrieve details of the analysis. For more information, see "Get a code scanning analysis for a repository." You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

octokit.rest.codeScanning.getSarif({
  owner,
  repo,
  sarif_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

sarif_idyes

The SARIF ID obtained after uploading.

See also: GitHub Developer Guide documentation.

List instances of a code scanning alert

Lists all instances of the specified code scanning alert. You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

octokit.rest.codeScanning.listAlertInstances({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

See also: GitHub Developer Guide documentation.

List code scanning alerts for an organization

Lists all code scanning alerts for the default branch (usually main or master) for all eligible repositories in an organization. To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the security_events read permission to use this endpoint.

octokit.rest.codeScanning.listAlertsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

tool_nameno

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guidno

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

beforeno

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor.

afterno

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

directionno

The direction to sort the results by.

stateno

Set to open, closed, fixed, or dismissed to list code scanning alerts in a specific state.

sortno

The property by which to sort the results.

See also: GitHub Developer Guide documentation.

List code scanning alerts for a repository

Lists all open code scanning alerts for the default branch (usually main or master). You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

The response includes a most_recent_instance object. This provides details of the most recent instance of this alert for the default branch or for the specified Git reference (if you used ref in the request).

octokit.rest.codeScanning.listAlertsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tool_nameno

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guidno

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

directionno

The direction to sort the results by.

sortno

The property by which to sort the results. number is deprecated - we recommend that you use created instead.

stateno

Set to open, closed, fixed, or dismissed` to list code scanning alerts in a specific state.

See also: GitHub Developer Guide documentation.

List instances of a code scanning alert

Deprecated: This method has been renamed to codeScanning.listAlertInstances

Lists all instances of the specified code scanning alert. You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

octokit.rest.codeScanning.listAlertsInstances({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

refno

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

See also: GitHub Developer Guide documentation.

List code scanning analyses for a repository

Lists the details of all code scanning analyses for a repository, starting with the most recent. The response is paginated and you can use the page and per_page parameters to list the analyses you're interested in. By default 30 analyses are listed per page.

The rules_count field in the response give the number of rules that were run in the analysis. For very old analyses this data is not available, and 0 is returned in this field.

You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

Deprecation notice: The tool_name field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the tool field.

octokit.rest.codeScanning.listRecentAnalyses({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tool_nameno

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guidno

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

refno

The Git reference for the analyses you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

sarif_idno

Filter analyses belonging to the same SARIF upload.

See also: GitHub Developer Guide documentation.

Update a code scanning alert

Updates the status of a single code scanning alert. You must use an access token with the security_events scope to use this endpoint with private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have the security_events write permission to use this endpoint.

octokit.rest.codeScanning.updateAlert({
  owner,
  repo,
  alert_number,
  state,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

stateyes

Sets the state of the code scanning alert. You must provide dismissed_reason when you set the state to dismissed.

dismissed_reasonno

Required when the state is dismissed. The reason for dismissing or closing the alert.

dismissed_commentno

The dismissal comment associated with the dismissal of the alert.

See also: GitHub Developer Guide documentation.

Upload an analysis as SARIF data

Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint for private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have the security_events write permission to use this endpoint.

There are two places where you can upload code scanning results.

You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:

gzip -c analysis-data.sarif | base64 -w0

SARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.

The 202 Accepted, response includes an id value. You can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint. For more information, see "Get information about a SARIF upload."

octokit.rest.codeScanning.uploadSarif({
  owner,
  repo,
  commit_sha,
  ref,
  sarif,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

commit_shayes

The SHA of the commit to which the analysis you are uploading relates.

refyes

The full Git reference, formatted as refs/heads/<branch name>, refs/pull/<number>/merge, or refs/pull/<number>/head.

sarifyes

A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using gzip and then translate the contents of the file into a Base64 encoding string. For more information, see "SARIF support for code scanning."

checkout_urino

The base directory used in the analysis, as it appears in the SARIF file. This property is used to convert file paths from absolute to relative, so that alerts can be mapped to their correct location in the repository.

started_atno

The time that the analysis run began. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

tool_nameno

The name of the tool used to generate the code scanning analysis. If this parameter is not used, the tool name defaults to "API". If the uploaded SARIF contains a tool GUID, this will be available for filtering using the tool_guid parameter of operations such as GET /repos/{owner}/{repo}/code-scanning/alerts.

See also: GitHub Developer Guide documentation.

Codes-of-Conduct

Get all codes of conduct

octokit.rest.codesOfConduct.getAllCodesOfConduct();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a code of conduct

octokit.rest.codesOfConduct.getConductCode({
  key,
});

Parameters

namerequireddescription
keyyes

See also: GitHub Developer Guide documentation.

Codespaces

Add a selected repository to a user secret

Adds a repository to the selected repositories for a user's codespace secret. You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. GitHub Apps must have write access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on the referenced repository to use this endpoint.

octokit.rest.codespaces.addRepositoryForSecretForAuthenticatedUser({
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

List machine types for a codespace

List the machine types a codespace can transition to use.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have read access to the codespaces_metadata repository permission to use this endpoint.

octokit.rest.codespaces.codespaceMachinesForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Create a codespace for the authenticated user

Creates a new codespace, owned by the authenticated user.

This endpoint requires either a repository_id OR a pull_request but not both.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.createForAuthenticatedUser({
        repository_id,
pull_request,
pull_request.pull_request_number,
pull_request.repository_id
      })

Parameters

namerequireddescription
repository_idyes

Repository id for this codespace

refno

Git ref (typically a branch name) for this codespace

locationno

Location for this codespace. Assigned by IP if not provided

client_ipno

IP for location auto-detection when proxying a request

machineno

Machine type to use for this codespace

devcontainer_pathno

Path to devcontainer.json config to use for this codespace

multi_repo_permissions_opt_outno

Whether to authorize requested permissions from devcontainer.json

working_directoryno

Working directory for this codespace

idle_timeout_minutesno

Time in minutes before codespace stops from inactivity

display_nameno

Display name for this codespace

retention_period_minutesno

Duration in minutes after codespace has gone idle in which it will be deleted. Must be integer minutes between 0 and 43200 (30 days).

pull_requestyes

Pull request number for this codespace

pull_request.pull_request_numberyes

Pull request number

pull_request.repository_idyes

Repository id for this codespace

See also: GitHub Developer Guide documentation.

Create or update a repository secret

Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the codespaces_secrets repository permission to use this endpoint.

Example of encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example of encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example of encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example of encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.codespaces.createOrUpdateRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Create or update a secret for the authenticated user

Creates or updates a secret for a user's codespace with an encrypted value. Encrypt your secret using LibSodium.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must also have Codespaces access to use this endpoint.

GitHub Apps must have read access to the codespaces_user_secrets user permission and codespaces_secrets repository permission on all referenced repositories to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.codespaces.createOrUpdateSecretForAuthenticatedUser({
  secret_name,
  key_id,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get the public key for the authenticated user endpoint.

key_idyes

ID of the key you used to encrypt the secret.

selected_repository_idsno

An array of repository ids that can access the user secret. You can manage the list of selected repositories using the List selected repositories for a user secret, Set selected repositories for a user secret, and Remove a selected repository from a user secret endpoints.

See also: GitHub Developer Guide documentation.

Create a codespace from a pull request

Creates a codespace owned by the authenticated user for the specified pull request.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.createWithPrForAuthenticatedUser({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

locationno

Location for this codespace. Assigned by IP if not provided

client_ipno

IP for location auto-detection when proxying a request

machineno

Machine type to use for this codespace

devcontainer_pathno

Path to devcontainer.json config to use for this codespace

multi_repo_permissions_opt_outno

Whether to authorize requested permissions from devcontainer.json

working_directoryno

Working directory for this codespace

idle_timeout_minutesno

Time in minutes before codespace stops from inactivity

display_nameno

Display name for this codespace

retention_period_minutesno

Duration in minutes after codespace has gone idle in which it will be deleted. Must be integer minutes between 0 and 43200 (30 days).

See also: GitHub Developer Guide documentation.

Create a codespace in a repository

Creates a codespace owned by the authenticated user in the specified repository.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.createWithRepoForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refno

Git ref (typically a branch name) for this codespace

locationno

Location for this codespace. Assigned by IP if not provided

client_ipno

IP for location auto-detection when proxying a request

machineno

Machine type to use for this codespace

devcontainer_pathno

Path to devcontainer.json config to use for this codespace

multi_repo_permissions_opt_outno

Whether to authorize requested permissions from devcontainer.json

working_directoryno

Working directory for this codespace

idle_timeout_minutesno

Time in minutes before codespace stops from inactivity

display_nameno

Display name for this codespace

retention_period_minutesno

Duration in minutes after codespace has gone idle in which it will be deleted. Must be integer minutes between 0 and 43200 (30 days).

See also: GitHub Developer Guide documentation.

Delete a codespace for the authenticated user

Deletes a user's codespace.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.deleteForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Delete a codespace from the organization

Deletes a user's codespace.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.codespaces.deleteFromOrganization({
  org,
  username,
  codespace_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Delete a repository secret

Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the codespaces_secrets repository permission to use this endpoint.

octokit.rest.codespaces.deleteRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a secret for the authenticated user

Deletes a secret from a user's codespaces using the secret name. Deleting the secret will remove access from all codespaces that were allowed to access the secret.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.

GitHub Apps must have write access to the codespaces_user_secrets user permission to use this endpoint.

octokit.rest.codespaces.deleteSecretForAuthenticatedUser({
  secret_name,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Export a codespace for the authenticated user

Triggers an export of the specified codespace and returns a URL and ID where the status of the export can be monitored.

You must authenticate using a personal access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces_lifecycle_admin repository permission to use this endpoint.

octokit.rest.codespaces.exportForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Get details about a codespace export

Gets information about an export of a codespace.

You must authenticate using a personal access token with the codespace scope to use this endpoint.

GitHub Apps must have read access to the codespaces_lifecycle_admin repository permission to use this endpoint.

octokit.rest.codespaces.getExportDetailsForAuthenticatedUser({
  codespace_name,
  export_id,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

export_idyes

The ID of the export operation, or latest. Currently only latest is currently supported.

See also: GitHub Developer Guide documentation.

Get a codespace for the authenticated user

Gets information about a user's codespace.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have read access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.getForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Get public key for the authenticated user

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.

GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint.

octokit.rest.codespaces.getPublicKeyForAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the codespaces_secrets repository permission to use this endpoint.

octokit.rest.codespaces.getRepoPublicKey({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository secret

Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the codespaces_secrets repository permission to use this endpoint.

octokit.rest.codespaces.getRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get a secret for the authenticated user

Gets a secret available to a user's codespaces without revealing its encrypted value.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.

GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint.

octokit.rest.codespaces.getSecretForAuthenticatedUser({
  secret_name,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

List devcontainer configurations in a repository for the authenticated user

Lists the devcontainer.json files associated with a specified repository and the authenticated user. These files specify launchpoint configurations for codespaces created within the repository.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have read access to the codespaces_metadata repository permission to use this endpoint.

octokit.rest.codespaces.listDevcontainersInRepositoryForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List codespaces for the authenticated user

Lists the authenticated user's codespaces.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have read access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.listForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

repository_idno

ID of the Repository to filter on

See also: GitHub Developer Guide documentation.

List codespaces for the organization

Lists the codespaces associated to a specified organization.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.codespaces.listInOrganization({
  org,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

orgyes

The organization name. The name is not case sensitive.

org_idno

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List codespaces in a repository for the authenticated user

Lists the codespaces associated to a specified repository and the authenticated user.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have read access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.listInRepositoryForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List repository secrets

Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the codespaces_secrets repository permission to use this endpoint.

octokit.rest.codespaces.listRepoSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List selected repositories for a user secret

List the repositories that have been granted the ability to use a user's codespace secret.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.

GitHub Apps must have read access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on all referenced repositories to use this endpoint.

octokit.rest.codespaces.listRepositoriesForSecretForAuthenticatedUser({
  secret_name,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

List secrets for the authenticated user

Lists all secrets available for a user's Codespaces without revealing their encrypted values.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.

GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint.

octokit.rest.codespaces.listSecretsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Remove a selected repository from a user secret

Removes a repository from the selected repositories for a user's codespace secret. You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. GitHub Apps must have write access to the codespaces_user_secrets user permission to use this endpoint.

octokit.rest.codespaces.removeRepositoryForSecretForAuthenticatedUser({
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

List available machine types for a repository

List the machine types available for a given repository based on its configuration.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces_metadata repository permission to use this endpoint.

octokit.rest.codespaces.repoMachinesForAuthenticatedUser({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

locationno

The location to check for available machines. Assigned by IP if not provided.

client_ipno

IP for location auto-detection when proxying a request

See also: GitHub Developer Guide documentation.

Set selected repositories for a user secret

Select the repositories that will use a user's codespace secret.

You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.

GitHub Apps must have write access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on all referenced repositories to use this endpoint.

octokit.rest.codespaces.setRepositoriesForSecretForAuthenticatedUser({
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids for which a codespace can access the secret. You can manage the list of selected repositories using the List selected repositories for a user secret, Add a selected repository to a user secret, and Remove a selected repository from a user secret endpoints.

See also: GitHub Developer Guide documentation.

Start a codespace for the authenticated user

Starts a user's codespace.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces_lifecycle_admin repository permission to use this endpoint.

octokit.rest.codespaces.startForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Stop a codespace for the authenticated user

Stops a user's codespace.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces_lifecycle_admin repository permission to use this endpoint.

octokit.rest.codespaces.stopForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Stop a codespace for an organization user

Stops a user's codespace.

You must authenticate using an access token with the admin:org scope to use this endpoint.

octokit.rest.codespaces.stopInOrganization({
  org,
  username,
  codespace_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

codespace_nameyes

The name of the codespace.

See also: GitHub Developer Guide documentation.

Update a codespace for the authenticated user

Updates a codespace owned by the authenticated user. Currently only the codespace's machine type and recent folders can be modified using this endpoint.

If you specify a new machine type it will be applied the next time your codespace is started.

You must authenticate using an access token with the codespace scope to use this endpoint.

GitHub Apps must have write access to the codespaces repository permission to use this endpoint.

octokit.rest.codespaces.updateForAuthenticatedUser({
  codespace_name,
});

Parameters

namerequireddescription
codespace_nameyes

The name of the codespace.

machineno

A valid machine to transition this codespace to.

display_nameno

Display name for this codespace

recent_foldersno

Recently opened folders inside the codespace. It is currently used by the clients to determine the folder path to load the codespace in.

See also: GitHub Developer Guide documentation.

Dependabot

Add selected repository to an organization secret

Adds a repository to an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.addSelectedRepoToOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Create or update an organization secret

Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.dependabot.createOrUpdateOrgSecret({
  org,
  secret_name,
  visibility,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

visibilityyes

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

selected_repository_idsno

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Create or update a repository secret

Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

Example encrypting a secret using Node.js

Encrypt your secret using the tweetsodium library.

const sodium = require('tweetsodium');

const key = "base64-encoded-public-key";
const value = "plain-text-secret";

// Convert the message and key to Uint8Array's (Buffer implements that interface)
const messageBytes = Buffer.from(value);
const keyBytes = Buffer.from(key, 'base64');

// Encrypt using LibSodium.
const encryptedBytes = sodium.seal(messageBytes, keyBytes);

// Base64 the encrypted secret
const encrypted = Buffer.from(encryptedBytes).toString('base64');

console.log(encrypted);

Example encrypting a secret using Python

Encrypt your secret using pynacl with Python 3.

from base64 import b64encode
from nacl import encoding, public

def encrypt(public_key: str, secret_value: str) -> str:
  """Encrypt a Unicode string using the public key."""
  public_key = public.PublicKey(public_key.encode("utf-8"), encoding.Base64Encoder())
  sealed_box = public.SealedBox(public_key)
  encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
  return b64encode(encrypted).decode("utf-8")

Example encrypting a secret using C#

Encrypt your secret using the Sodium.Core package.

var secretValue = System.Text.Encoding.UTF8.GetBytes("mySecret");
var publicKey = Convert.FromBase64String("2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvvcCU=");

var sealedPublicKeyBox = Sodium.SealedPublicKeyBox.Create(secretValue, publicKey);

Console.WriteLine(Convert.ToBase64String(sealedPublicKeyBox));

Example encrypting a secret using Ruby

Encrypt your secret using the rbnacl gem.

require "rbnacl"
require "base64"

key = Base64.decode64("+ZYvJDZMHUfBkJdyq5Zm9SKqeuBQ4sj+6sfjlH4CgG0=")
public_key = RbNaCl::PublicKey.new(key)

box = RbNaCl::Boxes::Sealed.from_public_key(public_key)
encrypted_secret = box.encrypt("my_secret")

# Print the base64 encoded secret
puts Base64.strict_encode64(encrypted_secret)
octokit.rest.dependabot.createOrUpdateRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

encrypted_valueno

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

key_idno

ID of the key you used to encrypt the secret.

See also: GitHub Developer Guide documentation.

Delete an organization secret

Deletes a secret in an organization using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.deleteOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Delete a repository secret

Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

octokit.rest.dependabot.deleteRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get an organization public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.getOrgPublicKey({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an organization secret

Gets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.getOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

octokit.rest.dependabot.getRepoPublicKey({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository secret

Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

octokit.rest.dependabot.getRepoSecret({
  owner,
  repo,
  secret_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

secret_nameyes

The name of the secret.

See also: GitHub Developer Guide documentation.

List organization secrets

Lists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.listOrgSecrets({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository secrets

Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

octokit.rest.dependabot.listRepoSecrets({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List selected repositories for an organization secret

Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.listSelectedReposForOrgSecret({
  org,
  secret_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

See also: GitHub Developer Guide documentation.

Remove selected repository from an organization secret

Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.removeSelectedRepoFromOrgSecret({
  org,
  secret_name,
  repository_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

repository_idyes

See also: GitHub Developer Guide documentation.

Set selected repositories for an organization secret

Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

octokit.rest.dependabot.setSelectedReposForOrgSecret({
  org,
  secret_name,
  selected_repository_ids,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

secret_nameyes

The name of the secret.

selected_repository_idsyes

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Set selected repositories for an organization secret and Remove selected repository from an organization secret endpoints.

See also: GitHub Developer Guide documentation.

Dependency-Graph

Create a snapshot of dependencies for a repository

Create a new snapshot of a repository's dependencies. You must authenticate using an access token with the repo scope to use this endpoint for a repository that the requesting user has access to.

octokit.rest.dependencyGraph.createRepositorySnapshot({
        owner,
repo,
version,
job,
job.id,
job.correlator,
sha,
ref,
detector,
detector.name,
detector.version,
detector.url,
manifests.*.name,
scanned
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

versionyes

The version of the repository snapshot submission.

jobyes
job.idyes

The external ID of the job.

job.correlatoryes

Correlator provides a key that is used to group snapshots submitted over time. Only the "latest" submitted snapshot for a given combination of job.correlator and detector.name will be considered when calculating a repository's current dependencies. Correlator should be as unique as it takes to distinguish all detection runs for a given "wave" of CI workflow you run. If you're using GitHub Actions, a good default value for this could be the environment variables GITHUB_WORKFLOW and GITHUB_JOB concatenated together. If you're using a build matrix, then you'll also need to add additional key(s) to distinguish between each submission inside a matrix variation.

job.html_urlno

The url for the job.

shayes

The commit SHA associated with this dependency snapshot.

refyes

The repository branch that triggered this snapshot.

detectoryes

A description of the detector used.

detector.nameyes

The name of the detector used.

detector.versionyes

The version of the detector used.

detector.urlyes

The url of the detector used.

metadatano

User-defined metadata to store domain-specific information limited to 8 keys with scalar values.

metadata.*no
manifestsno

A collection of package manifests

manifests.*no

A collection of related dependencies declared in a file or representing a logical group of dependencies.

manifests.*.nameyes

The name of the manifest.

manifests.*.fileno
manifests.*.file.source_locationno

The path of the manifest file relative to the root of the Git repository.

manifests.*.metadatano

User-defined metadata to store domain-specific information limited to 8 keys with scalar values.

manifests.*.metadata.*no
manifests.*.resolvedno
scannedyes

The time at which the snapshot was scanned.

See also: GitHub Developer Guide documentation.

Get a diff of the dependencies between commits

Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits.

octokit.rest.dependencyGraph.diffRange({
  owner,
  repo,
  basehead,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

baseheadyes

The base and head Git revisions to compare. The Git revisions will be resolved to commit SHAs. Named revisions will be resolved to their corresponding HEAD commits, and an appropriate merge base will be determined. This parameter expects the format {base}...{head}.

nameno

The full path, relative to the repository root, of the dependency manifest file.

See also: GitHub Developer Guide documentation.

Emojis

Get emojis

Lists all the emojis available to use on GitHub.

octokit.rest.emojis.get();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Enterprise-Admin

Add custom labels to a self-hosted runner for an enterprise

Add custom labels to a self-hosted runner configured in an enterprise.

You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.addCustomLabelsToSelfHostedRunnerForEnterprise({
  enterprise,
  runner_id,
  labels,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to add to the runner.

See also: GitHub Developer Guide documentation.

Disable a selected organization for GitHub Actions in an enterprise

Removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.disableSelectedOrganizationGithubActionsEnterprise(
  {
    enterprise,
    org_id,
  }
);

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

org_idyes

The unique identifier of the organization.

See also: GitHub Developer Guide documentation.

Enable a selected organization for GitHub Actions in an enterprise

Adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.enableSelectedOrganizationGithubActionsEnterprise({
  enterprise,
  org_id,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

org_idyes

The unique identifier of the organization.

See also: GitHub Developer Guide documentation.

Get allowed actions and reusable workflows for an enterprise

Gets the selected actions and reusable workflows that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.getAllowedActionsEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

See also: GitHub Developer Guide documentation.

Get GitHub Actions permissions for an enterprise

Gets the GitHub Actions permissions policy for organizations and allowed actions and reusable workflows in an enterprise.

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.getGithubActionsPermissionsEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

See also: GitHub Developer Guide documentation.

Get GitHub Enterprise Server statistics

Returns aggregate usage metrics for your GitHub Enterprise Server 3.5+ instance for a specified time period up to 365 days.

To use this endpoint, your GitHub Enterprise Server instance must be connected to GitHub Enterprise Cloud using GitHub Connect. You must enable Server Statistics, and for the API request provide your enterprise account name or organization name connected to the GitHub Enterprise Server. For more information, see "Enabling Server Statistics for your enterprise" in the GitHub Enterprise Server documentation.

You'll need to use a personal access token:

  • If you connected your GitHub Enterprise Server to an enterprise account and enabled Server Statistics, you'll need a personal access token with the read:enterprise permission.
  • If you connected your GitHub Enterprise Server to an organization account and enabled Server Statistics, you'll need a personal access token with the read:org permission.

For more information on creating a personal access token, see "Creating a personal access token."

octokit.rest.enterpriseAdmin.getServerStatistics({
  enterprise_or_org,
});

Parameters

namerequireddescription
enterprise_or_orgyes

The slug version of the enterprise name or the login of an organization.

date_startno

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor.

date_endno

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor.

See also: GitHub Developer Guide documentation.

List labels for a self-hosted runner for an enterprise

Lists all labels for a self-hosted runner configured in an enterprise.

You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.listLabelsForSelfHostedRunnerForEnterprise({
  enterprise,
  runner_id,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

List selected organizations enabled for GitHub Actions in an enterprise

Lists the organizations that are selected to have GitHub Actions enabled in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.listSelectedOrganizationsEnabledGithubActionsEnterprise(
  {
    enterprise,
  }
);

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Remove all custom labels from a self-hosted runner for an enterprise

Remove all custom labels from a self-hosted runner configured in an enterprise. Returns the remaining read-only labels from the runner.

You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.removeAllCustomLabelsFromSelfHostedRunnerForEnterprise(
  {
    enterprise,
    runner_id,
  }
);

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

runner_idyes

Unique identifier of the self-hosted runner.

See also: GitHub Developer Guide documentation.

Remove a custom label from a self-hosted runner for an enterprise

Remove a custom label from a self-hosted runner configured in an enterprise. Returns the remaining labels from the runner.

This endpoint returns a 404 Not Found status if the custom label is not present on the runner.

You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.removeCustomLabelFromSelfHostedRunnerForEnterprise(
  {
    enterprise,
    runner_id,
    name,
  }
);

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

runner_idyes

Unique identifier of the self-hosted runner.

nameyes

The name of a self-hosted runner's custom label.

See also: GitHub Developer Guide documentation.

Set allowed actions and reusable workflows for an enterprise

Sets the actions and reusable workflows that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.setAllowedActionsEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

github_owned_allowedno

Whether GitHub-owned actions are allowed. For example, this includes the actions in the actions organization.

verified_allowedno

Whether actions from GitHub Marketplace verified creators are allowed. Set to true to allow all actions by GitHub Marketplace verified creators.

patterns_allowedno

Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, monalisa/octocat@*, monalisa/octocat@v2, monalisa/*."

See also: GitHub Developer Guide documentation.

Set custom labels for a self-hosted runner for an enterprise

Remove all previous custom labels and set the new custom labels for a specific self-hosted runner configured in an enterprise.

You must authenticate using an access token with the manage_runners:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.setCustomLabelsForSelfHostedRunnerForEnterprise({
  enterprise,
  runner_id,
  labels,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

runner_idyes

Unique identifier of the self-hosted runner.

labelsyes

The names of the custom labels to set for the runner. You can pass an empty array to remove all custom labels.

See also: GitHub Developer Guide documentation.

Set GitHub Actions permissions for an enterprise

Sets the GitHub Actions permissions policy for organizations and allowed actions and reusable workflows in an enterprise.

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.setGithubActionsPermissionsEnterprise({
  enterprise,
  enabled_organizations,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

enabled_organizationsyes

The policy that controls the organizations in the enterprise that are allowed to run GitHub Actions.

allowed_actionsno

The permissions policy that controls the actions and reusable workflows that are allowed to run.

See also: GitHub Developer Guide documentation.

Set selected organizations enabled for GitHub Actions in an enterprise

Replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see "Set GitHub Actions permissions for an enterprise."

You must authenticate using an access token with the admin:enterprise scope to use this endpoint.

octokit.rest.enterpriseAdmin.setSelectedOrganizationsEnabledGithubActionsEnterprise(
  {
    enterprise,
    selected_organization_ids,
  }
);

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

selected_organization_idsyes

List of organization IDs to enable for GitHub Actions.

See also: GitHub Developer Guide documentation.

Gists

Check if a gist is starred

octokit.rest.gists.checkIsStarred({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Create a gist

Allows you to add a new gist with one or more files.

Note: Don't name your files "gistfile" with a numerical suffix. This is the format of the automatic naming scheme that Gist uses internally.

octokit.rest.gists.create({
        files,
files.*.content
      })

Parameters

namerequireddescription
descriptionno

Description of the gist

filesyes

Names and content for the files that make up the gist

files.*no
files.*.contentyes

Content of the file

publicno

See also: GitHub Developer Guide documentation.

Create a gist comment

octokit.rest.gists.createComment({
  gist_id,
  body,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

bodyyes

The comment text.

See also: GitHub Developer Guide documentation.

Delete a gist

octokit.rest.gists.delete({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Delete a gist comment

octokit.rest.gists.deleteComment({
  gist_id,
  comment_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Fork a gist

Note: This was previously /gists/:gist_id/fork.

octokit.rest.gists.fork({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Get a gist

octokit.rest.gists.get({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Get a gist comment

octokit.rest.gists.getComment({
  gist_id,
  comment_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Get a gist revision

octokit.rest.gists.getRevision({
  gist_id,
  sha,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

shayes

See also: GitHub Developer Guide documentation.

List gists for the authenticated user

Lists the authenticated user's gists or if called anonymously, this endpoint returns all public gists:

octokit.rest.gists.list();

Parameters

namerequireddescription
sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List gist comments

octokit.rest.gists.listComments({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List gist commits

octokit.rest.gists.listCommits({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List gists for a user

Lists public gists for the specified user:

octokit.rest.gists.listForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List gist forks

octokit.rest.gists.listForks({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public gists

List public gists sorted by most recently updated to least recently updated.

Note: With pagination, you can fetch up to 3000 gists. For example, you can fetch 100 pages with 30 gists per page or 30 pages with 100 gists per page.

octokit.rest.gists.listPublic();

Parameters

namerequireddescription
sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List starred gists

List the authenticated user's starred gists:

octokit.rest.gists.listStarred();

Parameters

namerequireddescription
sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Star a gist

Note that you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

octokit.rest.gists.star({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Unstar a gist

octokit.rest.gists.unstar({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

See also: GitHub Developer Guide documentation.

Update a gist

Allows you to update or delete a gist file and rename gist files. Files from the previous version of the gist that aren't explicitly changed during an edit are unchanged.

octokit.rest.gists.update({
  gist_id,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

descriptionno

Description of the gist

filesno

Names of files to be updated

files.*no
files.*.contentno

The new content of the file

files.*.filenameno

The new filename for the file

See also: GitHub Developer Guide documentation.

Update a gist comment

octokit.rest.gists.updateComment({
  gist_id,
  comment_id,
  body,
});

Parameters

namerequireddescription
gist_idyes

The unique identifier of the gist.

comment_idyes

The unique identifier of the comment.

bodyyes

The comment text.

See also: GitHub Developer Guide documentation.

Git

Create a blob

octokit.rest.git.createBlob({
  owner,
  repo,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

contentyes

The new blob's content.

encodingno

The encoding used for content. Currently, "utf-8" and "base64" are supported.

See also: GitHub Developer Guide documentation.

Create a commit

Creates a new Git commit object.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in the table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.createCommit({
        owner,
repo,
message,
tree,
author.name,
author.email
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

messageyes

The commit message

treeyes

The SHA of the tree object this commit points to

parentsno

The SHAs of the commits that were the parents of this commit. If omitted or empty, the commit will be written as a root commit. For a single parent, an array of one SHA should be provided; for a merge commit, an array of more than one should be provided.

authorno

Information about the author of the commit. By default, the author will be the authenticated user and the current date. See the author and committer object below for details.

author.nameyes

The name of the author (or committer) of the commit

author.emailyes

The email of the author (or committer) of the commit

author.dateno

Indicates when this commit was authored (or committed). This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

committerno

Information about the person who is making the commit. By default, committer will use the information set in author. See the author and committer object below for details.

committer.nameno

The name of the author (or committer) of the commit

committer.emailno

The email of the author (or committer) of the commit

committer.dateno

Indicates when this commit was authored (or committed). This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

signatureno

The PGP signature of the commit. GitHub adds the signature to the gpgsig header of the created commit. For a commit signature to be verifiable by Git or GitHub, it must be an ASCII-armored detached PGP signature over the string commit as it would be written to the object database. To pass a signature parameter, you need to first manually create a valid PGP signature, which can be complicated. You may find it easier to use the command line to create signed commits.

See also: GitHub Developer Guide documentation.

Create a reference

Creates a reference for your repository. You are unable to create new references for empty repositories, even if the commit SHA-1 hash used exists. Empty repositories are repositories without branches.

octokit.rest.git.createRef({
  owner,
  repo,
  ref,
  sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

The name of the fully qualified reference (ie: refs/heads/master). If it doesn't start with 'refs' and have at least two slashes, it will be rejected.

shayes

The SHA1 value for this reference.

keyno

See also: GitHub Developer Guide documentation.

Create a tag object

Note that creating a tag object does not create the reference that makes a tag in Git. If you want to create an annotated tag in Git, you have to do this call to create the tag object, and then create the refs/tags/[tag] reference. If you want to create a lightweight tag, you only have to create the tag reference - this call would be unnecessary.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.createTag({
        owner,
repo,
tag,
message,
object,
type,
tagger.name,
tagger.email
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tagyes

The tag's name. This is typically a version (e.g., "v0.0.1").

messageyes

The tag message.

objectyes

The SHA of the git object this is tagging.

typeyes

The type of the object we're tagging. Normally this is a commit but it can also be a tree or a blob.

taggerno

An object with information about the individual creating the tag.

tagger.nameyes

The name of the author of the tag

tagger.emailyes

The email of the author of the tag

tagger.dateno

When this object was tagged. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

See also: GitHub Developer Guide documentation.

Create a tree

The tree creation API accepts nested entries. If you specify both a tree and a nested path modifying that tree, this endpoint will overwrite the contents of the tree with the new path contents, and create a new tree structure.

If you use this endpoint to add, delete, or modify the file contents in a tree, you will need to commit the tree and then update a branch to point to the commit. For more information see "Create a commit" and "Update a reference."

octokit.rest.git.createTree({
  owner,
  repo,
  tree,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

treeyes

Objects (of path, mode, type, and sha) specifying a tree structure.

tree[].pathno

The file referenced in the tree.

tree[].modeno

The file mode; one of 100644 for file (blob), 100755 for executable (blob), 040000 for subdirectory (tree), 160000 for submodule (commit), or 120000 for a blob that specifies the path of a symlink.

tree[].typeno

Either blob, tree, or commit.

tree[].shano

The SHA1 checksum ID of the object in the tree. Also called tree.sha. If the value is null then the file will be deleted.

Note: Use either tree.sha or content to specify the contents of the entry. Using both tree.sha and content will return an error.

tree[].contentno

The content you want this file to have. GitHub will write this blob out and use that SHA for this entry. Use either this, or tree.sha.

Note: Use either tree.sha or content to specify the contents of the entry. Using both tree.sha and content will return an error.

base_treeno

The SHA1 of an existing Git tree object which will be used as the base for the new tree. If provided, a new Git tree object will be created from entries in the Git tree object pointed to by base_tree and entries defined in the tree parameter. Entries defined in the tree parameter will overwrite items from base_tree with the same path. If you're creating new changes on a branch, then normally you'd set base_tree to the SHA1 of the Git tree object of the current latest commit on the branch you're working on. If not provided, GitHub will create a new Git tree object from only the entries defined in the tree parameter. If you create a new commit pointing to such a tree, then all files which were a part of the parent commit's tree and were not defined in the tree parameter will be listed as deleted by the new commit.

See also: GitHub Developer Guide documentation.

Delete a reference

octokit.rest.git.deleteRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

See also: GitHub Developer Guide documentation.

Get a blob

The content in the response will always be Base64 encoded.

Note: This API supports blobs up to 100 megabytes in size.

octokit.rest.git.getBlob({
  owner,
  repo,
  file_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

file_shayes

See also: GitHub Developer Guide documentation.

Get a commit

Gets a Git commit object.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in the table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.getCommit({
  owner,
  repo,
  commit_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

commit_shayes

The SHA of the commit.

See also: GitHub Developer Guide documentation.

Get a reference

Returns a single reference from your Git database. The :ref in the URL must be formatted as heads/<branch name> for branches and tags/<tag name> for tags. If the :ref doesn't match an existing ref, a 404 is returned.

Note: You need to explicitly request a pull request to trigger a test merge commit, which checks the mergeability of pull requests. For more information, see "Checking mergeability of pull requests".

octokit.rest.git.getRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

See also: GitHub Developer Guide documentation.

Get a tag

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.git.getTag({
  owner,
  repo,
  tag_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tag_shayes

See also: GitHub Developer Guide documentation.

Get a tree

Returns a single tree using the SHA1 value for that tree.

If truncated is true in the response then the number of items in the tree array exceeded our maximum limit. If you need to fetch more items, use the non-recursive method of fetching trees, and fetch one sub-tree at a time.

octokit.rest.git.getTree({
  owner,
  repo,
  tree_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tree_shayes
recursiveno

Setting this parameter to any value returns the objects or subtrees referenced by the tree specified in :tree_sha. For example, setting recursive to any of the following will enable returning objects or subtrees: 0, 1, "true", and "false". Omit this parameter to prevent recursively returning objects or subtrees.

See also: GitHub Developer Guide documentation.

List matching references

Returns an array of references from your Git database that match the supplied name. The :ref in the URL must be formatted as heads/<branch name> for branches and tags/<tag name> for tags. If the :ref doesn't exist in the repository, but existing refs start with :ref, they will be returned as an array.

When you use this endpoint without providing a :ref, it will return an array of all the references from your Git database, including notes and stashes if they exist on the server. Anything in the namespace is returned, not just heads and tags.

Note: You need to explicitly request a pull request to trigger a test merge commit, which checks the mergeability of pull requests. For more information, see "Checking mergeability of pull requests".

If you request matching references for a branch named feature but the branch feature doesn't exist, the response can still include other matching head refs that start with the word feature, such as featureA and featureB.

octokit.rest.git.listMatchingRefs({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Update a reference

octokit.rest.git.updateRef({
  owner,
  repo,
  ref,
  sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

shayes

The SHA1 value to set this reference to

forceno

Indicates whether to force the update or to make sure the update is a fast-forward update. Leaving this out or setting it to false will make sure you're not overwriting work.

See also: GitHub Developer Guide documentation.

Gitignore

Get all gitignore templates

List all templates available to pass as an option when creating a repository.

octokit.rest.gitignore.getAllTemplates();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a gitignore template

The API also allows fetching the source of a single template. Use the raw media type to get the raw contents.

octokit.rest.gitignore.getTemplate({
  name,
});

Parameters

namerequireddescription
nameyes

See also: GitHub Developer Guide documentation.

Interactions

Get interaction restrictions for your public repositories

Shows which type of GitHub user can interact with your public repositories and when the restriction expires.

octokit.rest.interactions.getRestrictionsForAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get interaction restrictions for an organization

Shows which type of GitHub user can interact with this organization and when the restriction expires. If there is no restrictions, you will see an empty response.

octokit.rest.interactions.getRestrictionsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get interaction restrictions for a repository

Shows which type of GitHub user can interact with this repository and when the restriction expires. If there are no restrictions, you will see an empty response.

octokit.rest.interactions.getRestrictionsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get interaction restrictions for your public repositories

Deprecated: This method has been renamed to interactions.getRestrictionsForAuthenticatedUser

Shows which type of GitHub user can interact with your public repositories and when the restriction expires.

octokit.rest.interactions.getRestrictionsForYourPublicRepos();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Remove interaction restrictions from your public repositories

Removes any interaction restrictions from your public repositories.

octokit.rest.interactions.removeRestrictionsForAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Remove interaction restrictions for an organization

Removes all interaction restrictions from public repositories in the given organization. You must be an organization owner to remove restrictions.

octokit.rest.interactions.removeRestrictionsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Remove interaction restrictions for a repository

Removes all interaction restrictions from the given repository. You must have owner or admin access to remove restrictions. If the interaction limit is set for the user or organization that owns this repository, you will receive a 409 Conflict response and will not be able to use this endpoint to change the interaction limit for a single repository.

octokit.rest.interactions.removeRestrictionsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Remove interaction restrictions from your public repositories

Deprecated: This method has been renamed to interactions.removeRestrictionsForAuthenticatedUser

Removes any interaction restrictions from your public repositories.

octokit.rest.interactions.removeRestrictionsForYourPublicRepos();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Set interaction restrictions for your public repositories

Temporarily restricts which type of GitHub user can interact with your public repositories. Setting the interaction limit at the user level will overwrite any interaction limits that are set for individual repositories owned by the user.

octokit.rest.interactions.setRestrictionsForAuthenticatedUser({
  limit,
});

Parameters

namerequireddescription
limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Set interaction restrictions for an organization

Temporarily restricts interactions to a certain type of GitHub user in any public repository in the given organization. You must be an organization owner to set these restrictions. Setting the interaction limit at the organization level will overwrite any interaction limits that are set for individual repositories owned by the organization.

octokit.rest.interactions.setRestrictionsForOrg({
  org,
  limit,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Set interaction restrictions for a repository

Temporarily restricts interactions to a certain type of GitHub user within the given repository. You must have owner or admin access to set these restrictions. If an interaction limit is set for the user or organization that owns this repository, you will receive a 409 Conflict response and will not be able to use this endpoint to change the interaction limit for a single repository.

octokit.rest.interactions.setRestrictionsForRepo({
  owner,
  repo,
  limit,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Set interaction restrictions for your public repositories

Deprecated: This method has been renamed to interactions.setRestrictionsForAuthenticatedUser

Temporarily restricts which type of GitHub user can interact with your public repositories. Setting the interaction limit at the user level will overwrite any interaction limits that are set for individual repositories owned by the user.

octokit.rest.interactions.setRestrictionsForYourPublicRepos({
  limit,
});

Parameters

namerequireddescription
limityes

The type of GitHub user that can comment, open issues, or create pull requests while the interaction limit is in effect.

expiryno

The duration of the interaction restriction. Default: one_day.

See also: GitHub Developer Guide documentation.

Issues

Add assignees to an issue

Adds up to 10 assignees to an issue. Users already assigned to an issue are not replaced.

octokit.rest.issues.addAssignees({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

assigneesno

Usernames of people to assign this issue to. NOTE: Only users with push access can add assignees to an issue. Assignees are silently ignored otherwise.

See also: GitHub Developer Guide documentation.

Add labels to an issue

octokit.rest.issues.addLabels({
        owner,
repo,
issue_number,
labels[].name
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

labelsno
labels[].nameyes

See also: GitHub Developer Guide documentation.

Check if a user can be assigned

Checks if a user has permission to be assigned to an issue in this repository.

If the assignee can be assigned to issues in the repository, a 204 header with no content is returned.

Otherwise a 404 status code is returned.

octokit.rest.issues.checkUserCanBeAssigned({
  owner,
  repo,
  assignee,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

assigneeyes

See also: GitHub Developer Guide documentation.

Create an issue

Any user with pull access to a repository can create an issue. If issues are disabled in the repository, the API returns a 410 Gone status.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.issues.create({
  owner,
  repo,
  title,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

titleyes

The title of the issue.

bodyno

The contents of the issue.

assigneeno

Login for the user that this issue should be assigned to. NOTE: Only users with push access can set the assignee for new issues. The assignee is silently dropped otherwise. This field is deprecated.

milestoneno
labelsno

Labels to associate with this issue. NOTE: Only users with push access can set labels for new issues. Labels are silently dropped otherwise.

assigneesno

Logins for Users to assign to this issue. NOTE: Only users with push access can set assignees for new issues. Assignees are silently dropped otherwise.

See also: GitHub Developer Guide documentation.

Create an issue comment

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.issues.createComment({
  owner,
  repo,
  issue_number,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

bodyyes

The contents of the comment.

See also: GitHub Developer Guide documentation.

Create a label

octokit.rest.issues.createLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameyes

The name of the label. Emoji can be added to label names, using either native emoji or colon-style markup. For example, typing :strawberry: will render the emoji :strawberry:. For a full list of available emoji and codes, see "Emoji cheat sheet."

colorno

The hexadecimal color code for the label, without the leading #.

descriptionno

A short description of the label. Must be 100 characters or fewer.

See also: GitHub Developer Guide documentation.

Create a milestone

octokit.rest.issues.createMilestone({
  owner,
  repo,
  title,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

titleyes

The title of the milestone.

stateno

The state of the milestone. Either open or closed.

descriptionno

A description of the milestone.

due_onno

The milestone due date. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

See also: GitHub Developer Guide documentation.

Delete an issue comment

octokit.rest.issues.deleteComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Delete a label

octokit.rest.issues.deleteLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameyes

See also: GitHub Developer Guide documentation.

Delete a milestone

octokit.rest.issues.deleteMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

See also: GitHub Developer Guide documentation.

Get an issue

The API returns a 301 Moved Permanently status if the issue was transferred to another repository. If the issue was transferred to or deleted from a repository where the authenticated user lacks read access, the API returns a 404 Not Found status. If the issue was deleted from a repository where the authenticated user has read access, the API returns a 410 Gone status. To receive webhook events for transferred and deleted issues, subscribe to the issues webhook.

Note: GitHub's REST API v3 considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

octokit.rest.issues.get({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

See also: GitHub Developer Guide documentation.

Get an issue comment

octokit.rest.issues.getComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Get an issue event

octokit.rest.issues.getEvent({
  owner,
  repo,
  event_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

event_idyes

See also: GitHub Developer Guide documentation.

Get a label

octokit.rest.issues.getLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameyes

See also: GitHub Developer Guide documentation.

Get a milestone

octokit.rest.issues.getMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

See also: GitHub Developer Guide documentation.

List issues assigned to the authenticated user

List issues assigned to the authenticated user across all visible repositories including owned repositories, member repositories, and organization repositories. You can use the filter query parameter to fetch issues that are not necessarily assigned to you.

Note: GitHub's REST API v3 considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

octokit.rest.issues.list();

Parameters

namerequireddescription
filterno

Indicates which sorts of issues to return. assigned means issues assigned to you. created means issues created by you. mentioned means issues mentioning you. subscribed means issues you're subscribed to updates for. all or repos means all issues you can see, regardless of participation or creation.

stateno

Indicates the state of the issues to return. Can be either open, closed, or all.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by. Can be either created, updated, comments.

directionno

The direction to sort the results by.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

collabno
orgsno
ownedno
pullsno
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List assignees

Lists the available assignees for issues in a repository.

octokit.rest.issues.listAssignees({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List issue comments

Issue Comments are ordered by ascending ID.

octokit.rest.issues.listComments({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List issue comments for a repository

By default, Issue Comments are ordered by ascending ID.

octokit.rest.issues.listCommentsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

Either asc or desc. Ignored without the sort parameter.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List issue events

octokit.rest.issues.listEvents({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List issue events for a repository

octokit.rest.issues.listEventsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List timeline events for an issue

octokit.rest.issues.listEventsForTimeline({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List user account issues assigned to the authenticated user

List issues across owned and member repositories assigned to the authenticated user.

Note: GitHub's REST API v3 considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

octokit.rest.issues.listForAuthenticatedUser();

Parameters

namerequireddescription
filterno

Indicates which sorts of issues to return. assigned means issues assigned to you. created means issues created by you. mentioned means issues mentioning you. subscribed means issues you're subscribed to updates for. all or repos means all issues you can see, regardless of participation or creation.

stateno

Indicates the state of the issues to return. Can be either open, closed, or all.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by. Can be either created, updated, comments.

directionno

The direction to sort the results by.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization issues assigned to the authenticated user

List issues in an organization assigned to the authenticated user.

Note: GitHub's REST API v3 considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

octokit.rest.issues.listForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

filterno

Indicates which sorts of issues to return. assigned means issues assigned to you. created means issues created by you. mentioned means issues mentioning you. subscribed means issues you're subscribed to updates for. all or repos means all issues you can see, regardless of participation or creation.

stateno

Indicates the state of the issues to return. Can be either open, closed, or all.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by. Can be either created, updated, comments.

directionno

The direction to sort the results by.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository issues

List issues in a repository.

Note: GitHub's REST API v3 considers every pull request an issue, but not every issue is a pull request. For this reason, "Issues" endpoints may return both issues and pull requests in the response. You can identify pull requests by the pull_request key. Be aware that the id of a pull request returned from "Issues" endpoints will be an issue id. To find out the pull request id, use the "List pull requests" endpoint.

octokit.rest.issues.listForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

milestoneno

If an integer is passed, it should refer to a milestone by its number field. If the string * is passed, issues with any milestone are accepted. If the string none is passed, issues without milestones are returned.

stateno

Indicates the state of the issues to return. Can be either open, closed, or all.

assigneeno

Can be the name of a user. Pass in none for issues with no assigned user, and * for issues assigned to any user.

creatorno

The user that created the issue.

mentionedno

A user that's mentioned in the issue.

labelsno

A list of comma separated label names. Example: bug,ui,@high

sortno

What to sort results by. Can be either created, updated, comments.

directionno

The direction to sort the results by.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List labels for issues in a milestone

octokit.rest.issues.listLabelsForMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List labels for a repository

octokit.rest.issues.listLabelsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List labels for an issue

octokit.rest.issues.listLabelsOnIssue({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List milestones

octokit.rest.issues.listMilestones({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

stateno

The state of the milestone. Either open, closed, or all.

sortno

What to sort results by. Either due_on or completeness.

directionno

The direction of the sort. Either asc or desc.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Lock an issue

Users with push access can lock an issue or pull request's conversation.

Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

octokit.rest.issues.lock({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

lock_reasonno

The reason for locking the issue or pull request conversation. Lock will fail if you don't use one of these reasons:
* off-topic
* too heated
* resolved
* spam

See also: GitHub Developer Guide documentation.

Remove all labels from an issue

octokit.rest.issues.removeAllLabels({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

See also: GitHub Developer Guide documentation.

Remove assignees from an issue

Removes one or more assignees from an issue.

octokit.rest.issues.removeAssignees({
  owner,
  repo,
  issue_number,
  assignees,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

assigneesyes

Usernames of assignees to remove from an issue. NOTE: Only users with push access can remove assignees from an issue. Assignees are silently ignored otherwise.

See also: GitHub Developer Guide documentation.

Remove a label from an issue

Removes the specified label from the issue, and returns the remaining labels on the issue. This endpoint returns a 404 Not Found status if the label does not exist.

octokit.rest.issues.removeLabel({
  owner,
  repo,
  issue_number,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

nameyes

See also: GitHub Developer Guide documentation.

Set labels for an issue

Removes any previous labels and sets the new labels for an issue.

octokit.rest.issues.setLabels({
        owner,
repo,
issue_number,
labels[].name
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

labelsno
labels[].nameyes

See also: GitHub Developer Guide documentation.

Unlock an issue

Users with push access can unlock an issue's conversation.

octokit.rest.issues.unlock({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

See also: GitHub Developer Guide documentation.

Update an issue

Issue owners and users with push access can edit an issue.

octokit.rest.issues.update({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

titleno

The title of the issue.

bodyno

The contents of the issue.

assigneeno

Login for the user that this issue should be assigned to. This field is deprecated.

stateno

State of the issue. Either open or closed.

milestoneno
labelsno

Labels to associate with this issue. Pass one or more Labels to replace the set of Labels on this Issue. Send an empty array ([]) to clear all Labels from the Issue. NOTE: Only users with push access can set labels for issues. Labels are silently dropped otherwise.

assigneesno

Logins for Users to assign to this issue. Pass one or more user logins to replace the set of assignees on this Issue. Send an empty array ([]) to clear all assignees from the Issue. NOTE: Only users with push access can set assignees for new issues. Assignees are silently dropped otherwise.

See also: GitHub Developer Guide documentation.

Update an issue comment

octokit.rest.issues.updateComment({
  owner,
  repo,
  comment_id,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

bodyyes

The contents of the comment.

See also: GitHub Developer Guide documentation.

Update a label

octokit.rest.issues.updateLabel({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameyes
new_nameno

The new name of the label. Emoji can be added to label names, using either native emoji or colon-style markup. For example, typing :strawberry: will render the emoji :strawberry:. For a full list of available emoji and codes, see "Emoji cheat sheet."

colorno

The hexadecimal color code for the label, without the leading #.

descriptionno

A short description of the label. Must be 100 characters or fewer.

See also: GitHub Developer Guide documentation.

Update a milestone

octokit.rest.issues.updateMilestone({
  owner,
  repo,
  milestone_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

milestone_numberyes

The number that identifies the milestone.

titleno

The title of the milestone.

stateno

The state of the milestone. Either open or closed.

descriptionno

A description of the milestone.

due_onno

The milestone due date. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

See also: GitHub Developer Guide documentation.

Licenses

Get a license

octokit.rest.licenses.get({
  license,
});

Parameters

namerequireddescription
licenseyes

See also: GitHub Developer Guide documentation.

Get all commonly used licenses

octokit.rest.licenses.getAllCommonlyUsed();

Parameters

namerequireddescription
featuredno
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Get the license for a repository

This method returns the contents of the repository's license file, if one is detected.

Similar to Get repository content, this method also supports custom media types for retrieving the raw license content or rendered license HTML.

octokit.rest.licenses.getForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Markdown

Render a Markdown document

octokit.rest.markdown.render({
  text,
});

Parameters

namerequireddescription
textyes

The Markdown text to render in HTML.

modeno

The rendering mode. Can be either markdown or gfm.

contextno

The repository context to use when creating references in gfm mode. For example, setting context to octo-org/octo-repo will change the text #42 into an HTML link to issue 42 in the octo-org/octo-repo repository.

See also: GitHub Developer Guide documentation.

Render a Markdown document in raw mode

You must send Markdown as plain text (using a Content-Type header of text/plain or text/x-markdown) to this endpoint, rather than using JSON format. In raw mode, GitHub Flavored Markdown is not supported and Markdown will be rendered in plain format like a README.md file. Markdown content must be 400 KB or less.

octokit.rest.markdown.renderRaw({
  data,
});

Parameters

namerequireddescription
datayes

raw markdown text

See also: GitHub Developer Guide documentation.

Meta

Get GitHub meta information

Returns meta information about GitHub, including a list of GitHub's IP addresses. For more information, see "About GitHub's IP addresses."

Note: The IP addresses shown in the documentation's response are only example values. You must always query the API directly to get the latest list of IP addresses.

octokit.rest.meta.get();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get Octocat

Get the octocat as ASCII art

octokit.rest.meta.getOctocat();

Parameters

namerequireddescription
sno

The words to show in Octocat's speech bubble

See also: GitHub Developer Guide documentation.

Get the Zen of GitHub

Get a random sentence from the Zen of GitHub

octokit.rest.meta.getZen();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

GitHub API Root

Get Hypermedia links to resources accessible in GitHub's REST API

octokit.rest.meta.root();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Migrations

Cancel an import

Stop an import for a repository.

octokit.rest.migrations.cancelImport({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete a user migration archive

Deletes a previous migration archive. Downloadable migration archives are automatically deleted after seven days. Migration metadata, which is returned in the List user migrations and Get a user migration status endpoints, will continue to be available even after an archive is deleted.

octokit.rest.migrations.deleteArchiveForAuthenticatedUser({
  migration_id,
});

Parameters

namerequireddescription
migration_idyes

The unique identifier of the migration.

See also: GitHub Developer Guide documentation.

Delete an organization migration archive

Deletes a previous migration archive. Migration archives are automatically deleted after seven days.

octokit.rest.migrations.deleteArchiveForOrg({
  org,
  migration_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

migration_idyes

The unique identifier of the migration.

See also: GitHub Developer Guide documentation.

Download an organization migration archive

Fetches the URL to a migration archive.

octokit.rest.migrations.downloadArchiveForOrg({
  org,
  migration_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

migration_idyes

The unique identifier of the migration.

See also: GitHub Developer Guide documentation.

Download a user migration archive

Fetches the URL to download the migration archive as a tar.gz file. Depending on the resources your repository uses, the migration archive can contain JSON files with data for these objects:

  • attachments
  • bases
  • commit_comments
  • issue_comments
  • issue_events
  • issues
  • milestones
  • organizations
  • projects
  • protected_branches
  • pull_request_reviews
  • pull_requests
  • releases
  • repositories
  • review_comments
  • schema
  • users

The archive will also contain an attachments directory that includes all attachment files uploaded to GitHub.com and a repositories directory that contains the repository's Git data.

octokit.rest.migrations.getArchiveForAuthenticatedUser({
  migration_id,
});

Parameters

namerequireddescription
migration_idyes

The unique identifier of the migration.

See also: GitHub Developer Guide documentation.

Get commit authors

Each type of source control system represents authors in a different way. For example, a Git commit author has a display name and an email address, but a Subversion commit author just has a username. The GitHub Importer will make the author information valid, but the author might not be correct. For example, it will change the bare Subversion username hubot into something like hubot <hubot@12341234-abab-fefe-8787-fedcba987654>.

This endpoint and the Map a commit author endpoint allow you to provide correct Git author information.

octokit.rest.migrations.getCommitAuthors({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

sinceno

A user ID. Only return users with an ID greater than this ID.

See also: GitHub Developer Guide documentation.

Get an import status

View the progress of an import.

Import status

This section includes details about the possible values of the status field of the Import Progress response.

An import that does not have errors will progress through these steps:

  • detecting - the "detection" step of the import is in progress because the request did not include a vcs parameter. The import is identifying the type of source control present at the URL.
  • importing - the "raw" step of the import is in progress. This is where commit data is fetched from the original repository. The import progress response will include commit_count (the total number of raw commits that will be imported) and percent (0 - 100, the current progress through the import).
  • mapping - the "rewrite" step of the import is in progress. This is where SVN branches are converted to Git branches, and where author updates are applied. The import progress response does not include progress information.
  • pushing - the "push" step of the import is in progress. This is where the importer updates the repository on GitHub. The import progress response will include push_percent, which is the percent value reported by git push when it is "Writing objects".
  • complete - the import is complete, and the repository is ready on GitHub.

If there are problems, you will see one of these in the status field:

  • auth_failed - the import requires authentication in order to connect to the original repository. To update authentication for the import, please see the Update an import section.
  • error - the import encountered an error. The import progress response will include the failed_step and an error message. Contact GitHub Support for more information.
  • detection_needs_auth - the importer requires authentication for the originating repository to continue detection. To update authentication for the import, please see the Update an import section.
  • detection_found_nothing - the importer didn't recognize any source control at the URL. To resolve, Cancel the import and retry with the correct URL.
  • detection_found_multiple - the importer found several projects or repositories at the provided URL. When this is the case, the Import Progress response will also include a project_choices field with the possible project choices as values. To update project choice, please see the Update an import section.

The project_choices field

When multiple projects are found at the provided URL, the response hash will include a project_choices field, the value of which is an array of hashes each representing a project choice. The exact key/value pairs of the project hashes will differ depending on the version control type.

Git LFS related fields

This section includes details about Git LFS related fields that may be present in the Import Progress response.

  • use_lfs - describes whether the import has been opted in or out of using Git LFS. The value can be opt_in, opt_out, or undecided if no action has been taken.
  • has_large_files - the boolean value describing whether files larger than 100MB were found during the importing step.
  • large_files_size - the total size in gigabytes of files larger than 100MB found in the originating repository.
  • large_files_count - the total number of files larger than 100MB found in the originating repository. To see a list of these files, make a "Get Large Files" request.
octokit.rest.migrations.getImportStatus({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get large files

List files larger than 100MB found during the import

octokit.rest.migrations.getLargeFiles({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a user migration status

Fetches a single user migration. The response includes the state of the migration, which can be one of the following values:

  • pending - the migration hasn't started yet.
  • exporting - the migration is in progress.
  • exported - the migration finished successfully.
  • failed - the migration failed.

Once the migration has been exported you can download the migration archive.

octokit.rest.migrations.getStatusForAuthenticatedUser({
  migration_id,
});

Parameters

namerequireddescription
migration_idyes

The unique identifier of the migration.

excludeno

See also: GitHub Developer Guide documentation.

Get an organization migration status

Fetches the status of a migration.

The state of a migration can be one of the following values:

  • pending, which means the migration hasn't started yet.
  • exporting, which means the migration is in progress.
  • exported, which means the migration finished successfully.
  • failed, which means the migration failed.
octokit.rest.migrations.getStatusForOrg({
  org,
  migration_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

migration_idyes

The unique identifier of the migration.

excludeno

Exclude attributes from the API response to improve performance

See also: GitHub Developer Guide documentation.

List user migrations

Lists all migrations a user has started.

octokit.rest.migrations.listForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization migrations

Lists the most recent migrations.

octokit.rest.migrations.listForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

excludeno

Exclude attributes from the API response to improve performance

See also: GitHub Developer Guide documentation.

List repositories for a user migration

Lists all the repositories for this user migration.

octokit.rest.migrations.listReposForAuthenticatedUser({
  migration_id,
});

Parameters

namerequireddescription
migration_idyes

The unique identifier of the migration.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories in an organization migration

List all the repositories for this organization migration.

octokit.rest.migrations.listReposForOrg({
  org,
  migration_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

migration_idyes

The unique identifier of the migration.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories for a user migration

Deprecated: This method has been renamed to migrations.listReposForAuthenticatedUser

Lists all the repositories for this user migration.

octokit.rest.migrations.listReposForUser({
  migration_id,
});

Parameters

namerequireddescription
migration_idyes

The unique identifier of the migration.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Map a commit author

Update an author's identity for the import. Your application can continue updating authors any time before you push new commits to the repository.

octokit.rest.migrations.mapCommitAuthor({
  owner,
  repo,
  author_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

author_idyes
emailno

The new Git author email.

nameno

The new Git author name.

See also: GitHub Developer Guide documentation.

Update Git LFS preference

You can import repositories from Subversion, Mercurial, and TFS that include files larger than 100MB. This ability is powered by Git LFS. You can learn more about our LFS feature and working with large files on our help site.

octokit.rest.migrations.setLfsPreference({
  owner,
  repo,
  use_lfs,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

use_lfsyes

Whether to store large files during the import. opt_in means large files will be stored using Git LFS. opt_out means large files will be removed during the import.

See also: GitHub Developer Guide documentation.

Start a user migration

Initiates the generation of a user migration archive.

octokit.rest.migrations.startForAuthenticatedUser({
  repositories,
});

Parameters

namerequireddescription
lock_repositoriesno

Lock the repositories being migrated at the start of the migration

exclude_metadatano

Indicates whether metadata should be excluded and only git source should be included for the migration.

exclude_git_datano

Indicates whether the repository git data should be excluded from the migration.

exclude_attachmentsno

Do not include attachments in the migration

exclude_releasesno

Do not include releases in the migration

exclude_owner_projectsno

Indicates whether projects owned by the organization or users should be excluded.

org_metadata_onlyno

Indicates whether this should only include organization metadata (repositories array should be empty and will ignore other flags).

excludeno

Exclude attributes from the API response to improve performance

repositoriesyes

See also: GitHub Developer Guide documentation.

Start an organization migration

Initiates the generation of a migration archive.

octokit.rest.migrations.startForOrg({
  org,
  repositories,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

repositoriesyes

A list of arrays indicating which repositories should be migrated.

lock_repositoriesno

Indicates whether repositories should be locked (to prevent manipulation) while migrating data.

exclude_metadatano

Indicates whether metadata should be excluded and only git source should be included for the migration.

exclude_git_datano

Indicates whether the repository git data should be excluded from the migration.

exclude_attachmentsno

Indicates whether attachments should be excluded from the migration (to reduce migration archive file size).

exclude_releasesno

Indicates whether releases should be excluded from the migration (to reduce migration archive file size).

exclude_owner_projectsno

Indicates whether projects owned by the organization or users should be excluded. from the migration.

org_metadata_onlyno

Indicates whether this should only include organization metadata (repositories array should be empty and will ignore other flags).

excludeno

See also: GitHub Developer Guide documentation.

Start an import

Start a source import to a GitHub repository using GitHub Importer.

octokit.rest.migrations.startImport({
  owner,
  repo,
  vcs_url,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

vcs_urlyes

The URL of the originating repository.

vcsno

The originating VCS type. Without this parameter, the import job will take additional time to detect the VCS type before beginning the import. This detection step will be reflected in the response.

vcs_usernameno

If authentication is required, the username to provide to vcs_url.

vcs_passwordno

If authentication is required, the password to provide to vcs_url.

tfvc_projectno

For a tfvc import, the name of the project that is being imported.

See also: GitHub Developer Guide documentation.

Unlock a user repository

Unlocks a repository. You can lock repositories when you start a user migration. Once the migration is complete you can unlock each repository to begin using it again or delete the repository if you no longer need the source data. Returns a status of 404 Not Found if the repository is not locked.

octokit.rest.migrations.unlockRepoForAuthenticatedUser({
  migration_id,
  repo_name,
});

Parameters

namerequireddescription
migration_idyes

The unique identifier of the migration.

repo_nameyes

repo_name parameter

See also: GitHub Developer Guide documentation.

Unlock an organization repository

Unlocks a repository that was locked for migration. You should unlock each migrated repository and delete them when the migration is complete and you no longer need the source data.

octokit.rest.migrations.unlockRepoForOrg({
  org,
  migration_id,
  repo_name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

migration_idyes

The unique identifier of the migration.

repo_nameyes

repo_name parameter

See also: GitHub Developer Guide documentation.

Update an import

An import can be updated with credentials or a project choice by passing in the appropriate parameters in this API request. If no parameters are provided, the import will be restarted.

Some servers (e.g. TFS servers) can have several projects at a single URL. In those cases the import progress will have the status detection_found_multiple and the Import Progress response will include a project_choices array. You can select the project to import by providing one of the objects in the project_choices array in the update request.

octokit.rest.migrations.updateImport({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

vcs_usernameno

The username to provide to the originating repository.

vcs_passwordno

The password to provide to the originating repository.

vcsno

The type of version control system you are migrating from.

tfvc_projectno

For a tfvc import, the name of the project that is being imported.

See also: GitHub Developer Guide documentation.

Orgs

Block a user from an organization

octokit.rest.orgs.blockUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Cancel an organization invitation

Cancel an organization invitation. In order to cancel an organization invitation, the authenticated user must be an organization owner.

This endpoint triggers notifications.

octokit.rest.orgs.cancelInvitation({
  org,
  invitation_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

invitation_idyes

The unique identifier of the invitation.

See also: GitHub Developer Guide documentation.

Check if a user is blocked by an organization

octokit.rest.orgs.checkBlockedUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Check organization membership for a user

Check if a user is, publicly or privately, a member of the organization.

octokit.rest.orgs.checkMembershipForUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Check public organization membership for a user

octokit.rest.orgs.checkPublicMembershipForUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Convert an organization member to outside collaborator

When an organization member is converted to an outside collaborator, they'll only have access to the repositories that their current team membership allows. The user will no longer be a member of the organization. For more information, see "Converting an organization member to an outside collaborator". Converting an organization member to an outside collaborator may be restricted by enterprise administrators. For more information, see "Enforcing repository management policies in your enterprise."

octokit.rest.orgs.convertMemberToOutsideCollaborator({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

asyncno

When set to true, the request will be performed asynchronously. Returns a 202 status code when the job is successfully queued.

See also: GitHub Developer Guide documentation.

Create an organization invitation

Invite people to an organization by using their GitHub user ID or their email address. In order to create invitations in an organization, the authenticated user must be an organization owner.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.orgs.createInvitation({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

invitee_idno

Required unless you provide email. GitHub user ID for the person you are inviting.

emailno

Required unless you provide invitee_id. Email address of the person you are inviting, which can be an existing GitHub user.

roleno

The role for the new member. * admin - Organization owners with full administrative rights to the organization and complete access to all repositories and teams.
* direct_member - Non-owner organization members with ability to see other members and join teams by invitation.
* billing_manager - Non-owner organization members with ability to manage the billing settings of your organization.

team_idsno

Specify IDs for the teams you want to invite new members to.

See also: GitHub Developer Guide documentation.

Create an organization webhook

Here's how you can create a hook that posts payloads in JSON format:

octokit.rest.orgs.createWebhook({
        org,
name,
config,
config.url
      })

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

Must be passed as "web".

configyes

Key/value pairs to provide settings for this webhook. These are defined below.

config.urlyes

The URL to which the payloads will be delivered.

config.content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

config.secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

config.insecure_sslno
config.usernameno
config.passwordno
eventsno

Determines what events the hook is triggered for.

activeno

Determines if notifications are sent when the webhook is triggered. Set to true to send notifications.

See also: GitHub Developer Guide documentation.

Delete an organization webhook

octokit.rest.orgs.deleteWebhook({
  org,
  hook_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Get an organization

To see many of the organization response values, you need to be an authenticated organization owner with the admin:org scope. When the value of two_factor_requirement_enabled is true, the organization requires all members, billing managers, and outside collaborators to enable two-factor authentication.

GitHub Apps with the Organization plan permission can use this endpoint to retrieve information about an organization's GitHub plan. See "Authenticating with GitHub Apps" for details. For an example response, see 'Response with GitHub plan information' below."

octokit.rest.orgs.get({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get an organization membership for the authenticated user

octokit.rest.orgs.getMembershipForAuthenticatedUser({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get organization membership for a user

In order to get a user's membership with an organization, the authenticated user must be an organization member. The state parameter in the response can be used to identify the user's membership status.

octokit.rest.orgs.getMembershipForUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get an organization webhook

Returns a webhook configured in an organization. To get only the webhook config properties, see "Get a webhook configuration for an organization."

octokit.rest.orgs.getWebhook({
  org,
  hook_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Get a webhook configuration for an organization

Returns the webhook configuration for an organization. To get more information about the webhook, including the active state and events, use "Get an organization webhook ."

Access tokens must have the admin:org_hook scope, and GitHub Apps must have the organization_hooks:read permission.

octokit.rest.orgs.getWebhookConfigForOrg({
  org,
  hook_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Get a webhook delivery for an organization webhook

Returns a delivery for a webhook configured in an organization.

octokit.rest.orgs.getWebhookDelivery({
  org,
  hook_id,
  delivery_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

delivery_idyes

See also: GitHub Developer Guide documentation.

List organizations

Lists all organizations, in the order that they were created on GitHub.

Note: Pagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of organizations.

octokit.rest.orgs.list();

Parameters

namerequireddescription
sinceno

An organization ID. Only return organizations with an ID greater than this ID.

per_pageno

The number of results per page (max 100).

See also: GitHub Developer Guide documentation.

List app installations for an organization

Lists all GitHub Apps in an organization. The installation count includes all GitHub Apps installed on repositories in the organization. You must be an organization owner with admin:read scope to use this endpoint.

octokit.rest.orgs.listAppInstallations({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List users blocked by an organization

List the users blocked by an organization.

octokit.rest.orgs.listBlockedUsers({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List custom repository roles in an organization

List the custom repository roles available in this organization. In order to see custom repository roles in an organization, the authenticated user must be an organization owner.

For more information on custom repository roles, see "Managing custom repository roles for an organization".

octokit.rest.orgs.listCustomRoles({
  organization_id,
});

Parameters

namerequireddescription
organization_idyes

See also: GitHub Developer Guide documentation.

List failed organization invitations

The return hash contains failed_at and failed_reason fields which represent the time at which the invitation failed and the reason for the failure.

octokit.rest.orgs.listFailedInvitations({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organizations for the authenticated user

List organizations for the authenticated user.

OAuth scope requirements

This only lists organizations that your authorization allows you to operate on in some way (e.g., you can list teams with read:org scope, you can publicize your organization membership with user scope, etc.). Therefore, this API requires at least user or read:org scope. OAuth requests with insufficient scope receive a 403 Forbidden response.

octokit.rest.orgs.listForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organizations for a user

List public organization memberships for the specified user.

This method only lists public memberships, regardless of authentication. If you need to fetch all of the organization memberships (public and private) for the authenticated user, use the List organizations for the authenticated user API instead.

octokit.rest.orgs.listForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization invitation teams

List all teams associated with an invitation. In order to see invitations in an organization, the authenticated user must be an organization owner.

octokit.rest.orgs.listInvitationTeams({
  org,
  invitation_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

invitation_idyes

The unique identifier of the invitation.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization members

List all users who are members of an organization. If the authenticated user is also a member of this organization then both concealed and public members will be returned.

octokit.rest.orgs.listMembers({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

filterno

Filter members returned in the list. 2fa_disabled means that only members without two-factor authentication enabled will be returned. This options is only available for organization owners.

roleno

Filter members returned by their role.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization memberships for the authenticated user

octokit.rest.orgs.listMembershipsForAuthenticatedUser();

Parameters

namerequireddescription
stateno

Indicates the state of the memberships to return. Can be either active or pending. If not specified, the API returns both active and pending memberships.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List outside collaborators for an organization

List all users who are outside collaborators of an organization.

octokit.rest.orgs.listOutsideCollaborators({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

filterno

Filter the list of outside collaborators. 2fa_disabled means that only outside collaborators without two-factor authentication enabled will be returned.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List pending organization invitations

The return hash contains a role field which refers to the Organization Invitation role and will be one of the following values: direct_member, admin, billing_manager, hiring_manager, or reinstate. If the invitee is not a GitHub member, the login field in the return hash will be null.

octokit.rest.orgs.listPendingInvitations({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public organization members

Members of an organization can choose to have their membership publicized or not.

octokit.rest.orgs.listPublicMembers({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List deliveries for an organization webhook

Returns a list of webhook deliveries for a webhook configured in an organization.

octokit.rest.orgs.listWebhookDeliveries({
  org,
  hook_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

per_pageno

The number of results per page (max 100).

cursorno

Used for pagination: the starting delivery from which the page of deliveries is fetched. Refer to the link header for the next and previous page cursors.

See also: GitHub Developer Guide documentation.

List organization webhooks

octokit.rest.orgs.listWebhooks({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Ping an organization webhook

This will trigger a ping event to be sent to the hook.

octokit.rest.orgs.pingWebhook({
  org,
  hook_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Redeliver a delivery for an organization webhook

Redeliver a delivery for a webhook configured in an organization.

octokit.rest.orgs.redeliverWebhookDelivery({
  org,
  hook_id,
  delivery_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

delivery_idyes

See also: GitHub Developer Guide documentation.

Remove an organization member

Removing a user from this list will remove them from all teams and they will no longer have any access to the organization's repositories.

octokit.rest.orgs.removeMember({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Remove organization membership for a user

In order to remove a user's membership with an organization, the authenticated user must be an organization owner.

If the specified user is an active member of the organization, this will remove them from the organization. If the specified user has been invited to the organization, this will cancel their invitation. The specified user will receive an email notification in both cases.

octokit.rest.orgs.removeMembershipForUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Remove outside collaborator from an organization

Removing a user from this list will remove them from all the organization's repositories.

octokit.rest.orgs.removeOutsideCollaborator({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Remove public organization membership for the authenticated user

octokit.rest.orgs.removePublicMembershipForAuthenticatedUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Set organization membership for a user

Only authenticated organization owners can add a member to the organization or update the member's role.

  • If the authenticated user is adding a member to the organization, the invited user will receive an email inviting them to the organization. The user's membership status will be pending until they accept the invitation.
  • Authenticated users can update a user's membership by passing the role parameter. If the authenticated user changes a member's role to admin, the affected user will receive an email notifying them that they've been made an organization owner. If the authenticated user changes an owner's role to member, no email will be sent.

Rate limits

To prevent abuse, the authenticated user is limited to 50 organization invitations per 24 hour period. If the organization is more than one month old or on a paid plan, the limit is 500 invitations per 24 hour period.

octokit.rest.orgs.setMembershipForUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

roleno

The role to give the user in the organization. Can be one of:
* admin - The user will become an owner of the organization.
* member - The user will become a non-owner member of the organization.

See also: GitHub Developer Guide documentation.

Set public organization membership for the authenticated user

The user can publicize their own membership. (A user cannot publicize the membership for another user.)

Note that you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

octokit.rest.orgs.setPublicMembershipForAuthenticatedUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Unblock a user from an organization

octokit.rest.orgs.unblockUser({
  org,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Update an organization

Parameter Deprecation Notice: GitHub will replace and discontinue members_allowed_repository_creation_type in favor of more granular permissions. The new input parameters are members_can_create_public_repositories, members_can_create_private_repositories for all organizations and members_can_create_internal_repositories for organizations associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+. For more information, see the blog post.

Enables an authenticated organization owner with the admin:org scope to update the organization's profile and member privileges.

octokit.rest.orgs.update({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

billing_emailno

Billing email address. This address is not publicized.

companyno

The company name.

emailno

The publicly visible email address.

twitter_usernameno

The Twitter username of the company.

locationno

The location.

nameno

The shorthand name of the company.

descriptionno

The description of the company.

has_organization_projectsno

Whether an organization can use organization projects.

has_repository_projectsno

Whether repositories that belong to the organization can use repository projects.

default_repository_permissionno

Default permission level members have for organization repositories.

members_can_create_repositoriesno

Whether of non-admin organization members can create repositories. Note: A parameter can override this parameter. See members_allowed_repository_creation_type in this table for details.

members_can_create_internal_repositoriesno

Whether organization members can create internal repositories, which are visible to all enterprise members. You can only allow members to create internal repositories if your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+. For more information, see "Restricting repository creation in your organization" in the GitHub Help documentation.

members_can_create_private_repositoriesno

Whether organization members can create private repositories, which are visible to organization members with permission. For more information, see "Restricting repository creation in your organization" in the GitHub Help documentation.

members_can_create_public_repositoriesno

Whether organization members can create public repositories, which are visible to anyone. For more information, see "Restricting repository creation in your organization" in the GitHub Help documentation.

members_allowed_repository_creation_typeno

Specifies which types of repositories non-admin organization members can create. private is only available to repositories that are part of an organization on GitHub Enterprise Cloud. Note: This parameter is deprecated and will be removed in the future. Its return value ignores internal repositories. Using this parameter overrides values set in members_can_create_repositories. See the parameter deprecation notice in the operation description for details.

members_can_create_pagesno

Whether organization members can create GitHub Pages sites. Existing published sites will not be impacted.

members_can_create_public_pagesno

Whether organization members can create public GitHub Pages sites. Existing published sites will not be impacted.

members_can_create_private_pagesno

Whether organization members can create private GitHub Pages sites. Existing published sites will not be impacted.

members_can_fork_private_repositoriesno

Whether organization members can fork private organization repositories.

blogno

See also: GitHub Developer Guide documentation.

Update an organization membership for the authenticated user

octokit.rest.orgs.updateMembershipForAuthenticatedUser({
  org,
  state,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

stateyes

The state that the membership should be in. Only "active" will be accepted.

See also: GitHub Developer Guide documentation.

Update an organization webhook

Updates a webhook configured in an organization. When you update a webhook, the secret will be overwritten. If you previously had a secret set, you must provide the same secret or set a new secret or the secret will be removed. If you are only updating individual webhook config properties, use "Update a webhook configuration for an organization."

octokit.rest.orgs.updateWebhook({
        org,
hook_id,
config.url
      })

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

configno

Key/value pairs to provide settings for this webhook. These are defined below.

config.urlyes

The URL to which the payloads will be delivered.

config.content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

config.secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

config.insecure_sslno
eventsno

Determines what events the hook is triggered for.

activeno

Determines if notifications are sent when the webhook is triggered. Set to true to send notifications.

nameno

See also: GitHub Developer Guide documentation.

Update a webhook configuration for an organization

Updates the webhook configuration for an organization. To update more information about the webhook, including the active state and events, use "Update an organization webhook ."

Access tokens must have the admin:org_hook scope, and GitHub Apps must have the organization_hooks:write permission.

octokit.rest.orgs.updateWebhookConfigForOrg({
  org,
  hook_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

urlno

The URL to which the payloads will be delivered.

content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

insecure_sslno

See also: GitHub Developer Guide documentation.

Packages

Delete a package for the authenticated user

Deletes a package owned by the authenticated user. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:delete scopes. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.deletePackageForAuthenticatedUser({
  package_type,
  package_name,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

See also: GitHub Developer Guide documentation.

Delete a package for an organization

Deletes an entire package in an organization. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.

To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the packages:read and packages:delete scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container you want to delete.
octokit.rest.packages.deletePackageForOrg({
  package_type,
  package_name,
  org,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete a package for a user

Deletes an entire package for a user. You cannot delete a public package if any version of the package has more than 5,000 downloads. In this scenario, contact GitHub support for further assistance.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:delete scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container you want to delete.
octokit.rest.packages.deletePackageForUser({
  package_type,
  package_name,
  username,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Delete a package version for the authenticated user

Deletes a specific package version for a package owned by the authenticated user. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.

To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the packages:read and packages:delete scopes. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.deletePackageVersionForAuthenticatedUser({
  package_type,
  package_name,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Delete package version for an organization

Deletes a specific package version in an organization. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.

To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the packages:read and packages:delete scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container you want to delete.
octokit.rest.packages.deletePackageVersionForOrg({
  package_type,
  package_name,
  org,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Delete package version for a user

Deletes a specific package version for a user. If the package is public and the package version has more than 5,000 downloads, you cannot delete the package version. In this scenario, contact GitHub support for further assistance.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:delete scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container you want to delete.
octokit.rest.packages.deletePackageVersionForUser({
  package_type,
  package_name,
  username,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

usernameyes

The handle for the GitHub user account.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Get all package versions for a package owned by an organization

Deprecated: This method has been renamed to packages.getAllPackageVersionsForPackageOwnedByOrg

Returns all package versions for a package owned by an organization.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getAllPackageVersionsForAPackageOwnedByAnOrg({
  package_type,
  package_name,
  org,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

stateno

The state of the package, either active or deleted.

See also: GitHub Developer Guide documentation.

Get all package versions for a package owned by the authenticated user

Deprecated: This method has been renamed to packages.getAllPackageVersionsForPackageOwnedByAuthenticatedUser

Returns all package versions for a package owned by the authenticated user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getAllPackageVersionsForAPackageOwnedByTheAuthenticatedUser(
  {
    package_type,
    package_name,
  }
);

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

stateno

The state of the package, either active or deleted.

See also: GitHub Developer Guide documentation.

Get all package versions for a package owned by the authenticated user

Returns all package versions for a package owned by the authenticated user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getAllPackageVersionsForPackageOwnedByAuthenticatedUser({
  package_type,
  package_name,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

stateno

The state of the package, either active or deleted.

See also: GitHub Developer Guide documentation.

Get all package versions for a package owned by an organization

Returns all package versions for a package owned by an organization.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getAllPackageVersionsForPackageOwnedByOrg({
  package_type,
  package_name,
  org,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

stateno

The state of the package, either active or deleted.

See also: GitHub Developer Guide documentation.

Get all package versions for a package owned by a user

Returns all package versions for a public package owned by a specified user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getAllPackageVersionsForPackageOwnedByUser({
  package_type,
  package_name,
  username,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get a package for the authenticated user

Gets a specific package for a package owned by the authenticated user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getPackageForAuthenticatedUser({
  package_type,
  package_name,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

See also: GitHub Developer Guide documentation.

Get a package for an organization

Gets a specific package in an organization.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getPackageForOrganization({
  package_type,
  package_name,
  org,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a package for a user

Gets a specific package metadata for a public package owned by a user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getPackageForUser({
  package_type,
  package_name,
  username,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get a package version for the authenticated user

Gets a specific package version for a package owned by the authenticated user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getPackageVersionForAuthenticatedUser({
  package_type,
  package_name,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Get a package version for an organization

Gets a specific package version in an organization.

You must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getPackageVersionForOrganization({
  package_type,
  package_name,
  org,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Get a package version for a user

Gets a specific package version for a public package owned by a specified user.

At this time, to use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.getPackageVersionForUser({
  package_type,
  package_name,
  package_version_id,
  username,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

package_version_idyes

Unique identifier of the package version.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

List packages for the authenticated user's namespace

Lists packages owned by the authenticated user within the user's namespace.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.listPackagesForAuthenticatedUser({
  package_type,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

visibilityno

The selected visibility of the packages. Only container package_types currently support internal visibility properly. For other ecosystems internal is synonymous with private. This parameter is optional and only filters an existing result set.

See also: GitHub Developer Guide documentation.

List packages for an organization

Lists all packages in an organization readable by the user.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.listPackagesForOrganization({
  package_type,
  org,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

orgyes

The organization name. The name is not case sensitive.

visibilityno

The selected visibility of the packages. Only container package_types currently support internal visibility properly. For other ecosystems internal is synonymous with private. This parameter is optional and only filters an existing result set.

See also: GitHub Developer Guide documentation.

List packages for a user

Lists all packages in a user's namespace for which the requesting user has access.

To use this endpoint, you must authenticate using an access token with the packages:read scope. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.listPackagesForUser({
  package_type,
  username,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

visibilityno

The selected visibility of the packages. Only container package_types currently support internal visibility properly. For other ecosystems internal is synonymous with private. This parameter is optional and only filters an existing result set.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Restore a package for the authenticated user

Restores a package owned by the authenticated user.

You can restore a deleted package under the following conditions:

  • The package was deleted within the last 30 days.
  • The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:write scopes. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.restorePackageForAuthenticatedUser({
  package_type,
  package_name,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

tokenno

package token

See also: GitHub Developer Guide documentation.

Restore a package for an organization

Restores an entire package in an organization.

You can restore a deleted package under the following conditions:

  • The package was deleted within the last 30 days.
  • The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.

To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the packages:read and packages:write scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container that you want to restore.
octokit.rest.packages.restorePackageForOrg({
  package_type,
  package_name,
  org,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

tokenno

package token

See also: GitHub Developer Guide documentation.

Restore a package for a user

Restores an entire package for a user.

You can restore a deleted package under the following conditions:

  • The package was deleted within the last 30 days.
  • The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:write scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container that you want to restore.
octokit.rest.packages.restorePackageForUser({
  package_type,
  package_name,
  username,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

usernameyes

The handle for the GitHub user account.

tokenno

package token

See also: GitHub Developer Guide documentation.

Restore a package version for the authenticated user

Restores a package version owned by the authenticated user.

You can restore a deleted package version under the following conditions:

  • The package was deleted within the last 30 days.
  • The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:write scopes. If package_type is not container, your token must also include the repo scope.

octokit.rest.packages.restorePackageVersionForAuthenticatedUser({
  package_type,
  package_name,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Restore package version for an organization

Restores a specific package version in an organization.

You can restore a deleted package under the following conditions:

  • The package was deleted within the last 30 days.
  • The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.

To use this endpoint, you must have admin permissions in the organization and authenticate using an access token with the packages:read and packages:write scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container that you want to restore.
octokit.rest.packages.restorePackageVersionForOrg({
  package_type,
  package_name,
  org,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

orgyes

The organization name. The name is not case sensitive.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Restore package version for a user

Restores a specific package version for a user.

You can restore a deleted package under the following conditions:

  • The package was deleted within the last 30 days.
  • The same package namespace and version is still available and not reused for a new package. If the same package namespace is not available, you will not be able to restore your package. In this scenario, to restore the deleted package, you must delete the new package that uses the deleted package's namespace first.

To use this endpoint, you must authenticate using an access token with the packages:read and packages:write scopes. In addition:

  • If package_type is not container, your token must also include the repo scope.
  • If package_type is container, you must also have admin permissions to the container that you want to restore.
octokit.rest.packages.restorePackageVersionForUser({
  package_type,
  package_name,
  username,
  package_version_id,
});

Parameters

namerequireddescription
package_typeyes

The type of supported package. Packages in GitHub's Gradle registry have the type maven. Docker images pushed to GitHub's Container registry (ghcr.io) have the type container. You can use the type docker to find images that were pushed to GitHub's Docker registry (docker.pkg.github.com), even if these have now been migrated to the Container registry.

package_nameyes

The name of the package.

usernameyes

The handle for the GitHub user account.

package_version_idyes

Unique identifier of the package version.

See also: GitHub Developer Guide documentation.

Projects

Add project collaborator

Adds a collaborator to an organization project and sets their permission level. You must be an organization owner or a project admin to add a collaborator.

octokit.rest.projects.addCollaborator({
  project_id,
  username,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

usernameyes

The handle for the GitHub user account.

permissionno

The permission to grant the collaborator.

See also: GitHub Developer Guide documentation.

Create a project card

octokit.rest.projects.createCard({
  column_id,
  note,
  content_id,
  content_type,
});

Parameters

namerequireddescription
column_idyes

The unique identifier of the column.

noteyes

The project card's note

content_idyes

The unique identifier of the content associated with the card

content_typeyes

The piece of content associated with the card

See also: GitHub Developer Guide documentation.

Create a project column

octokit.rest.projects.createColumn({
  project_id,
  name,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

nameyes

Name of the project column

See also: GitHub Developer Guide documentation.

Create a user project

octokit.rest.projects.createForAuthenticatedUser({
  name,
});

Parameters

namerequireddescription
nameyes

Name of the project

bodyno

Body of the project

See also: GitHub Developer Guide documentation.

Create an organization project

Creates an organization project board. Returns a 404 Not Found status if projects are disabled in the organization. If you do not have sufficient privileges to perform this action, a 401 Unauthorized or 410 Gone status is returned.

octokit.rest.projects.createForOrg({
  org,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the project.

bodyno

The description of the project.

See also: GitHub Developer Guide documentation.

Create a repository project

Creates a repository project board. Returns a 404 Not Found status if projects are disabled in the repository. If you do not have sufficient privileges to perform this action, a 401 Unauthorized or 410 Gone status is returned.

octokit.rest.projects.createForRepo({
  owner,
  repo,
  name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameyes

The name of the project.

bodyno

The description of the project.

See also: GitHub Developer Guide documentation.

Delete a project

Deletes a project board. Returns a 404 Not Found status if projects are disabled.

octokit.rest.projects.delete({
  project_id,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

See also: GitHub Developer Guide documentation.

Delete a project card

octokit.rest.projects.deleteCard({
  card_id,
});

Parameters

namerequireddescription
card_idyes

The unique identifier of the card.

See also: GitHub Developer Guide documentation.

Delete a project column

octokit.rest.projects.deleteColumn({
  column_id,
});

Parameters

namerequireddescription
column_idyes

The unique identifier of the column.

See also: GitHub Developer Guide documentation.

Get a project

Gets a project by its id. Returns a 404 Not Found status if projects are disabled. If you do not have sufficient privileges to perform this action, a 401 Unauthorized or 410 Gone status is returned.

octokit.rest.projects.get({
  project_id,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

See also: GitHub Developer Guide documentation.

Get a project card

octokit.rest.projects.getCard({
  card_id,
});

Parameters

namerequireddescription
card_idyes

The unique identifier of the card.

See also: GitHub Developer Guide documentation.

Get a project column

octokit.rest.projects.getColumn({
  column_id,
});

Parameters

namerequireddescription
column_idyes

The unique identifier of the column.

See also: GitHub Developer Guide documentation.

Get project permission for a user

Returns the collaborator's permission level for an organization project. Possible values for the permission key: admin, write, read, none. You must be an organization owner or a project admin to review a user's permission level.

octokit.rest.projects.getPermissionForUser({
  project_id,
  username,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

List project cards

octokit.rest.projects.listCards({
  column_id,
});

Parameters

namerequireddescription
column_idyes

The unique identifier of the column.

archived_stateno

Filters the project cards that are returned by the card's state.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List project collaborators

Lists the collaborators for an organization project. For a project, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. You must be an organization owner or a project admin to list collaborators.

octokit.rest.projects.listCollaborators({
  project_id,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

affiliationno

Filters the collaborators by their affiliation. outside means outside collaborators of a project that are not a member of the project's organization. direct means collaborators with permissions to a project, regardless of organization membership status. all means all collaborators the authenticated user can see.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List project columns

octokit.rest.projects.listColumns({
  project_id,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List organization projects

Lists the projects in an organization. Returns a 404 Not Found status if projects are disabled in the organization. If you do not have sufficient privileges to perform this action, a 401 Unauthorized or 410 Gone status is returned.

octokit.rest.projects.listForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

stateno

Indicates the state of the projects to return. Can be either open, closed, or all.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository projects

Lists the projects in a repository. Returns a 404 Not Found status if projects are disabled in the repository. If you do not have sufficient privileges to perform this action, a 401 Unauthorized or 410 Gone status is returned.

octokit.rest.projects.listForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

stateno

Indicates the state of the projects to return. Can be either open, closed, or all.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List user projects

octokit.rest.projects.listForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

stateno

Indicates the state of the projects to return. Can be either open, closed, or all.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Move a project card

octokit.rest.projects.moveCard({
  card_id,
  position,
});

Parameters

namerequireddescription
card_idyes

The unique identifier of the card.

positionyes

The position of the card in a column. Can be one of: top, bottom, or after:<card_id> to place after the specified card.

column_idno

The unique identifier of the column the card should be moved to

See also: GitHub Developer Guide documentation.

Move a project column

octokit.rest.projects.moveColumn({
  column_id,
  position,
});

Parameters

namerequireddescription
column_idyes

The unique identifier of the column.

positionyes

The position of the column in a project. Can be one of: first, last, or after:<column_id> to place after the specified column.

See also: GitHub Developer Guide documentation.

Remove user as a collaborator

Removes a collaborator from an organization project. You must be an organization owner or a project admin to remove a collaborator.

octokit.rest.projects.removeCollaborator({
  project_id,
  username,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Update a project

Updates a project board's information. Returns a 404 Not Found status if projects are disabled. If you do not have sufficient privileges to perform this action, a 401 Unauthorized or 410 Gone status is returned.

octokit.rest.projects.update({
  project_id,
});

Parameters

namerequireddescription
project_idyes

The unique identifier of the project.

nameno

Name of the project

bodyno

Body of the project

stateno

State of the project; either 'open' or 'closed'

organization_permissionno

The baseline permission that all organization members have on this project

privateno

Whether or not this project can be seen by everyone.

See also: GitHub Developer Guide documentation.

Update an existing project card

octokit.rest.projects.updateCard({
  card_id,
});

Parameters

namerequireddescription
card_idyes

The unique identifier of the card.

noteno

The project card's note

archivedno

Whether or not the card is archived

See also: GitHub Developer Guide documentation.

Update an existing project column

octokit.rest.projects.updateColumn({
  column_id,
  name,
});

Parameters

namerequireddescription
column_idyes

The unique identifier of the column.

nameyes

Name of the project column

See also: GitHub Developer Guide documentation.

Pulls

Check if a pull request has been merged

octokit.rest.pulls.checkIfMerged({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

See also: GitHub Developer Guide documentation.

Create a pull request

Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see GitHub's products in the GitHub Help documentation.

To open or update a pull request in a public repository, you must have write access to the head or the source branch. For organization-owned repositories, you must be a member of the organization that owns the repository to open or update a pull request.

You can create a new pull request.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.pulls.create({
  owner,
  repo,
  head,
  base,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

titleno

The title of the new pull request.

headyes

The name of the branch where your changes are implemented. For cross-repository pull requests in the same network, namespace head with a user like this: username:branch.

baseyes

The name of the branch you want the changes pulled into. This should be an existing branch on the current repository. You cannot submit a pull request to one repository that requests a merge to a base of another repository.

bodyno

The contents of the pull request.

maintainer_can_modifyno

Indicates whether maintainers can modify the pull request.

draftno

Indicates whether the pull request is a draft. See "Draft Pull Requests" in the GitHub Help documentation to learn more.

issueno

See also: GitHub Developer Guide documentation.

Create a reply for a review comment

Creates a reply to a review comment for a pull request. For the comment_id, provide the ID of the review comment you are replying to. This must be the ID of a top-level review comment, not a reply to that comment. Replies to replies are not supported.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.pulls.createReplyForReviewComment({
  owner,
  repo,
  pull_number,
  comment_id,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

comment_idyes

The unique identifier of the comment.

bodyyes

The text of the review comment.

See also: GitHub Developer Guide documentation.

Create a review for a pull request

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

Pull request reviews created in the PENDING state do not include the submitted_at property in the response.

Note: To comment on a specific line in a file, you need to first determine the position of that line in the diff. The GitHub REST API v3 offers the application/vnd.github.v3.diff media type. To see a pull request diff, add this media type to the Accept header of a call to the single pull request endpoint.

The position value equals the number of lines down from the first "@@" hunk header in the file you want to add a comment. The line just below the "@@" line is position 1, the next line is position 2, and so on. The position in the diff continues to increase through lines of whitespace and additional hunks until the beginning of a new file.

octokit.rest.pulls.createReview({
        owner,
repo,
pull_number,
comments[].path,
comments[].body
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

commit_idno

The SHA of the commit that needs a review. Not using the latest commit SHA may render your review comment outdated if a subsequent commit modifies the line you specify as the position. Defaults to the most recent commit in the pull request when you do not specify a value.

bodyno

Required when using REQUEST_CHANGES or COMMENT for the event parameter. The body text of the pull request review.

eventno

The review action you want to perform. The review actions include: APPROVE, REQUEST_CHANGES, or COMMENT. By leaving this blank, you set the review action state to PENDING, which means you will need to submit the pull request review when you are ready.

commentsno

Use the following table to specify the location, destination, and contents of the draft review comment.

comments[].pathyes

The relative path to the file that necessitates a review comment.

comments[].positionno

The position in the diff where you want to add a review comment. Note this value is not the same as the line number in the file. For help finding the position value, read the note below.

comments[].bodyyes

Text of the review comment.

comments[].lineno
comments[].sideno
comments[].start_lineno
comments[].start_sideno

See also: GitHub Developer Guide documentation.

Create a review comment for a pull request

Creates a review comment in the pull request diff. To add a regular comment to a pull request timeline, see "Create an issue comment." We recommend creating a review comment using line, side, and optionally start_line and start_side if your comment applies to more than one line in the pull request diff.

The position parameter is deprecated. If you use position, the line, side, start_line, and start_side parameters are not required.

Note: The position value equals the number of lines down from the first "@@" hunk header in the file you want to add a comment. The line just below the "@@" line is position 1, the next line is position 2, and so on. The position in the diff continues to increase through lines of whitespace and additional hunks until the beginning of a new file.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.pulls.createReviewComment({
  owner,
  repo,
  pull_number,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

bodyyes

The text of the review comment.

commit_idno

The SHA of the commit needing a comment. Not using the latest commit SHA may render your comment outdated if a subsequent commit modifies the line you specify as the position.

pathno

The relative path to the file that necessitates a comment.

positionno

This parameter is deprecated. Use line instead. The position in the diff where you want to add a review comment. Note this value is not the same as the line number in the file. For help finding the position value, read the note above.

sideno

In a split diff view, the side of the diff that the pull request's changes appear on. Can be LEFT or RIGHT. Use LEFT for deletions that appear in red. Use RIGHT for additions that appear in green or unchanged lines that appear in white and are shown for context. For a multi-line comment, side represents whether the last line of the comment range is a deletion or addition. For more information, see "Diff view options" in the GitHub Help documentation.

lineno

The line of the blob in the pull request diff that the comment applies to. For a multi-line comment, the last line of the range that your comment applies to.

start_lineno

Required when using multi-line comments unless using in_reply_to. The start_line is the first line in the pull request diff that your multi-line comment applies to. To learn more about multi-line comments, see "Commenting on a pull request" in the GitHub Help documentation.

start_sideno

Required when using multi-line comments unless using in_reply_to. The start_side is the starting side of the diff that the comment applies to. Can be LEFT or RIGHT. To learn more about multi-line comments, see "Commenting on a pull request" in the GitHub Help documentation. See side in this table for additional context.

in_reply_tono

The ID of the review comment to reply to. To find the ID of a review comment with "List review comments on a pull request". When specified, all parameters other than body in the request body are ignored.

See also: GitHub Developer Guide documentation.

Delete a pending review for a pull request

octokit.rest.pulls.deletePendingReview({
  owner,
  repo,
  pull_number,
  review_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

review_idyes

The unique identifier of the review.

See also: GitHub Developer Guide documentation.

Delete a review comment for a pull request

Deletes a review comment.

octokit.rest.pulls.deleteReviewComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Dismiss a review for a pull request

Note: To dismiss a pull request review on a protected branch, you must be a repository administrator or be included in the list of people or teams who can dismiss pull request reviews.

octokit.rest.pulls.dismissReview({
  owner,
  repo,
  pull_number,
  review_id,
  message,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

review_idyes

The unique identifier of the review.

messageyes

The message for the pull request review dismissal

eventno

See also: GitHub Developer Guide documentation.

Get a pull request

Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see GitHub's products in the GitHub Help documentation.

Lists details of a pull request by providing its number.

When you get, create, or edit a pull request, GitHub creates a merge commit to test whether the pull request can be automatically merged into the base branch. This test commit is not added to the base branch or the head branch. You can review the status of the test commit using the mergeable key. For more information, see "Checking mergeability of pull requests".

The value of the mergeable attribute can be true, false, or null. If the value is null, then GitHub has started a background job to compute the mergeability. After giving the job time to complete, resubmit the request. When the job finishes, you will see a non-null value for the mergeable attribute in the response. If mergeable is true, then merge_commit_sha will be the SHA of the test merge commit.

The value of the merge_commit_sha attribute changes depending on the state of the pull request. Before merging a pull request, the merge_commit_sha attribute holds the SHA of the test merge commit. After merging a pull request, the merge_commit_sha attribute changes depending on how you merged the pull request:

  • If merged as a merge commit, merge_commit_sha represents the SHA of the merge commit.
  • If merged via a squash, merge_commit_sha represents the SHA of the squashed commit on the base branch.
  • If rebased, merge_commit_sha represents the commit that the base branch was updated to.

Pass the appropriate media type to fetch diff and patch formats.

octokit.rest.pulls.get({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

See also: GitHub Developer Guide documentation.

Get a review for a pull request

octokit.rest.pulls.getReview({
  owner,
  repo,
  pull_number,
  review_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

review_idyes

The unique identifier of the review.

See also: GitHub Developer Guide documentation.

Get a review comment for a pull request

Provides details for a review comment.

octokit.rest.pulls.getReviewComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

List pull requests

Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.pulls.list({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

stateno

Either open, closed, or all to filter by state.

headno

Filter pulls by head user or head organization and branch name in the format of user:ref-name or organization:ref-name. For example: github:new-script-format or octocat:test-branch.

baseno

Filter pulls by base branch name. Example: gh-pages.

sortno

What to sort results by. Can be either created, updated, popularity (comment count) or long-running (age, filtering by pulls updated in the last month).

directionno

The direction of the sort. Can be either asc or desc. Default: desc when sort is created or sort is not specified, otherwise asc.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List comments for a pull request review

List comments for a specific pull request review.

octokit.rest.pulls.listCommentsForReview({
  owner,
  repo,
  pull_number,
  review_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

review_idyes

The unique identifier of the review.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List commits on a pull request

Lists a maximum of 250 commits for a pull request. To receive a complete commit list for pull requests with more than 250 commits, use the List commits endpoint.

octokit.rest.pulls.listCommits({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List pull requests files

Note: Responses include a maximum of 3000 files. The paginated response returns 30 files per page by default.

octokit.rest.pulls.listFiles({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List requested reviewers for a pull request

octokit.rest.pulls.listRequestedReviewers({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List review comments on a pull request

Lists all review comments for a pull request. By default, review comments are in ascending order by ID.

octokit.rest.pulls.listReviewComments({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

sortno

The property to sort the results by. created means when the repository was starred. updated means when the repository was last pushed to.

directionno

Can be either asc or desc. Ignored without sort parameter.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List review comments in a repository

Lists review comments for all pull requests in a repository. By default, review comments are in ascending order by ID.

octokit.rest.pulls.listReviewCommentsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

sortno
directionno

Can be either asc or desc. Ignored without sort parameter.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reviews for a pull request

The list of reviews returns in chronological order.

octokit.rest.pulls.listReviews({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Merge a pull request

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.pulls.merge({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

commit_titleno

Title for the automatic commit message.

commit_messageno

Extra detail to append to automatic commit message.

shano

SHA that pull request head must match to allow merge.

merge_methodno

Merge method to use. Possible values are merge, squash or rebase. Default is merge.

See also: GitHub Developer Guide documentation.

Remove requested reviewers from a pull request

octokit.rest.pulls.removeRequestedReviewers({
  owner,
  repo,
  pull_number,
  reviewers,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

reviewersyes

An array of user logins that will be removed.

team_reviewersno

An array of team slugs that will be removed.

See also: GitHub Developer Guide documentation.

Request reviewers for a pull request

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.pulls.requestReviewers({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

reviewersno

An array of user logins that will be requested.

team_reviewersno

An array of team slugs that will be requested.

See also: GitHub Developer Guide documentation.

Submit a review for a pull request

octokit.rest.pulls.submitReview({
  owner,
  repo,
  pull_number,
  review_id,
  event,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

review_idyes

The unique identifier of the review.

bodyno

The body text of the pull request review

eventyes

The review action you want to perform. The review actions include: APPROVE, REQUEST_CHANGES, or COMMENT. When you leave this blank, the API returns HTTP 422 (Unrecognizable entity) and sets the review action state to PENDING, which means you will need to re-submit the pull request review using a review action.

See also: GitHub Developer Guide documentation.

Update a pull request

Draft pull requests are available in public repositories with GitHub Free and GitHub Free for organizations, GitHub Pro, and legacy per-repository billing plans, and in public and private repositories with GitHub Team and GitHub Enterprise Cloud. For more information, see GitHub's products in the GitHub Help documentation.

To open or update a pull request in a public repository, you must have write access to the head or the source branch. For organization-owned repositories, you must be a member of the organization that owns the repository to open or update a pull request.

octokit.rest.pulls.update({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

titleno

The title of the pull request.

bodyno

The contents of the pull request.

stateno

State of this Pull Request. Either open or closed.

baseno

The name of the branch you want your changes pulled into. This should be an existing branch on the current repository. You cannot update the base branch on a pull request to point to another repository.

maintainer_can_modifyno

Indicates whether maintainers can modify the pull request.

See also: GitHub Developer Guide documentation.

Update a pull request branch

Updates the pull request branch with the latest upstream changes by merging HEAD from the base branch into the pull request branch.

octokit.rest.pulls.updateBranch({
  owner,
  repo,
  pull_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

expected_head_shano

The expected SHA of the pull request's HEAD ref. This is the most recent commit on the pull request's branch. If the expected SHA does not match the pull request's HEAD, you will receive a 422 Unprocessable Entity status. You can use the "List commits" endpoint to find the most recent commit SHA. Default: SHA of the pull request's current HEAD ref.

See also: GitHub Developer Guide documentation.

Update a review for a pull request

Update the review summary comment with new text.

octokit.rest.pulls.updateReview({
  owner,
  repo,
  pull_number,
  review_id,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pull_numberyes

The number that identifies the pull request.

review_idyes

The unique identifier of the review.

bodyyes

The body text of the pull request review.

See also: GitHub Developer Guide documentation.

Update a review comment for a pull request

Enables you to edit a review comment.

octokit.rest.pulls.updateReviewComment({
  owner,
  repo,
  comment_id,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

bodyyes

The text of the reply to the review comment.

See also: GitHub Developer Guide documentation.

Rate-Limit

Get rate limit status for the authenticated user

Note: Accessing this endpoint does not count against your REST API rate limit.

Note: The rate object is deprecated. If you're writing new API client code or updating existing code, you should use the core object instead of the rate object. The core object contains the same information that is present in the rate object.

octokit.rest.rateLimit.get();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Reactions

Create reaction for a commit comment

Create a reaction to a commit comment. A response with an HTTP 200 status means that you already added the reaction type to this commit comment.

octokit.rest.reactions.createForCommitComment({
  owner,
  repo,
  comment_id,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

contentyes

The reaction type to add to the commit comment.

See also: GitHub Developer Guide documentation.

Create reaction for an issue

Create a reaction to an issue. A response with an HTTP 200 status means that you already added the reaction type to this issue.

octokit.rest.reactions.createForIssue({
  owner,
  repo,
  issue_number,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

contentyes

The reaction type to add to the issue.

See also: GitHub Developer Guide documentation.

Create reaction for an issue comment

Create a reaction to an issue comment. A response with an HTTP 200 status means that you already added the reaction type to this issue comment.

octokit.rest.reactions.createForIssueComment({
  owner,
  repo,
  comment_id,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

contentyes

The reaction type to add to the issue comment.

See also: GitHub Developer Guide documentation.

Create reaction for a pull request review comment

Create a reaction to a pull request review comment. A response with an HTTP 200 status means that you already added the reaction type to this pull request review comment.

octokit.rest.reactions.createForPullRequestReviewComment({
  owner,
  repo,
  comment_id,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

contentyes

The reaction type to add to the pull request review comment.

See also: GitHub Developer Guide documentation.

Create reaction for a release

Create a reaction to a release. A response with a Status: 200 OK means that you already added the reaction type to this release.

octokit.rest.reactions.createForRelease({
  owner,
  repo,
  release_id,
  content,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

contentyes

The reaction type to add to the release.

See also: GitHub Developer Guide documentation.

Create reaction for a team discussion comment

Create a reaction to a team discussion comment. OAuth access tokens require the write:discussion scope. A response with an HTTP 200 status means that you already added the reaction type to this team discussion comment.

Note: You can also specify a team by org_id and team_id using the route POST /organizations/:org_id/team/:team_id/discussions/:discussion_number/comments/:comment_number/reactions.

octokit.rest.reactions.createForTeamDiscussionCommentInOrg({
  org,
  team_slug,
  discussion_number,
  comment_number,
  content,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

comment_numberyes

The number that identifies the comment.

contentyes

The reaction type to add to the team discussion comment.

See also: GitHub Developer Guide documentation.

Create reaction for a team discussion

Create a reaction to a team discussion. OAuth access tokens require the write:discussion scope. A response with an HTTP 200 status means that you already added the reaction type to this team discussion.

Note: You can also specify a team by org_id and team_id using the route POST /organizations/:org_id/team/:team_id/discussions/:discussion_number/reactions.

octokit.rest.reactions.createForTeamDiscussionInOrg({
  org,
  team_slug,
  discussion_number,
  content,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

contentyes

The reaction type to add to the team discussion.

See also: GitHub Developer Guide documentation.

Delete a commit comment reaction

Note: You can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/comments/:comment_id/reactions/:reaction_id.

Delete a reaction to a commit comment.

octokit.rest.reactions.deleteForCommitComment({
  owner,
  repo,
  comment_id,
  reaction_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

Delete an issue reaction

Note: You can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/issues/:issue_number/reactions/:reaction_id.

Delete a reaction to an issue.

octokit.rest.reactions.deleteForIssue({
  owner,
  repo,
  issue_number,
  reaction_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

Delete an issue comment reaction

Note: You can also specify a repository by repository_id using the route DELETE delete /repositories/:repository_id/issues/comments/:comment_id/reactions/:reaction_id.

Delete a reaction to an issue comment.

octokit.rest.reactions.deleteForIssueComment({
  owner,
  repo,
  comment_id,
  reaction_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

Delete a pull request comment reaction

Note: You can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/pulls/comments/:comment_id/reactions/:reaction_id.

Delete a reaction to a pull request review comment.

octokit.rest.reactions.deleteForPullRequestComment({
  owner,
  repo,
  comment_id,
  reaction_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

Delete a release reaction

Note: You can also specify a repository by repository_id using the route DELETE delete /repositories/:repository_id/releases/:release_id/reactions/:reaction_id.

Delete a reaction to a release.

octokit.rest.reactions.deleteForRelease({
  owner,
  repo,
  release_id,
  reaction_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

Delete team discussion reaction

Note: You can also specify a team or organization with team_id and org_id using the route DELETE /organizations/:org_id/team/:team_id/discussions/:discussion_number/reactions/:reaction_id.

Delete a reaction to a team discussion. OAuth access tokens require the write:discussion scope.

octokit.rest.reactions.deleteForTeamDiscussion({
  org,
  team_slug,
  discussion_number,
  reaction_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

Delete team discussion comment reaction

Note: You can also specify a team or organization with team_id and org_id using the route DELETE /organizations/:org_id/team/:team_id/discussions/:discussion_number/comments/:comment_number/reactions/:reaction_id.

Delete a reaction to a team discussion comment. OAuth access tokens require the write:discussion scope.

octokit.rest.reactions.deleteForTeamDiscussionComment({
  org,
  team_slug,
  discussion_number,
  comment_number,
  reaction_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

comment_numberyes

The number that identifies the comment.

reaction_idyes

The unique identifier of the reaction.

See also: GitHub Developer Guide documentation.

List reactions for a commit comment

List the reactions to a commit comment.

octokit.rest.reactions.listForCommitComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to a commit comment.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reactions for an issue

List the reactions to an issue.

octokit.rest.reactions.listForIssue({
  owner,
  repo,
  issue_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

issue_numberyes

The number that identifies the issue.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to an issue.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reactions for an issue comment

List the reactions to an issue comment.

octokit.rest.reactions.listForIssueComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to an issue comment.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reactions for a pull request review comment

List the reactions to a pull request review comment.

octokit.rest.reactions.listForPullRequestReviewComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to a pull request review comment.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reactions for a release

List the reactions to a release.

octokit.rest.reactions.listForRelease({
  owner,
  repo,
  release_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to a release.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reactions for a team discussion comment

List the reactions to a team discussion comment. OAuth access tokens require the read:discussion scope.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/:org_id/team/:team_id/discussions/:discussion_number/comments/:comment_number/reactions.

octokit.rest.reactions.listForTeamDiscussionCommentInOrg({
  org,
  team_slug,
  discussion_number,
  comment_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

comment_numberyes

The number that identifies the comment.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to a team discussion comment.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List reactions for a team discussion

List the reactions to a team discussion. OAuth access tokens require the read:discussion scope.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/:org_id/team/:team_id/discussions/:discussion_number/reactions.

octokit.rest.reactions.listForTeamDiscussionInOrg({
  org,
  team_slug,
  discussion_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

contentno

Returns a single reaction type. Omit this parameter to list all reactions to a team discussion.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Repos

Accept a repository invitation

Deprecated: This method has been renamed to repos.acceptInvitationForAuthenticatedUser

octokit.rest.repos.acceptInvitation({
  invitation_id,
});

Parameters

namerequireddescription
invitation_idyes

The unique identifier of the invitation.

See also: GitHub Developer Guide documentation.

Accept a repository invitation

octokit.rest.repos.acceptInvitationForAuthenticatedUser({
  invitation_id,
});

Parameters

namerequireddescription
invitation_idyes

The unique identifier of the invitation.

See also: GitHub Developer Guide documentation.

Add app access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Grants the specified apps push access for this branch. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

TypeDescription
arrayThe GitHub Apps that have push access to this branch. Use the app's slug. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.addAppAccessRestrictions({
  owner,
  repo,
  branch,
  apps,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

appsyes

See also: GitHub Developer Guide documentation.

Add a repository collaborator

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

Adding an outside collaborator may be restricted by enterprise administrators. For more information, see "Enforcing repository management policies in your enterprise."

For more information on permission levels, see "Repository permission levels for an organization". There are restrictions on which permissions can be granted to organization members when an organization base role is in place. In this case, the permission being given must be equal to or higher than the org base permission. Otherwise, the request will fail with:

Cannot assign {member} permission of {role name}

Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

The invitee will receive a notification that they have been invited to the repository, which they must accept or decline. They may do this via the notifications page, the email they receive, or by using the repository invitations API endpoints.

Updating an existing collaborator's permission level

The endpoint can also be used to change the permissions of an existing collaborator without first removing and re-adding the collaborator. To change the permissions, use the same endpoint and pass a different permission parameter. The response will be a 204, with no other indication that the permission level changed.

Rate limits

You are limited to sending 50 invitations to a repository per 24 hour period. Note there is no limit if you are inviting organization members to an organization repository.

octokit.rest.repos.addCollaborator({
  owner,
  repo,
  username,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

permissionno

The permission to grant the collaborator. Only valid on organization-owned repositories. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any.

See also: GitHub Developer Guide documentation.

Add status check contexts

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.addStatusCheckContexts({
  owner,
  repo,
  branch,
  contexts,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

contextsyes

See also: GitHub Developer Guide documentation.

Add team access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Grants the specified teams push access for this branch. You can also give push access to child teams.

TypeDescription
arrayThe teams that can have push access. Use the team's slug. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.addTeamAccessRestrictions({
  owner,
  repo,
  branch,
  teams,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

teamsyes

See also: GitHub Developer Guide documentation.

Add user access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Grants the specified people push access for this branch.

TypeDescription
arrayUsernames for people who can have push access. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.addUserAccessRestrictions({
  owner,
  repo,
  branch,
  users,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

usersyes

See also: GitHub Developer Guide documentation.

Check if a user is a repository collaborator

For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners.

Team members will include the members of child teams.

You must authenticate using an access token with the read:org and repo scopes with push access to use this endpoint. GitHub Apps must have the members organization permission and metadata repository permission to use this endpoint.

octokit.rest.repos.checkCollaborator({
  owner,
  repo,
  username,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Check if vulnerability alerts are enabled for a repository

Shows whether dependency alerts are enabled or disabled for a repository. The authenticated user must have admin read access to the repository. For more information, see "About security alerts for vulnerable dependencies".

octokit.rest.repos.checkVulnerabilityAlerts({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List CODEOWNERS errors

List any syntax errors that are detected in the CODEOWNERS file.

For more information about the correct CODEOWNERS syntax, see "About code owners."

octokit.rest.repos.codeownersErrors({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refno

A branch, tag or commit name used to determine which version of the CODEOWNERS file to use. Default: the repository's default branch (e.g. main)

See also: GitHub Developer Guide documentation.

Compare two commits

Deprecated: Use repos.compareCommitsWithBasehead() (GET /repos/{owner}/{repo}/compare/{basehead}) instead. Both :base and :head must be branch names in :repo. To compare branches across other repositories in the same network as :repo, use the format <USERNAME>:branch.

The response from the API is equivalent to running the git log base..head command; however, commits are returned in chronological order. Pass the appropriate media type to fetch diff and patch formats.

The response also includes details on the files that were changed between the two commits. This includes the status of the change (for example, if a file was added, removed, modified, or renamed), and details of the change itself. For example, files with a renamed status have a previous_filename field showing the previous filename of the file, and files with a modified status have a patch field showing the changes made to the file.

Working with large comparisons

To process a response with a large number of commits, you can use (per_page or page) to paginate the results. When using paging, the list of changed files is only returned with page 1, but includes all changed files for the entire comparison. For more information on working with pagination, see "Traversing with pagination."

When calling this API without any paging parameters (per_page or page), the returned list is limited to 250 commits and the last commit in the list is the most recent of the entire comparison. When a paging parameter is specified, the first commit in the returned list of each page is the earliest.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.repos.compareCommits({
  owner,
  repo,
  base,
  head,
});

Parameters

namerequireddescription
owneryes
repoyes
baseyes
headyes
per_pageno

Results per page.

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Compare two commits

The basehead param is comprised of two parts: base and head. Both must be branch names in repo. To compare branches across other repositories in the same network as repo, use the format <USERNAME>:branch.

The response from the API is equivalent to running the git log base..head command; however, commits are returned in chronological order. Pass the appropriate media type to fetch diff and patch formats.

The response also includes details on the files that were changed between the two commits. This includes the status of the change (for example, if a file was added, removed, modified, or renamed), and details of the change itself. For example, files with a renamed status have a previous_filename field showing the previous filename of the file, and files with a modified status have a patch field showing the changes made to the file.

Working with large comparisons

To process a response with a large number of commits, you can use (per_page or page) to paginate the results. When using paging, the list of changed files is only returned with page 1, but includes all changed files for the entire comparison. For more information on working with pagination, see "Traversing with pagination."

When calling this API without any paging parameters (per_page or page), the returned list is limited to 250 commits and the last commit in the list is the most recent of the entire comparison. When a paging parameter is specified, the first commit in the returned list of each page is the earliest.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.repos.compareCommitsWithBasehead({
  owner,
  repo,
  basehead,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

baseheadyes

The base branch and head branch to compare. This parameter expects the format {base}...{head}.

See also: GitHub Developer Guide documentation.

Users with admin access to the repository can create an autolink.

octokit.rest.repos.createAutolink({
  owner,
  repo,
  key_prefix,
  url_template,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

key_prefixyes

The prefix appended by alphanumeric characters will generate a link any time it is found in an issue, pull request, or commit.

url_templateyes

The URL must contain <num> for the reference number. <num> matches alphanumeric characters A-Z (case insensitive), 0-9, and -.

See also: GitHub Developer Guide documentation.

Create a commit comment

Create a comment for a commit using its :commit_sha.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.repos.createCommitComment({
  owner,
  repo,
  commit_sha,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

commit_shayes

The SHA of the commit.

bodyyes

The contents of the comment.

pathno

Relative path of the file to comment on.

positionno

Line index in the diff to comment on.

lineno

Deprecated. Use position parameter instead. Line number in the file to comment on.

See also: GitHub Developer Guide documentation.

Create commit signature protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

When authenticated with admin or owner permissions to the repository, you can use this endpoint to require signed commits on a branch. You must enable branch protection to require signed commits.

octokit.rest.repos.createCommitSignatureProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Create a commit status

Users with push access in a repository can create commit statuses for a given SHA.

Note: there is a limit of 1000 statuses per sha and context within a repository. Attempts to create more than 1000 statuses will result in a validation error.

octokit.rest.repos.createCommitStatus({
  owner,
  repo,
  sha,
  state,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

shayes
stateyes

The state of the status.

target_urlno

The target URL to associate with this status. This URL will be linked from the GitHub UI to allow users to easily see the source of the status.
For example, if your continuous integration system is posting build status, you would want to provide the deep link for the build output for this specific SHA:
http://ci.example.com/user/repo/build/sha

descriptionno

A short description of the status.

contextno

A string label to differentiate this status from the status of other systems. This field is case-insensitive.

See also: GitHub Developer Guide documentation.

Create a deploy key

You can create a read-only deploy key.

octokit.rest.repos.createDeployKey({
  owner,
  repo,
  key,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

titleno

A name for the key.

keyyes

The contents of the key.

read_onlyno

If true, the key will only be able to read repository contents. Otherwise, the key will be able to read and write.

Deploy keys with write access can perform the same actions as an organization member with admin access, or a collaborator on a personal repository. For more information, see "Repository permission levels for an organization" and "Permission levels for a user account repository."

See also: GitHub Developer Guide documentation.

Create a deployment

Deployments offer a few configurable parameters with certain defaults.

The ref parameter can be any named branch, tag, or SHA. At GitHub we often deploy branches and verify them before we merge a pull request.

The environment parameter allows deployments to be issued to different runtime environments. Teams often have multiple environments for verifying their applications, such as production, staging, and qa. This parameter makes it easier to track which environments have requested deployments. The default environment is production.

The auto_merge parameter is used to ensure that the requested ref is not behind the repository's default branch. If the ref is behind the default branch for the repository, we will attempt to merge it for you. If the merge succeeds, the API will return a successful merge commit. If merge conflicts prevent the merge from succeeding, the API will return a failure response.

By default, commit statuses for every submitted context must be in a success state. The required_contexts parameter allows you to specify a subset of contexts that must be success, or to specify contexts that have not yet been submitted. You are not required to use commit statuses to deploy. If you do not require any contexts or create any commit statuses, the deployment will always succeed.

The payload parameter is available for any extra information that a deployment system might need. It is a JSON text field that will be passed on when a deployment event is dispatched.

The task parameter is used by the deployment system to allow different execution paths. In the web world this might be deploy:migrations to run schema changes on the system. In the compiled world this could be a flag to compile an application with debugging enabled.

Users with repo or repo_deployment scopes can create a deployment for a given ref.

Merged branch response

You will see this response when GitHub automatically merges the base branch into the topic branch instead of creating a deployment. This auto-merge happens when:

  • Auto-merge option is enabled in the repository
  • Topic branch does not include the latest changes on the base branch, which is master in the response example
  • There are no merge conflicts

If there are no new commits in the base branch, a new request to create a deployment should give a successful response.

Merge conflict response

This error happens when the auto_merge option is enabled and when the default branch (in this case master), can't be merged into the branch that's being deployed (in this case topic-branch), due to merge conflicts.

Failed commit status checks

This error happens when the required_contexts parameter indicates that one or more contexts need to have a success status for the commit to be deployed, but one or more of the required contexts do not have a state of success.

octokit.rest.repos.createDeployment({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

The ref to deploy. This can be a branch, tag, or SHA.

taskno

Specifies a task to execute (e.g., deploy or deploy:migrations).

auto_mergeno

Attempts to automatically merge the default branch into the requested ref, if it's behind the default branch.

required_contextsno

The status contexts to verify against commit status checks. If you omit this parameter, GitHub verifies all unique contexts before creating a deployment. To bypass checking entirely, pass an empty array. Defaults to all unique contexts.

payloadno
environmentno

Name for the target deployment environment (e.g., production, staging, qa).

descriptionno

Short description of the deployment.

transient_environmentno

Specifies if the given environment is specific to the deployment and will no longer exist at some point in the future. Default: false

production_environmentno

Specifies if the given environment is one that end-users directly interact with. Default: true when environment is production and false otherwise.

See also: GitHub Developer Guide documentation.

Create a deployment status

Users with push access can create deployment statuses for a given deployment.

GitHub Apps require read & write access to "Deployments" and read-only access to "Repo contents" (for private repos). OAuth Apps require the repo_deployment scope.

octokit.rest.repos.createDeploymentStatus({
  owner,
  repo,
  deployment_id,
  state,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

deployment_idyes

deployment_id parameter

stateyes

The state of the status. When you set a transient deployment to inactive, the deployment will be shown as destroyed in GitHub.

target_urlno

The target URL to associate with this status. This URL should contain output to keep the user updated while the task is running or serve as historical information for what happened in the deployment. Note: It's recommended to use the log_url parameter, which replaces target_url.

log_urlno

The full URL of the deployment's output. This parameter replaces target_url. We will continue to accept target_url to support legacy uses, but we recommend replacing target_url with log_url. Setting log_url will automatically set target_url to the same value. Default: ""

descriptionno

A short description of the status. The maximum description length is 140 characters.

environmentno

Name for the target deployment environment, which can be changed when setting a deploy status. For example, production, staging, or qa.

environment_urlno

Sets the URL for accessing your environment. Default: ""

auto_inactiveno

Adds a new inactive status to all prior non-transient, non-production environment deployments with the same repository and environment name as the created status's deployment. An inactive status is only added to deployments that had a success state. Default: true

See also: GitHub Developer Guide documentation.

Create a repository dispatch event

You can use this endpoint to trigger a webhook event called repository_dispatch when you want activity that happens outside of GitHub to trigger a GitHub Actions workflow or GitHub App webhook. You must configure your GitHub Actions workflow or GitHub App to run when the repository_dispatch event occurs. For an example repository_dispatch webhook payload, see "RepositoryDispatchEvent."

The client_payload parameter is available for any extra information that your workflow might need. This parameter is a JSON payload that will be passed on when the webhook event is dispatched. For example, the client_payload can include a message that a user would like to send using a GitHub Actions workflow. Or the client_payload can be used as a test to debug your workflow.

This endpoint requires write access to the repository by providing either:

This input example shows how you can use the client_payload as a test to debug your workflow.

octokit.rest.repos.createDispatchEvent({
  owner,
  repo,
  event_type,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

event_typeyes

A custom webhook event name. Must be 100 characters or fewer.

client_payloadno

JSON payload with extra information about the webhook event that your action or worklow may use.

client_payload.*no

See also: GitHub Developer Guide documentation.

Create a repository for the authenticated user

Creates a new repository for the authenticated user.

OAuth scope requirements

When using OAuth, authorizations must include:

  • public_repo scope or repo scope to create a public repository. Note: For GitHub AE, use repo scope to create an internal repository.
  • repo scope to create a private repository.
octokit.rest.repos.createForAuthenticatedUser({
  name,
});

Parameters

namerequireddescription
nameyes

The name of the repository.

descriptionno

A short description of the repository.

homepageno

A URL with more information about the repository.

privateno

Whether the repository is private.

has_issuesno

Whether issues are enabled.

has_projectsno

Whether projects are enabled.

has_wikino

Whether the wiki is enabled.

team_idno

The id of the team that will be granted access to this repository. This is only valid when creating a repository in an organization.

auto_initno

Whether the repository is initialized with a minimal README.

gitignore_templateno

The desired language or platform to apply to the .gitignore.

license_templateno

The license keyword of the open source license for this repository.

allow_squash_mergeno

Whether to allow squash merges for pull requests.

allow_merge_commitno

Whether to allow merge commits for pull requests.

allow_rebase_mergeno

Whether to allow rebase merges for pull requests.

allow_auto_mergeno

Whether to allow Auto-merge to be used on pull requests.

delete_branch_on_mergeno

Whether to delete head branches when pull requests are merged

has_downloadsno

Whether downloads are enabled.

is_templateno

Whether this repository acts as a template that can be used to generate new repositories.

See also: GitHub Developer Guide documentation.

Create a fork

Create a fork for the authenticated user.

Note: Forking a Repository happens asynchronously. You may have to wait a short period of time before you can access the git objects. If this takes longer than 5 minutes, be sure to contact GitHub Support.

octokit.rest.repos.createFork({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

organizationno

Optional parameter to specify the organization name if forking into an organization.

nameno

When forking from an existing repository, a new name for the fork.

See also: GitHub Developer Guide documentation.

Create an organization repository

Creates a new repository in the specified organization. The authenticated user must be a member of the organization.

OAuth scope requirements

When using OAuth, authorizations must include:

  • public_repo scope or repo scope to create a public repository. Note: For GitHub AE, use repo scope to create an internal repository.
  • repo scope to create a private repository
octokit.rest.repos.createInOrg({
  org,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the repository.

descriptionno

A short description of the repository.

homepageno

A URL with more information about the repository.

privateno

Whether the repository is private.

visibilityno

Can be public or private. If your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+, visibility can also be internal. Note: For GitHub Enterprise Server and GitHub AE, this endpoint will only list repositories available to all users on the enterprise. For more information, see "Creating an internal repository" in the GitHub Help documentation.

has_issuesno

Either true to enable issues for this repository or false to disable them.

has_projectsno

Either true to enable projects for this repository or false to disable them. Note: If you're creating a repository in an organization that has disabled repository projects, the default is false, and if you pass true, the API returns an error.

has_wikino

Either true to enable the wiki for this repository or false to disable it.

is_templateno

Either true to make this repo available as a template repository or false to prevent it.

team_idno

The id of the team that will be granted access to this repository. This is only valid when creating a repository in an organization.

auto_initno

Pass true to create an initial commit with empty README.

gitignore_templateno

Desired language or platform .gitignore template to apply. Use the name of the template without the extension. For example, "Haskell".

license_templateno

Choose an open source license template that best suits your needs, and then use the license keyword as the license_template string. For example, "mit" or "mpl-2.0".

allow_squash_mergeno

Either true to allow squash-merging pull requests, or false to prevent squash-merging.

allow_merge_commitno

Either true to allow merging pull requests with a merge commit, or false to prevent merging pull requests with merge commits.

allow_rebase_mergeno

Either true to allow rebase-merging pull requests, or false to prevent rebase-merging.

allow_auto_mergeno

Either true to allow auto-merge on pull requests, or false to disallow auto-merge.

delete_branch_on_mergeno

Either true to allow automatically deleting head branches when pull requests are merged, or false to prevent automatic deletion.

use_squash_pr_title_as_defaultno

Either true to allow squash-merge commits to use pull request title, or false to use commit message.

See also: GitHub Developer Guide documentation.

Create or update an environment

Create or update an environment with protection rules, such as required reviewers. For more information about environment protection rules, see "Environments."

Note: Although you can use this operation to specify that only branches that match specified name patterns can deploy to this environment, you must use the UI to set the name patterns. For more information, see "Environments."

Note: To create or update secrets for an environment, see "Secrets."

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.repos.createOrUpdateEnvironment({
        owner,
repo,
environment_name,
deployment_branch_policy.protected_branches,
deployment_branch_policy.custom_branch_policies
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

environment_nameyes

The name of the environment

wait_timerno

The amount of time to delay a job after the job is initially triggered. The time (in minutes) must be an integer between 0 and 43,200 (30 days).

reviewersno

The people or teams that may review jobs that reference the environment. You can list up to six users or teams as reviewers. The reviewers must have at least read access to the repository. Only one of the required reviewers needs to approve the job for it to proceed.

reviewers[].typeno

The type of reviewer.

reviewers[].idno

The id of the user or team who can review the deployment

deployment_branch_policyno

The type of deployment branch policy for this environment. To allow all branches to deploy, set to null.

deployment_branch_policy.protected_branchesyes

Whether only branches with branch protection rules can deploy to this environment. If protected_branches is true, custom_branch_policies must be false; if protected_branches is false, custom_branch_policies must be true.

deployment_branch_policy.custom_branch_policiesyes

Whether only branches that match the specified name patterns can deploy to this environment. If custom_branch_policies is true, protected_branches must be false; if custom_branch_policies is false, protected_branches must be true.

See also: GitHub Developer Guide documentation.

Create or update file contents

Creates a new file or replaces an existing file in a repository.

octokit.rest.repos.createOrUpdateFileContents({
        owner,
repo,
path,
message,
content,
committer.name,
committer.email,
author.name,
author.email
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pathyes

path parameter

messageyes

The commit message.

contentyes

The new file content, using Base64 encoding.

shano

Required if you are updating a file. The blob SHA of the file being replaced.

branchno

The branch name. Default: the repository’s default branch (usually master)

committerno

The person that committed the file. Default: the authenticated user.

committer.nameyes

The name of the author or committer of the commit. You'll receive a 422 status code if name is omitted.

committer.emailyes

The email of the author or committer of the commit. You'll receive a 422 status code if email is omitted.

committer.dateno
authorno

The author of the file. Default: The committer or the authenticated user if you omit committer.

author.nameyes

The name of the author or committer of the commit. You'll receive a 422 status code if name is omitted.

author.emailyes

The email of the author or committer of the commit. You'll receive a 422 status code if email is omitted.

author.dateno

See also: GitHub Developer Guide documentation.

Create a GitHub Pages site

Configures a GitHub Pages site. For more information, see "About GitHub Pages."

octokit.rest.repos.createPagesSite({
        owner,
repo,
source.branch
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

sourceno

The source branch and directory used to publish your Pages site.

source.branchyes

The repository branch used to publish your site's source files.

source.pathno

The repository directory that includes the source files for the Pages site. Allowed paths are / or /docs. Default: /

See also: GitHub Developer Guide documentation.

Create a release

Users with push access to the repository can create a release.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

octokit.rest.repos.createRelease({
  owner,
  repo,
  tag_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tag_nameyes

The name of the tag.

target_commitishno

Specifies the commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. Unused if the Git tag already exists. Default: the repository's default branch (usually master).

nameno

The name of the release.

bodyno

Text describing the contents of the tag.

draftno

true to create a draft (unpublished) release, false to create a published one.

prereleaseno

true to identify the release as a prerelease. false to identify the release as a full release.

discussion_category_nameno

If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. For more information, see "Managing categories for discussions in your repository."

generate_release_notesno

Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes.

See also: GitHub Developer Guide documentation.

Create a tag protection state for a repository

This creates a tag protection state for a repository. This endpoint is only available to repository administrators.

octokit.rest.repos.createTagProtection({
  owner,
  repo,
  pattern,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

patternyes

An optional glob pattern to match against when enforcing tag protection.

See also: GitHub Developer Guide documentation.

Create a repository using a template

Creates a new repository using a repository template. Use the template_owner and template_repo route parameters to specify the repository to use as the template. The authenticated user must own or be a member of an organization that owns the repository. To check if a repository is available to use as a template, get the repository's information using the Get a repository endpoint and check that the is_template key is true.

OAuth scope requirements

When using OAuth, authorizations must include:

  • public_repo scope or repo scope to create a public repository. Note: For GitHub AE, use repo scope to create an internal repository.
  • repo scope to create a private repository
octokit.rest.repos.createUsingTemplate({
  template_owner,
  template_repo,
  name,
});

Parameters

namerequireddescription
template_owneryes
template_repoyes
ownerno

The organization or person who will own the new repository. To create a new repository in an organization, the authenticated user must be a member of the specified organization.

nameyes

The name of the new repository.

descriptionno

A short description of the new repository.

include_all_branchesno

Set to true to include the directory structure and files from all branches in the template repository, and not just the default branch. Default: false.

privateno

Either true to create a new private repository or false to create a new public one.

See also: GitHub Developer Guide documentation.

Create a repository webhook

Repositories can have multiple webhooks installed. Each webhook should have a unique config. Multiple webhooks can share the same config as long as those webhooks do not have any events that overlap.

octokit.rest.repos.createWebhook({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameno

Use web to create a webhook. Default: web. This parameter only accepts the value web.

configno

Key/value pairs to provide settings for this webhook. These are defined below.

config.urlno

The URL to which the payloads will be delivered.

config.content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

config.secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

config.insecure_sslno
config.tokenno
config.digestno
eventsno

Determines what events the hook is triggered for.

activeno

Determines if notifications are sent when the webhook is triggered. Set to true to send notifications.

See also: GitHub Developer Guide documentation.

Decline a repository invitation

Deprecated: This method has been renamed to repos.declineInvitationForAuthenticatedUser

octokit.rest.repos.declineInvitation({
  invitation_id,
});

Parameters

namerequireddescription
invitation_idyes

The unique identifier of the invitation.

See also: GitHub Developer Guide documentation.

Decline a repository invitation

octokit.rest.repos.declineInvitationForAuthenticatedUser({
  invitation_id,
});

Parameters

namerequireddescription
invitation_idyes

The unique identifier of the invitation.

See also: GitHub Developer Guide documentation.

Delete a repository

Deleting a repository requires admin access. If OAuth is used, the delete_repo scope is required.

If an organization owner has configured the organization to prevent members from deleting organization-owned repositories, you will get a 403 Forbidden response.

octokit.rest.repos.delete({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Disables the ability to restrict who can push to this branch.

octokit.rest.repos.deleteAccessRestrictions({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Delete admin branch protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removing admin enforcement requires admin or owner permissions to the repository and branch protection to be enabled.

octokit.rest.repos.deleteAdminBranchProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Delete an environment

You must authenticate using an access token with the repo scope to use this endpoint.

octokit.rest.repos.deleteAnEnvironment({
  owner,
  repo,
  environment_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

environment_nameyes

The name of the environment

See also: GitHub Developer Guide documentation.

This deletes a single autolink reference by ID that was configured for the given repository.

Information about autolinks are only available to repository administrators.

octokit.rest.repos.deleteAutolink({
  owner,
  repo,
  autolink_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

autolink_idyes

The unique identifier of the autolink.

See also: GitHub Developer Guide documentation.

Delete branch protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.deleteBranchProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Delete a commit comment

octokit.rest.repos.deleteCommitComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Delete commit signature protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

When authenticated with admin or owner permissions to the repository, you can use this endpoint to disable required signed commits on a branch. You must enable branch protection to require signed commits.

octokit.rest.repos.deleteCommitSignatureProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Delete a deploy key

Deploy keys are immutable. If you need to update a key, remove the key and create a new one instead.

octokit.rest.repos.deleteDeployKey({
  owner,
  repo,
  key_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

key_idyes

The unique identifier of the key.

See also: GitHub Developer Guide documentation.

Delete a deployment

If the repository only has one deployment, you can delete the deployment regardless of its status. If the repository has more than one deployment, you can only delete inactive deployments. This ensures that repositories with multiple deployments will always have an active deployment. Anyone with repo or repo_deployment scopes can delete a deployment.

To set a deployment as inactive, you must:

  • Create a new deployment that is active so that the system has a record of the current state, then delete the previously active deployment.
  • Mark the active deployment as inactive by adding any non-successful deployment status.

For more information, see "Create a deployment" and "Create a deployment status."

octokit.rest.repos.deleteDeployment({
  owner,
  repo,
  deployment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

deployment_idyes

deployment_id parameter

See also: GitHub Developer Guide documentation.

Delete a file

Deletes a file in a repository.

You can provide an additional committer parameter, which is an object containing information about the committer. Or, you can provide an author parameter, which is an object containing information about the author.

The author section is optional and is filled in with the committer information if omitted. If the committer information is omitted, the authenticated user's information is used.

You must provide values for both name and email, whether you choose to use author or committer. Otherwise, you'll receive a 422 status code.

octokit.rest.repos.deleteFile({
  owner,
  repo,
  path,
  message,
  sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pathyes

path parameter

messageyes

The commit message.

shayes

The blob SHA of the file being replaced.

branchno

The branch name. Default: the repository’s default branch (usually master)

committerno

object containing information about the committer.

committer.nameno

The name of the author (or committer) of the commit

committer.emailno

The email of the author (or committer) of the commit

authorno

object containing information about the author.

author.nameno

The name of the author (or committer) of the commit

author.emailno

The email of the author (or committer) of the commit

See also: GitHub Developer Guide documentation.

Delete a repository invitation

octokit.rest.repos.deleteInvitation({
  owner,
  repo,
  invitation_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

invitation_idyes

The unique identifier of the invitation.

See also: GitHub Developer Guide documentation.

Delete a GitHub Pages site

octokit.rest.repos.deletePagesSite({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Delete pull request review protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.deletePullRequestReviewProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Delete a release

Users with push access to the repository can delete a release.

octokit.rest.repos.deleteRelease({
  owner,
  repo,
  release_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

See also: GitHub Developer Guide documentation.

Delete a release asset

octokit.rest.repos.deleteReleaseAsset({
  owner,
  repo,
  asset_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

asset_idyes

The unique identifier of the asset.

See also: GitHub Developer Guide documentation.

Delete a tag protection state for a repository

This deletes a tag protection state for a repository. This endpoint is only available to repository administrators.

octokit.rest.repos.deleteTagProtection({
  owner,
  repo,
  tag_protection_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tag_protection_idyes

The unique identifier of the tag protection.

See also: GitHub Developer Guide documentation.

Delete a repository webhook

octokit.rest.repos.deleteWebhook({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Disable automated security fixes

Disables automated security fixes for a repository. The authenticated user must have admin access to the repository. For more information, see "Configuring automated security fixes".

octokit.rest.repos.disableAutomatedSecurityFixes({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Disable Git LFS for a repository

octokit.rest.repos.disableLfsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Disable vulnerability alerts

Disables dependency alerts and the dependency graph for a repository. The authenticated user must have admin access to the repository. For more information, see "About security alerts for vulnerable dependencies".

octokit.rest.repos.disableVulnerabilityAlerts({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Download a repository archive (zip)

Deprecated: This method has been renamed to repos.downloadZipballArchive

Gets a redirect URL to download a zip archive for a repository. If you omit :ref, the repository’s default branch (usually master) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use the Location header to make a second GET request. Note: For private repositories, these links are temporary and expire after five minutes.

octokit.rest.repos.downloadArchive({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

See also: GitHub Developer Guide documentation.

Download a repository archive (tar)

Gets a redirect URL to download a tar archive for a repository. If you omit :ref, the repository’s default branch (usually master) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use the Location header to make a second GET request. Note: For private repositories, these links are temporary and expire after five minutes.

octokit.rest.repos.downloadTarballArchive({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

See also: GitHub Developer Guide documentation.

Download a repository archive (zip)

Gets a redirect URL to download a zip archive for a repository. If you omit :ref, the repository’s default branch (usually master) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use the Location header to make a second GET request. Note: For private repositories, these links are temporary and expire after five minutes.

octokit.rest.repos.downloadZipballArchive({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

See also: GitHub Developer Guide documentation.

Enable automated security fixes

Enables automated security fixes for a repository. The authenticated user must have admin access to the repository. For more information, see "Configuring automated security fixes".

octokit.rest.repos.enableAutomatedSecurityFixes({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Enable Git LFS for a repository

octokit.rest.repos.enableLfsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Enable vulnerability alerts

Enables dependency alerts and the dependency graph for a repository. The authenticated user must have admin access to the repository. For more information, see "About security alerts for vulnerable dependencies".

octokit.rest.repos.enableVulnerabilityAlerts({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Generate release notes content for a release

Generate a name and body describing a release. The body content will be markdown formatted and contain information like the changes since last release and users who contributed. The generated release notes are not saved anywhere. They are intended to be generated and used when creating a new release.

octokit.rest.repos.generateReleaseNotes({
  owner,
  repo,
  tag_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tag_nameyes

The tag name for the release. This can be an existing tag or a new one.

target_commitishno

Specifies the commitish value that will be the target for the release's tag. Required if the supplied tag_name does not reference an existing tag. Ignored if the tag_name already exists.

previous_tag_nameno

The name of the previous tag to use as the starting point for the release notes. Use to manually specify the range for the set of changes considered as part this release.

configuration_file_pathno

Specifies a path to a file in the repository containing configuration settings used for generating the release notes. If unspecified, the configuration file located in the repository at '.github/release.yml' or '.github/release.yaml' will be used. If that is not present, the default configuration will be used.

See also: GitHub Developer Guide documentation.

Get a repository

The parent and source objects are present when the repository is a fork. parent is the repository this repository was forked from, source is the ultimate source for the network.

octokit.rest.repos.get({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists who has access to this protected branch.

Note: Users, apps, and teams restrictions are only available for organization-owned repositories.

octokit.rest.repos.getAccessRestrictions({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get admin branch protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.getAdminBranchProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get all environments

Get all environments for a repository.

Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.repos.getAllEnvironments({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Get all status check contexts

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.getAllStatusCheckContexts({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get all repository topics

octokit.rest.repos.getAllTopics({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

See also: GitHub Developer Guide documentation.

Get apps with access to the protected branch

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists the GitHub Apps that have push access to this branch. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

octokit.rest.repos.getAppsWithAccessToProtectedBranch({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

This returns a single autolink reference by ID that was configured for the given repository.

Information about autolinks are only available to repository administrators.

octokit.rest.repos.getAutolink({
  owner,
  repo,
  autolink_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

autolink_idyes

The unique identifier of the autolink.

See also: GitHub Developer Guide documentation.

Get a branch

octokit.rest.repos.getBranch({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get branch protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.getBranchProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get repository clones

Get the total number of clones and breakdown per day or week for the last 14 days. Timestamps are aligned to UTC midnight of the beginning of the day or week. Week begins on Monday.

octokit.rest.repos.getClones({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

perno

The time frame to display results for.

See also: GitHub Developer Guide documentation.

Get the weekly commit activity

Returns a weekly aggregate of the number of additions and deletions pushed to a repository.

octokit.rest.repos.getCodeFrequencyStats({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get repository permissions for a user

Checks the repository permission of a collaborator. The possible repository permissions are admin, write, read, and none.

octokit.rest.repos.getCollaboratorPermissionLevel({
  owner,
  repo,
  username,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get the combined status for a specific reference

Users with pull access in a repository can access a combined view of commit statuses for a given ref. The ref can be a SHA, a branch name, or a tag name.

Additionally, a combined state is returned. The state is one of:

  • failure if any of the contexts report as error or failure
  • pending if there are no statuses or a context is pending
  • success if the latest status for all contexts is success
octokit.rest.repos.getCombinedStatusForRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Get a commit

Returns the contents of a single commit reference. You must have read access for the repository to use this endpoint.

Note: If there are more than 300 files in the commit diff, the response will include pagination link headers for the remaining files, up to a limit of 3000 files. Each page contains the static commit information, and the only changes are to the file listing.

You can pass the appropriate media type to fetch diff and patch formats. Diffs with binary data will have no patch property.

To return only the SHA-1 hash of the commit reference, you can provide the sha custom media type in the Accept header. You can use this endpoint to check if a remote reference's SHA-1 hash is the same as your local reference's SHA-1 hash by providing the local SHA-1 reference as the ETag.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.repos.getCommit({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

refyes

ref parameter

See also: GitHub Developer Guide documentation.

Get the last year of commit activity

Returns the last year of commit activity grouped by week. The days array is a group of commits per day, starting on Sunday.

octokit.rest.repos.getCommitActivityStats({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a commit comment

octokit.rest.repos.getCommitComment({
  owner,
  repo,
  comment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

See also: GitHub Developer Guide documentation.

Get commit signature protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

When authenticated with admin or owner permissions to the repository, you can use this endpoint to check whether a branch requires signed commits. An enabled status of true indicates you must sign commits on this branch. For more information, see Signing commits with GPG in GitHub Help.

Note: You must enable branch protection to require signed commits.

octokit.rest.repos.getCommitSignatureProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get community profile metrics

This endpoint will return all community profile metrics, including an overall health score, repository description, the presence of documentation, detected code of conduct, detected license, and the presence of ISSUE_TEMPLATE, PULL_REQUEST_TEMPLATE, README, and CONTRIBUTING files.

The health_percentage score is defined as a percentage of how many of these four documents are present: README, CONTRIBUTING, LICENSE, and CODE_OF_CONDUCT. For example, if all four documents are present, then the health_percentage is 100. If only one is present, then the health_percentage is 25.

content_reports_enabled is only returned for organization-owned repositories.

octokit.rest.repos.getCommunityProfileMetrics({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get repository content

Gets the contents of a file or directory in a repository. Specify the file path or directory in :path. If you omit :path, you will receive the contents of the repository's root directory. See the description below regarding what the API response includes for directories.

Files and symlinks support a custom media type for retrieving the raw content or rendered HTML (when supported). All content types support a custom media type to ensure the content is returned in a consistent object format.

Note:

  • To get a repository's contents recursively, you can recursively get the tree.
  • This API has an upper limit of 1,000 files for a directory. If you need to retrieve more files, use the Git Trees API.

Size limits

If the requested file's size is:

  • 1 MB or smaller: All features of this endpoint are supported.
  • Between 1-100 MB: Only the raw or object custom media types are supported. Both will work as normal, except that when using the object media type, the content field will be an empty string and the encoding field will be "none". To get the contents of these larger files, use the raw media type.
  • Greater than 100 MB: This endpoint is not supported.

If the content is a directory

The response will be an array of objects, one object for each item in the directory. When listing the contents of a directory, submodules have their "type" specified as "file". Logically, the value should be "submodule". This behavior exists in API v3 for backwards compatibility purposes. In the next major version of the API, the type will be returned as "submodule".

If the content is a symlink

If the requested :path points to a symlink, and the symlink's target is a normal file in the repository, then the API responds with the content of the file (in the format shown in the example. Otherwise, the API responds with an object describing the symlink itself.

If the content is a submodule

The submodule_git_url identifies the location of the submodule repository, and the sha identifies a specific commit within the submodule repository. Git uses the given URL when cloning the submodule repository, and checks out the submodule at that specific commit.

If the submodule repository is not hosted on github.com, the Git URLs (git_url and _links["git"]) and the github.com URLs (html_url and _links["html"]) will have null values.

octokit.rest.repos.getContent({
  owner,
  repo,
  path,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pathyes

path parameter

refno

The name of the commit/branch/tag. Default: the repository’s default branch (usually master)

See also: GitHub Developer Guide documentation.

Get all contributor commit activity

Returns the total number of commits authored by the contributor. In addition, the response includes a Weekly Hash (weeks array) with the following information:

  • w - Start of the week, given as a Unix timestamp.
  • a - Number of additions
  • d - Number of deletions
  • c - Number of commits
octokit.rest.repos.getContributorsStats({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a deploy key

octokit.rest.repos.getDeployKey({
  owner,
  repo,
  key_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

key_idyes

The unique identifier of the key.

See also: GitHub Developer Guide documentation.

Get a deployment

octokit.rest.repos.getDeployment({
  owner,
  repo,
  deployment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

deployment_idyes

deployment_id parameter

See also: GitHub Developer Guide documentation.

Get a deployment status

Users with pull access can view a deployment status for a deployment:

octokit.rest.repos.getDeploymentStatus({
  owner,
  repo,
  deployment_id,
  status_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

deployment_idyes

deployment_id parameter

status_idyes

See also: GitHub Developer Guide documentation.

Get an environment

Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.

octokit.rest.repos.getEnvironment({
  owner,
  repo,
  environment_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

environment_nameyes

The name of the environment

See also: GitHub Developer Guide documentation.

Get latest Pages build

octokit.rest.repos.getLatestPagesBuild({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get the latest release

View the latest published full release for the repository.

The latest release is the most recent non-prerelease, non-draft release, sorted by the created_at attribute. The created_at attribute is the date of the commit used for the release, and not the date when the release was drafted or published.

octokit.rest.repos.getLatestRelease({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a GitHub Pages site

octokit.rest.repos.getPages({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get GitHub Pages build

octokit.rest.repos.getPagesBuild({
  owner,
  repo,
  build_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

build_idyes

See also: GitHub Developer Guide documentation.

Get a DNS health check for GitHub Pages

Gets a health check of the DNS settings for the CNAME record configured for a repository's GitHub Pages.

The first request to this endpoint returns a 202 Accepted status and starts an asynchronous background task to get the results for the domain. After the background task completes, subsequent requests to this endpoint return a 200 OK status with the health check results in the response.

Users must have admin or owner permissions. GitHub Apps must have the pages:write and administration:write permission to use this endpoint.

octokit.rest.repos.getPagesHealthCheck({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get the weekly commit count

Returns the total commit counts for the owner and total commit counts in all. all is everyone combined, including the owner in the last 52 weeks. If you'd like to get the commit counts for non-owners, you can subtract owner from all.

The array order is oldest week (index 0) to most recent week.

octokit.rest.repos.getParticipationStats({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get pull request review protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.getPullRequestReviewProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get the hourly commit count for each day

Each array contains the day number, hour number, and number of commits:

  • 0-6: Sunday - Saturday
  • 0-23: Hour of day
  • Number of commits

For example, [2, 14, 25] indicates that there were 25 total commits, during the 2:00pm hour on Tuesdays. All times are based on the time zone of individual commits.

octokit.rest.repos.getPunchCardStats({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get a repository README

Gets the preferred README for a repository.

READMEs support custom media types for retrieving the raw content or rendered HTML.

octokit.rest.repos.getReadme({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refno

The name of the commit/branch/tag. Default: the repository’s default branch (usually master)

See also: GitHub Developer Guide documentation.

Get a repository README for a directory

Gets the README from a repository directory.

READMEs support custom media types for retrieving the raw content or rendered HTML.

octokit.rest.repos.getReadmeInDirectory({
  owner,
  repo,
  dir,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

diryes

The alternate path to look for a README file

refno

The name of the commit/branch/tag. Default: the repository’s default branch (usually master)

See also: GitHub Developer Guide documentation.

Get a release

Note: This returns an upload_url key corresponding to the endpoint for uploading release assets. This key is a hypermedia resource.

octokit.rest.repos.getRelease({
  owner,
  repo,
  release_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

See also: GitHub Developer Guide documentation.

Get a release asset

To download the asset's binary content, set the Accept header of the request to application/octet-stream. The API will either redirect the client to the location, or stream it directly if possible. API clients should handle both a 200 or 302 response.

octokit.rest.repos.getReleaseAsset({
  owner,
  repo,
  asset_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

asset_idyes

The unique identifier of the asset.

See also: GitHub Developer Guide documentation.

Get a release by tag name

Get a published release with the specified tag.

octokit.rest.repos.getReleaseByTag({
  owner,
  repo,
  tag,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

tagyes

tag parameter

See also: GitHub Developer Guide documentation.

Get status checks protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.getStatusChecksProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get teams with access to the protected branch

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists the teams who have push access to this branch. The list includes child teams.

octokit.rest.repos.getTeamsWithAccessToProtectedBranch({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get top referral paths

Get the top 10 popular contents over the last 14 days.

octokit.rest.repos.getTopPaths({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get top referral sources

Get the top 10 referrers over the last 14 days.

octokit.rest.repos.getTopReferrers({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Get users with access to the protected branch

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Lists the people who have push access to this branch.

octokit.rest.repos.getUsersWithAccessToProtectedBranch({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Get page views

Get the total number of views and breakdown per day or week for the last 14 days. Timestamps are aligned to UTC midnight of the beginning of the day or week. Week begins on Monday.

octokit.rest.repos.getViews({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

perno

The time frame to display results for.

See also: GitHub Developer Guide documentation.

Get a repository webhook

Returns a webhook configured in a repository. To get only the webhook config properties, see "Get a webhook configuration for a repository."

octokit.rest.repos.getWebhook({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Get a webhook configuration for a repository

Returns the webhook configuration for a repository. To get more information about the webhook, including the active state and events, use "Get a repository webhook."

Access tokens must have the read:repo_hook or repo scope, and GitHub Apps must have the repository_hooks:read permission.

octokit.rest.repos.getWebhookConfigForRepo({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Get a delivery for a repository webhook

Returns a delivery for a webhook configured in a repository.

octokit.rest.repos.getWebhookDelivery({
  owner,
  repo,
  hook_id,
  delivery_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

delivery_idyes

See also: GitHub Developer Guide documentation.

This returns a list of autolinks configured for the given repository.

Information about autolinks are only available to repository administrators.

octokit.rest.repos.listAutolinks({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List branches

octokit.rest.repos.listBranches({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

protectedno

Setting to true returns only protected branches. When set to false, only unprotected branches are returned. Omitting this parameter returns all branches.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List branches for HEAD commit

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Returns all branches where the given commit SHA is the HEAD, or latest commit for the branch.

octokit.rest.repos.listBranchesForHeadCommit({
  owner,
  repo,
  commit_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

commit_shayes

The SHA of the commit.

See also: GitHub Developer Guide documentation.

List repository collaborators

For organization-owned repositories, the list of collaborators includes outside collaborators, organization members that are direct collaborators, organization members with access through team memberships, organization members with access through default organization permissions, and organization owners. Organization members with write, maintain, or admin privileges on the organization-owned repository can use this endpoint.

Team members will include the members of child teams.

You must authenticate using an access token with the read:org and repo scopes with push access to use this endpoint. GitHub Apps must have the members organization permission and metadata repository permission to use this endpoint.

octokit.rest.repos.listCollaborators({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

affiliationno

Filter collaborators returned by their affiliation. outside means all outside collaborators of an organization-owned repository. direct means all collaborators with permissions to an organization-owned repository, regardless of organization membership status. all means all collaborators the authenticated user can see.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List commit comments

Use the :commit_sha to specify the commit that will have its comments listed.

octokit.rest.repos.listCommentsForCommit({
  owner,
  repo,
  commit_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

commit_shayes

The SHA of the commit.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List commit comments for a repository

Commit Comments use these custom media types. You can read more about the use of media types in the API here.

Comments are ordered by ascending ID.

octokit.rest.repos.listCommitCommentsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List commit statuses for a reference

Users with pull access in a repository can view commit statuses for a given ref. The ref can be a SHA, a branch name, or a tag name. Statuses are returned in reverse chronological order. The first status in the list will be the latest one.

This resource is also available via a legacy route: GET /repos/:owner/:repo/statuses/:ref.

octokit.rest.repos.listCommitStatusesForRef({
  owner,
  repo,
  ref,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

refyes

ref parameter

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List commits

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

NameTypeDescription
verifiedbooleanIndicates whether GitHub considers the signature in this commit to be verified.
reasonstringThe reason for verified value. Possible values and their meanings are enumerated in table below.
signaturestringThe signature that was extracted from the commit.
payloadstringThe value that was signed.

These are the possible values for reason in the verification object:

ValueDescription
expired_keyThe key that made the signature is expired.
not_signing_keyThe "signing" flag is not among the usage flags in the GPG key that made the signature.
gpgverify_errorThere was an error communicating with the signature verification service.
gpgverify_unavailableThe signature verification service is currently unavailable.
unsignedThe object does not include a signature.
unknown_signature_typeA non-PGP signature was found in the commit.
no_userNo user was associated with the committer email address in the commit.
unverified_emailThe committer email address in the commit was associated with a user, but the email address is not verified on her/his account.
bad_emailThe committer email address in the commit is not included in the identities of the PGP key that made the signature.
unknown_keyThe key that made the signature has not been registered with any user's account.
malformed_signatureThere was an error parsing the signature.
invalidThe signature could not be cryptographically verified using the key whose key-id was found in the signature.
validNone of the above errors applied, so the signature is considered to be verified.
octokit.rest.repos.listCommits({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

shano

SHA or branch to start listing commits from. Default: the repository’s default branch (usually master).

pathno

Only commits containing this file path will be returned.

authorno

GitHub login or email address by which to filter by commit author.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

untilno

Only commits before this date will be returned. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository contributors

Lists contributors to the specified repository and sorts them by the number of commits per contributor in descending order. This endpoint may return information that is a few hours old because the GitHub REST API v3 caches contributor data to improve performance.

GitHub identifies contributors by author email address. This endpoint groups contribution counts by GitHub user, which includes all associated email addresses. To improve performance, only the first 500 author email addresses in the repository link to GitHub users. The rest will appear as anonymous contributors without associated GitHub user information.

octokit.rest.repos.listContributors({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

anonno

Set to 1 or true to include anonymous contributors in results.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List deploy keys

octokit.rest.repos.listDeployKeys({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List deployment statuses

Users with pull access can view deployment statuses for a deployment:

octokit.rest.repos.listDeploymentStatuses({
  owner,
  repo,
  deployment_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

deployment_idyes

deployment_id parameter

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List deployments

Simple filtering of deployments is available via query parameters:

octokit.rest.repos.listDeployments({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

shano

The SHA recorded at creation time.

refno

The name of the ref. This can be a branch, tag, or SHA.

taskno

The name of the task for the deployment (e.g., deploy or deploy:migrations).

environmentno

The name of the environment that was deployed to (e.g., staging or production).

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories for the authenticated user

Lists repositories that the authenticated user has explicit permission (:read, :write, or :admin) to access.

The authenticated user has explicit permission to access repositories they own, repositories where they are a collaborator, and repositories that they can access through an organization membership.

octokit.rest.repos.listForAuthenticatedUser();

Parameters

namerequireddescription
visibilityno

Limit results to repositories with the specified visibility.

affiliationno

Comma-separated list of values. Can include:
* owner: Repositories that are owned by the authenticated user.
* collaborator: Repositories that the user has been added to as a collaborator.
* organization_member: Repositories that the user has access to through being a member of an organization. This includes every repository on every team that the user is on.

typeno

Limit results to repositories of the specified type. Will cause a 422 error if used in the same request as visibility or affiliation.

sortno

The property to sort the results by.

directionno

The order to sort by. Default: asc when using full_name, otherwise desc.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

sinceno

Only show notifications updated after the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

beforeno

Only show notifications updated before the given time. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

See also: GitHub Developer Guide documentation.

List organization repositories

Lists repositories for the specified organization.

octokit.rest.repos.listForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

typeno

Specifies the types of repositories you want returned. If your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+, type can also be internal. However, the internal value is not yet supported when a GitHub App calls this API with an installation access token.

sortno

The property to sort the results by.

directionno

The order to sort by. Default: asc when using full_name, otherwise desc.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repositories for a user

Lists public repositories for the specified user. Note: For GitHub AE, this endpoint will list internal repositories for the specified user.

octokit.rest.repos.listForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

typeno

Limit results to repositories of the specified type.

sortno

The property to sort the results by.

directionno

The order to sort by. Default: asc when using full_name, otherwise desc.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List forks

octokit.rest.repos.listForks({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

sortno

The sort order. Can be either newest, oldest, or stargazers.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository invitations

When authenticating as a user with admin rights to a repository, this endpoint will list all currently open repository invitations.

octokit.rest.repos.listInvitations({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository invitations for the authenticated user

When authenticating as a user, this endpoint will list all currently open repository invitations for that user.

octokit.rest.repos.listInvitationsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository languages

Lists languages for the specified repository. The value shown for each language is the number of bytes of code written in that language.

octokit.rest.repos.listLanguages({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List GitHub Pages builds

octokit.rest.repos.listPagesBuilds({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public repositories

Lists all public repositories in the order that they were created.

Note:

  • For GitHub Enterprise Server, this endpoint will only list repositories available to all users on the enterprise.
  • Pagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of repositories.
octokit.rest.repos.listPublic();

Parameters

namerequireddescription
sinceno

A repository ID. Only return repositories with an ID greater than this ID.

See also: GitHub Developer Guide documentation.

List pull requests associated with a commit

Lists the merged pull request that introduced the commit to the repository. If the commit is not present in the default branch, additionally returns open pull requests associated with the commit. The results may include open and closed pull requests.

octokit.rest.repos.listPullRequestsAssociatedWithCommit({
  owner,
  repo,
  commit_sha,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

commit_shayes

The SHA of the commit.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List release assets

octokit.rest.repos.listReleaseAssets({
  owner,
  repo,
  release_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List releases

This returns a list of releases, which does not include regular Git tags that have not been associated with a release. To get a list of Git tags, use the Repository Tags API.

Information about published releases are available to everyone. Only users with push access will receive listings for draft releases.

octokit.rest.repos.listReleases({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List tag protection states for a repository

This returns the tag protection states of a repository.

This information is only available to repository administrators.

octokit.rest.repos.listTagProtection({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

List repository tags

octokit.rest.repos.listTags({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List repository teams

octokit.rest.repos.listTeams({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List deliveries for a repository webhook

Returns a list of webhook deliveries for a webhook configured in a repository.

octokit.rest.repos.listWebhookDeliveries({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

per_pageno

The number of results per page (max 100).

cursorno

Used for pagination: the starting delivery from which the page of deliveries is fetched. Refer to the link header for the next and previous page cursors.

See also: GitHub Developer Guide documentation.

List repository webhooks

octokit.rest.repos.listWebhooks({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Merge a branch

octokit.rest.repos.merge({
  owner,
  repo,
  base,
  head,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

baseyes

The name of the base branch that the head will be merged into.

headyes

The head to merge. This can be a branch name or a commit SHA1.

commit_messageno

Commit message to use for the merge commit. If omitted, a default message will be used.

See also: GitHub Developer Guide documentation.

Sync a fork branch with the upstream repository

Sync a branch of a forked repository to keep it up-to-date with the upstream repository.

octokit.rest.repos.mergeUpstream({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch which should be updated to match upstream.

See also: GitHub Developer Guide documentation.

Ping a repository webhook

This will trigger a ping event to be sent to the hook.

octokit.rest.repos.pingWebhook({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Redeliver a delivery for a repository webhook

Redeliver a webhook delivery for a webhook configured in a repository.

octokit.rest.repos.redeliverWebhookDelivery({
  owner,
  repo,
  hook_id,
  delivery_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

delivery_idyes

See also: GitHub Developer Guide documentation.

Remove app access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removes the ability of an app to push to this branch. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

TypeDescription
arrayThe GitHub Apps that have push access to this branch. Use the app's slug. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.removeAppAccessRestrictions({
  owner,
  repo,
  branch,
  apps,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

appsyes

See also: GitHub Developer Guide documentation.

Remove a repository collaborator

octokit.rest.repos.removeCollaborator({
  owner,
  repo,
  username,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Remove status check contexts

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.removeStatusCheckContexts({
  owner,
  repo,
  branch,
  contexts,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

contextsyes

See also: GitHub Developer Guide documentation.

Remove status check protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.removeStatusCheckProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Remove team access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removes the ability of a team to push to this branch. You can also remove push access for child teams.

TypeDescription
arrayTeams that should no longer have push access. Use the team's slug. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.removeTeamAccessRestrictions({
  owner,
  repo,
  branch,
  teams,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

teamsyes

See also: GitHub Developer Guide documentation.

Remove user access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Removes the ability of a user to push to this branch.

TypeDescription
arrayUsernames of the people who should no longer have push access. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.removeUserAccessRestrictions({
  owner,
  repo,
  branch,
  users,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

usersyes

See also: GitHub Developer Guide documentation.

Rename a branch

Renames a branch in a repository.

Note: Although the API responds immediately, the branch rename process might take some extra time to complete in the background. You won't be able to push to the old branch name while the rename process is in progress. For more information, see "Renaming a branch".

The permissions required to use this endpoint depends on whether you are renaming the default branch.

To rename a non-default branch:

  • Users must have push access.
  • GitHub Apps must have the contents:write repository permission.

To rename the default branch:

  • Users must have admin or owner permissions.
  • GitHub Apps must have the administration:write repository permission.
octokit.rest.repos.renameBranch({
  owner,
  repo,
  branch,
  new_name,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

new_nameyes

The new name of the branch.

See also: GitHub Developer Guide documentation.

Replace all repository topics

octokit.rest.repos.replaceAllTopics({
  owner,
  repo,
  names,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

namesyes

An array of topics to add to the repository. Pass one or more topics to replace the set of existing topics. Send an empty array ([]) to clear all topics from the repository. Note: Topic names cannot contain uppercase letters.

See also: GitHub Developer Guide documentation.

Request a GitHub Pages build

You can request that your site be built from the latest revision on the default branch. This has the same effect as pushing a commit to your default branch, but does not require an additional commit. Manually triggering page builds can be helpful when diagnosing build warnings and failures.

Build requests are limited to one concurrent build per repository and one concurrent build per requester. If you request a build while another is still in progress, the second request will be queued until the first completes.

octokit.rest.repos.requestPagesBuild({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Set admin branch protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Adding admin enforcement requires admin or owner permissions to the repository and branch protection to be enabled.

octokit.rest.repos.setAdminBranchProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

See also: GitHub Developer Guide documentation.

Set app access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Replaces the list of apps that have push access to this branch. This removes all apps that previously had push access and grants push access to the new list of apps. Only installed GitHub Apps with write access to the contents permission can be added as authorized actors on a protected branch.

TypeDescription
arrayThe GitHub Apps that have push access to this branch. Use the app's slug. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.setAppAccessRestrictions({
  owner,
  repo,
  branch,
  apps,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

appsyes

See also: GitHub Developer Guide documentation.

Set status check contexts

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

octokit.rest.repos.setStatusCheckContexts({
  owner,
  repo,
  branch,
  contexts,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

contextsyes

See also: GitHub Developer Guide documentation.

Set team access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Replaces the list of teams that have push access to this branch. This removes all teams that previously had push access and grants push access to the new list of teams. Team restrictions include child teams.

TypeDescription
arrayThe teams that can have push access. Use the team's slug. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.setTeamAccessRestrictions({
  owner,
  repo,
  branch,
  teams,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

teamsyes

See also: GitHub Developer Guide documentation.

Set user access restrictions

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Replaces the list of people that have push access to this branch. This removes all people that previously had push access and grants push access to the new list of people.

TypeDescription
arrayUsernames for people who can have push access. Note: The list of users, apps, and teams in total is limited to 100 items.
octokit.rest.repos.setUserAccessRestrictions({
  owner,
  repo,
  branch,
  users,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

usersyes

See also: GitHub Developer Guide documentation.

Test the push repository webhook

This will trigger the hook with the latest push to the current repository if the hook is subscribed to push events. If the hook is not subscribed to push events, the server will respond with 204 but no test POST will be generated.

Note: Previously /repos/:owner/:repo/hooks/:hook_id/test

octokit.rest.repos.testPushWebhook({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

See also: GitHub Developer Guide documentation.

Transfer a repository

A transfer request will need to be accepted by the new owner when transferring a personal repository to another user. The response will contain the original owner, and the transfer will continue asynchronously. For more details on the requirements to transfer personal and organization-owned repositories, see about repository transfers.

octokit.rest.repos.transfer({
  owner,
  repo,
  new_owner,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

new_owneryes

The username or organization name the repository will be transferred to.

team_idsno

ID of the team or teams to add to the repository. Teams can only be added to organization-owned repositories.

See also: GitHub Developer Guide documentation.

Update a repository

Note: To edit a repository's topics, use the Replace all repository topics endpoint.

octokit.rest.repos.update({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

nameno

The name of the repository.

descriptionno

A short description of the repository.

homepageno

A URL with more information about the repository.

privateno

Either true to make the repository private or false to make it public. Default: false.
Note: You will get a 422 error if the organization restricts changing repository visibility to organization owners and a non-owner tries to change the value of private. Note: You will get a 422 error if the organization restricts changing repository visibility to organization owners and a non-owner tries to change the value of private.

visibilityno

Can be public or private. If your organization is associated with an enterprise account using GitHub Enterprise Cloud or GitHub Enterprise Server 2.20+, visibility can also be internal."

security_and_analysisno

Specify which security and analysis features to enable or disable. For example, to enable GitHub Advanced Security, use this data in the body of the PATCH request: {"security_and_analysis": {"advanced_security": {"status": "enabled"}}}. If you have admin permissions for a private repository covered by an Advanced Security license, you can check which security and analysis features are currently enabled by using a GET /repos/{owner}/{repo} request.

security_and_analysis.advanced_securityno

Use the status property to enable or disable GitHub Advanced Security for this repository. For more information, see "About GitHub Advanced Security."

security_and_analysis.advanced_security.statusno

Can be enabled or disabled.

security_and_analysis.secret_scanningno

Use the status property to enable or disable secret scanning for this repository. For more information, see "About secret scanning."

security_and_analysis.secret_scanning.statusno

Can be enabled or disabled.

security_and_analysis.secret_scanning_push_protectionno

Use the status property to enable or disable secret scanning push protection for this repository. For more information, see "Protecting pushes with secret scanning."

security_and_analysis.secret_scanning_push_protection.statusno

Can be enabled or disabled.

has_issuesno

Either true to enable issues for this repository or false to disable them.

has_projectsno

Either true to enable projects for this repository or false to disable them. Note: If you're creating a repository in an organization that has disabled repository projects, the default is false, and if you pass true, the API returns an error.

has_wikino

Either true to enable the wiki for this repository or false to disable it.

is_templateno

Either true to make this repo available as a template repository or false to prevent it.

default_branchno

Updates the default branch for this repository.

allow_squash_mergeno

Either true to allow squash-merging pull requests, or false to prevent squash-merging.

allow_merge_commitno

Either true to allow merging pull requests with a merge commit, or false to prevent merging pull requests with merge commits.

allow_rebase_mergeno

Either true to allow rebase-merging pull requests, or false to prevent rebase-merging.

allow_auto_mergeno

Either true to allow auto-merge on pull requests, or false to disallow auto-merge.

delete_branch_on_mergeno

Either true to allow automatically deleting head branches when pull requests are merged, or false to prevent automatic deletion.

allow_update_branchno

Either true to always allow a pull request head branch that is behind its base branch to be updated even if it is not required to be up to date before merging, or false otherwise.

use_squash_pr_title_as_defaultno

Either true to allow squash-merge commits to use pull request title, or false to use commit message.

archivedno

true to archive this repository. Note: You cannot unarchive repositories through the API.

allow_forkingno

Either true to allow private forks, or false to prevent private forks.

See also: GitHub Developer Guide documentation.

Update branch protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Protecting a branch requires admin or owner permissions to the repository.

Note: Passing new arrays of users and teams replaces their previous values.

Note: The list of users, apps, and teams in total is limited to 100 items.

octokit.rest.repos.updateBranchProtection({
        owner,
repo,
branch,
required_status_checks,
required_status_checks.strict,
required_status_checks.contexts,
required_status_checks.checks[].context,
enforce_admins,
required_pull_request_reviews,
restrictions,
restrictions.users,
restrictions.teams
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

required_status_checksyes

Require status checks to pass before merging. Set to null to disable.

required_status_checks.strictyes

Require branches to be up to date before merging.

required_status_checks.contextsyes

Deprecated: The list of status checks to require in order to merge into this branch. If any of these checks have recently been set by a particular GitHub App, they will be required to come from that app in future for the branch to merge. Use checks instead of contexts for more fine-grained control.

required_status_checks.checksno

The list of status checks to require in order to merge into this branch.

required_status_checks.checks[].contextyes

The name of the required check

required_status_checks.checks[].app_idno

The ID of the GitHub App that must provide this check. Omit this field to automatically select the GitHub App that has recently provided this check, or any app if it was not set by a GitHub App. Pass -1 to explicitly allow any app to set the status.

enforce_adminsyes

Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable.

required_pull_request_reviewsyes

Require at least one approving review on a pull request, before merging. Set to null to disable.

required_pull_request_reviews.dismissal_restrictionsno

Specify which users, teams, and apps can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.

required_pull_request_reviews.dismissal_restrictions.usersno

The list of user logins with dismissal access

required_pull_request_reviews.dismissal_restrictions.teamsno

The list of team slugs with dismissal access

required_pull_request_reviews.dismissal_restrictions.appsno

The list of app slugs with dismissal access

required_pull_request_reviews.dismiss_stale_reviewsno

Set to true if you want to automatically dismiss approving reviews when someone pushes a new commit.

required_pull_request_reviews.require_code_owner_reviewsno

Blocks merging pull requests until code owners review them.

required_pull_request_reviews.required_approving_review_countno

Specify the number of reviewers required to approve pull requests. Use a number between 1 and 6 or 0 to not require reviewers.

required_pull_request_reviews.bypass_pull_request_allowancesno

Allow specific users, teams, or apps to bypass pull request requirements.

required_pull_request_reviews.bypass_pull_request_allowances.usersno

The list of user logins allowed to bypass pull request requirements.

required_pull_request_reviews.bypass_pull_request_allowances.teamsno

The list of team slugs allowed to bypass pull request requirements.

required_pull_request_reviews.bypass_pull_request_allowances.appsno

The list of app slugs allowed to bypass pull request requirements.

restrictionsyes

Restrict who can push to the protected branch. User, app, and team restrictions are only available for organization-owned repositories. Set to null to disable.

restrictions.usersyes

The list of user logins with push access

restrictions.teamsyes

The list of team slugs with push access

restrictions.appsno

The list of app slugs with push access

required_linear_historyno

Enforces a linear commit Git history, which prevents anyone from pushing merge commits to a branch. Set to true to enforce a linear commit history. Set to false to disable a linear commit Git history. Your repository must allow squash merging or rebase merging before you can enable a linear commit history. Default: false. For more information, see "Requiring a linear commit history" in the GitHub Help documentation.

allow_force_pushesno

Permits force pushes to the protected branch by anyone with write access to the repository. Set to true to allow force pushes. Set to false or null to block force pushes. Default: false. For more information, see "Enabling force pushes to a protected branch" in the GitHub Help documentation."

allow_deletionsno

Allows deletion of the protected branch by anyone with write access to the repository. Set to false to prevent deletion of the protected branch. Default: false. For more information, see "Enabling force pushes to a protected branch" in the GitHub Help documentation.

block_creationsno

If set to true, the restrictions branch protection settings which limits who can push will also block pushes which create new branches, unless the push is initiated by a user, team, or app which has the ability to push. Set to true to restrict new branch creation. Default: false.

required_conversation_resolutionno

Requires all conversations on code to be resolved before a pull request can be merged into a branch that matches this rule. Set to false to disable. Default: false.

See also: GitHub Developer Guide documentation.

Update a commit comment

octokit.rest.repos.updateCommitComment({
  owner,
  repo,
  comment_id,
  body,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

comment_idyes

The unique identifier of the comment.

bodyyes

The contents of the comment

See also: GitHub Developer Guide documentation.

Update information about a GitHub Pages site

Updates information for a GitHub Pages site. For more information, see "About GitHub Pages.

octokit.rest.repos.updateInformationAboutPagesSite({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

cnameno

Specify a custom domain for the repository. Sending a null value will remove the custom domain. For more about custom domains, see "Using a custom domain with GitHub Pages."

https_enforcedno

Specify whether HTTPS should be enforced for the repository.

publicno

Configures access controls for the GitHub Pages site. If public is set to true, the site is accessible to anyone on the internet. If set to false, the site will only be accessible to users who have at least read access to the repository that published the site. This includes anyone in your Enterprise if the repository is set to internal visibility. This feature is only available to repositories in an organization on an Enterprise plan.

sourceno

See also: GitHub Developer Guide documentation.

Update a repository invitation

octokit.rest.repos.updateInvitation({
  owner,
  repo,
  invitation_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

invitation_idyes

The unique identifier of the invitation.

permissionsno

The permissions that the associated user will have on the repository. Valid values are read, write, maintain, triage, and admin.

See also: GitHub Developer Guide documentation.

Update pull request review protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Updating pull request review enforcement requires admin or owner permissions to the repository and branch protection to be enabled.

Note: Passing new arrays of users and teams replaces their previous values.

octokit.rest.repos.updatePullRequestReviewProtection({
  owner,
  repo,
  branch,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

dismissal_restrictionsno

Specify which users, teams, and apps can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.

dismissal_restrictions.usersno

The list of user logins with dismissal access

dismissal_restrictions.teamsno

The list of team slugs with dismissal access

dismissal_restrictions.appsno

The list of app slugs with dismissal access

dismiss_stale_reviewsno

Set to true if you want to automatically dismiss approving reviews when someone pushes a new commit.

require_code_owner_reviewsno

Blocks merging pull requests until code owners have reviewed.

required_approving_review_countno

Specifies the number of reviewers required to approve pull requests. Use a number between 1 and 6 or 0 to not require reviewers.

bypass_pull_request_allowancesno

Allow specific users, teams, or apps to bypass pull request requirements.

bypass_pull_request_allowances.usersno

The list of user logins allowed to bypass pull request requirements.

bypass_pull_request_allowances.teamsno

The list of team slugs allowed to bypass pull request requirements.

bypass_pull_request_allowances.appsno

The list of app slugs allowed to bypass pull request requirements.

See also: GitHub Developer Guide documentation.

Update a release

Users with push access to the repository can edit a release.

octokit.rest.repos.updateRelease({
  owner,
  repo,
  release_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

tag_nameno

The name of the tag.

target_commitishno

Specifies the commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. Unused if the Git tag already exists. Default: the repository's default branch (usually master).

nameno

The name of the release.

bodyno

Text describing the contents of the tag.

draftno

true makes the release a draft, and false publishes the release.

prereleaseno

true to identify the release as a prerelease, false to identify the release as a full release.

discussion_category_nameno

If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. If there is already a discussion linked to the release, this parameter is ignored. For more information, see "Managing categories for discussions in your repository."

See also: GitHub Developer Guide documentation.

Update a release asset

Users with push access to the repository can edit a release asset.

octokit.rest.repos.updateReleaseAsset({
  owner,
  repo,
  asset_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

asset_idyes

The unique identifier of the asset.

nameno

The file name of the asset.

labelno

An alternate short description of the asset. Used in place of the filename.

stateno

See also: GitHub Developer Guide documentation.

Update status check protection

Deprecated: This method has been renamed to repos.updateStatusCheckProtection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Updating required status checks requires admin or owner permissions to the repository and branch protection to be enabled.

octokit.rest.repos.updateStatusCheckPotection({
        owner,
repo,
branch,
checks[].context
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

strictno

Require branches to be up to date before merging.

contextsno

Deprecated: The list of status checks to require in order to merge into this branch. If any of these checks have recently been set by a particular GitHub App, they will be required to come from that app in future for the branch to merge. Use checks instead of contexts for more fine-grained control.

checksno

The list of status checks to require in order to merge into this branch.

checks[].contextyes

The name of the required check

checks[].app_idno

The ID of the GitHub App that must provide this check. Omit this field to automatically select the GitHub App that has recently provided this check, or any app if it was not set by a GitHub App. Pass -1 to explicitly allow any app to set the status.

See also: GitHub Developer Guide documentation.

Update status check protection

Protected branches are available in public repositories with GitHub Free and GitHub Free for organizations, and in public and private repositories with GitHub Pro, GitHub Team, GitHub Enterprise Cloud, and GitHub Enterprise Server. For more information, see GitHub's products in the GitHub Help documentation.

Updating required status checks requires admin or owner permissions to the repository and branch protection to be enabled.

octokit.rest.repos.updateStatusCheckProtection({
        owner,
repo,
branch,
checks[].context
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

branchyes

The name of the branch.

strictno

Require branches to be up to date before merging.

contextsno

Deprecated: The list of status checks to require in order to merge into this branch. If any of these checks have recently been set by a particular GitHub App, they will be required to come from that app in future for the branch to merge. Use checks instead of contexts for more fine-grained control.

checksno

The list of status checks to require in order to merge into this branch.

checks[].contextyes

The name of the required check

checks[].app_idno

The ID of the GitHub App that must provide this check. Omit this field to automatically select the GitHub App that has recently provided this check, or any app if it was not set by a GitHub App. Pass -1 to explicitly allow any app to set the status.

See also: GitHub Developer Guide documentation.

Update a repository webhook

Updates a webhook configured in a repository. If you previously had a secret set, you must provide the same secret or set a new secret or the secret will be removed. If you are only updating individual webhook config properties, use "Update a webhook configuration for a repository."

octokit.rest.repos.updateWebhook({
        owner,
repo,
hook_id,
config.url
      })

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

configno

Key/value pairs to provide settings for this webhook. These are defined below.

config.urlyes

The URL to which the payloads will be delivered.

config.content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

config.secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

config.insecure_sslno
config.addressno
config.roomno
eventsno

Determines what events the hook is triggered for. This replaces the entire array of events.

add_eventsno

Determines a list of events to be added to the list of events that the Hook triggers for.

remove_eventsno

Determines a list of events to be removed from the list of events that the Hook triggers for.

activeno

Determines if notifications are sent when the webhook is triggered. Set to true to send notifications.

See also: GitHub Developer Guide documentation.

Update a webhook configuration for a repository

Updates the webhook configuration for a repository. To update more information about the webhook, including the active state and events, use "Update a repository webhook."

Access tokens must have the write:repo_hook or repo scope, and GitHub Apps must have the repository_hooks:write permission.

octokit.rest.repos.updateWebhookConfigForRepo({
  owner,
  repo,
  hook_id,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

hook_idyes

The unique identifier of the hook.

urlno

The URL to which the payloads will be delivered.

content_typeno

The media type used to serialize the payloads. Supported values include json and form. The default is form.

secretno

If provided, the secret will be used as the key to generate the HMAC hex digest value for delivery signature headers.

insecure_sslno

See also: GitHub Developer Guide documentation.

Upload a release asset

This endpoint makes use of a Hypermedia relation to determine which URL to access. The endpoint you call to upload release assets is specific to your release. Use the upload_url returned in the response of the Create a release endpoint to upload a release asset.

You need to use an HTTP client which supports SNI to make calls to this endpoint.

Most libraries will set the required Content-Length header automatically. Use the required Content-Type header to provide the media type of the asset. For a list of media types, see Media Types. For example:

application/zip

GitHub expects the asset data in its raw binary form, rather than JSON. You will send the raw binary content of the asset as the request body. Everything else about the endpoint is the same as the rest of the API. For example, you'll still need to pass your authentication to be able to upload an asset.

When an upstream failure occurs, you will receive a 502 Bad Gateway status. This may leave an empty asset with a state of starter. It can be safely deleted.

Notes:

  • GitHub renames asset filenames that have special characters, non-alphanumeric characters, and leading or trailing periods. The "List assets for a release" endpoint lists the renamed filenames. For more information and help, contact GitHub Support.
  • If you upload an asset with the same filename as another uploaded asset, you'll receive an error and must delete the old file before you can re-upload the new asset.
octokit.rest.repos.uploadReleaseAsset({
  owner,
  repo,
  release_id,
  name,
  data,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

release_idyes

The unique identifier of the release.

nameyes
labelno
datayes

The raw file data

originno

The URL origin (protocol + host name + port) is included in upload_url returned in the response of the "Create a release" endpoint

See also: GitHub Developer Guide documentation.

Search code

Searches for query terms inside of a file. This method returns up to 100 results per page.

When searching for code, you can get text match metadata for the file content and file path fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find the definition of the addClass function inside jQuery repository, your query would look something like this:

q=addClass+in:file+language:js+repo:jquery/jquery

This query searches for the keyword addClass within a file's contents. The query limits the search to files where the language is JavaScript in the jquery/jquery repository.

Considerations for code search

Due to the complexity of searching code, there are a few restrictions on how searches are performed:

  • Only the default branch is considered. In most cases, this will be the master branch.
  • Only files smaller than 384 KB are searchable.
  • You must always include at least one search term when searching source code. For example, searching for language:go is not valid, while amazing language:go is.
octokit.rest.search.code({
  q,
});

Parameters

namerequireddescription
qyes

The query contains one or more search keywords and qualifiers. Qualifiers allow you to limit your search to specific areas of GitHub. The REST API supports the same qualifiers as the web interface for GitHub. To learn more about the format of the query, see Constructing a search query. See "Searching code" for a detailed list of qualifiers.

sortno

Sorts the results of your query. Can only be indexed, which indicates how recently a file has been indexed by the GitHub search infrastructure. Default: best match

orderno

Determines whether the first search result returned is the highest number of matches (desc) or lowest number of matches (asc). This parameter is ignored unless you provide sort.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Search commits

Find commits via various criteria on the default branch (usually master). This method returns up to 100 results per page.

When searching for commits, you can get text match metadata for the message field when you provide the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find commits related to CSS in the octocat/Spoon-Knife repository. Your query would look something like this:

q=repo:octocat/Spoon-Knife+css

octokit.rest.search.commits({
  q,
});

Parameters

namerequireddescription
qyes

The query contains one or more search keywords and qualifiers. Qualifiers allow you to limit your search to specific areas of GitHub. The REST API supports the same qualifiers as the web interface for GitHub. To learn more about the format of the query, see Constructing a search query. See "Searching commits" for a detailed list of qualifiers.

sortno

Sorts the results of your query by author-date or committer-date. Default: best match

orderno

Determines whether the first search result returned is the highest number of matches (desc) or lowest number of matches (asc). This parameter is ignored unless you provide sort.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Search issues and pull requests

Find issues by state and keyword. This method returns up to 100 results per page.

When searching for issues, you can get text match metadata for the issue title, issue body, and issue comment body fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find the oldest unresolved Python bugs on Windows. Your query might look something like this.

q=windows+label:bug+language:python+state:open&sort=created&order=asc

This query searches for the keyword windows, within any open issue that is labeled as bug. The search runs across repositories whose primary language is Python. The results are sorted by creation date in ascending order, which means the oldest issues appear first in the search results.

Note: For user-to-server GitHub App requests, you can't retrieve a combination of issues and pull requests in a single query. Requests that don't include the is:issue or is:pull-request qualifier will receive an HTTP 422 Unprocessable Entity response. To get results for both issues and pull requests, you must send separate queries for issues and pull requests. For more information about the is qualifier, see "Searching only issues or pull requests."

octokit.rest.search.issuesAndPullRequests({
  q,
});

Parameters

namerequireddescription
qyes

The query contains one or more search keywords and qualifiers. Qualifiers allow you to limit your search to specific areas of GitHub. The REST API supports the same qualifiers as the web interface for GitHub. To learn more about the format of the query, see Constructing a search query. See "Searching issues and pull requests" for a detailed list of qualifiers.

sortno

Sorts the results of your query by the number of comments, reactions, reactions-+1, reactions--1, reactions-smile, reactions-thinking_face, reactions-heart, reactions-tada, or interactions. You can also sort results by how recently the items were created or updated, Default: best match

orderno

Determines whether the first search result returned is the highest number of matches (desc) or lowest number of matches (asc). This parameter is ignored unless you provide sort.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Search labels

Find labels in a repository with names or descriptions that match search keywords. Returns up to 100 results per page.

When searching for labels, you can get text match metadata for the label name and description fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to find labels in the linguist repository that match bug, defect, or enhancement. Your query might look like this:

q=bug+defect+enhancement&repository_id=64778136

The labels that best match the query appear first in the search results.

octokit.rest.search.labels({
  repository_id,
  q,
});

Parameters

namerequireddescription
repository_idyes

The id of the repository.

qyes

The search keywords. This endpoint does not accept qualifiers in the query. To learn more about the format of the query, see Constructing a search query.

sortno

Sorts the results of your query by when the label was created or updated. Default: best match

orderno

Determines whether the first search result returned is the highest number of matches (desc) or lowest number of matches (asc). This parameter is ignored unless you provide sort.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Search repositories

Find repositories via various criteria. This method returns up to 100 results per page.

When searching for repositories, you can get text match metadata for the name and description fields when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to search for popular Tetris repositories written in assembly code, your query might look like this:

q=tetris+language:assembly&sort=stars&order=desc

This query searches for repositories with the word tetris in the name, the description, or the README. The results are limited to repositories where the primary language is assembly. The results are sorted by stars in descending order, so that the most popular repositories appear first in the search results.

octokit.rest.search.repos({
  q,
});

Parameters

namerequireddescription
qyes

The query contains one or more search keywords and qualifiers. Qualifiers allow you to limit your search to specific areas of GitHub. The REST API supports the same qualifiers as the web interface for GitHub. To learn more about the format of the query, see Constructing a search query. See "Searching for repositories" for a detailed list of qualifiers.

sortno

Sorts the results of your query by number of stars, forks, or help-wanted-issues or how recently the items were updated. Default: best match

orderno

Determines whether the first search result returned is the highest number of matches (desc) or lowest number of matches (asc). This parameter is ignored unless you provide sort.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Search topics

Find topics via various criteria. Results are sorted by best match. This method returns up to 100 results per page. See "Searching topics" for a detailed list of qualifiers.

When searching for topics, you can get text match metadata for the topic's short_description, description, name, or display_name field when you pass the text-match media type. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you want to search for topics related to Ruby that are featured on https://github.com/topics. Your query might look like this:

q=ruby+is:featured

This query searches for topics with the keyword ruby and limits the results to find only topics that are featured. The topics that are the best match for the query appear first in the search results.

octokit.rest.search.topics({
  q,
});

Parameters

namerequireddescription
qyes

The query contains one or more search keywords and qualifiers. Qualifiers allow you to limit your search to specific areas of GitHub. The REST API supports the same qualifiers as the web interface for GitHub. To learn more about the format of the query, see Constructing a search query.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Search users

Find users via various criteria. This method returns up to 100 results per page.

When searching for users, you can get text match metadata for the issue login, email, and name fields when you pass the text-match media type. For more details about highlighting search results, see Text match metadata. For more details about how to receive highlighted search results, see Text match metadata.

For example, if you're looking for a list of popular users, you might try this query:

q=tom+repos:%3E42+followers:%3E1000

This query searches for users with the name tom. The results are restricted to users with more than 42 repositories and over 1,000 followers.

octokit.rest.search.users({
  q,
});

Parameters

namerequireddescription
qyes

The query contains one or more search keywords and qualifiers. Qualifiers allow you to limit your search to specific areas of GitHub. The REST API supports the same qualifiers as the web interface for GitHub. To learn more about the format of the query, see Constructing a search query. See "Searching users" for a detailed list of qualifiers.

sortno

Sorts the results of your query by number of followers or repositories, or when the person joined GitHub. Default: best match

orderno

Determines whether the first search result returned is the highest number of matches (desc) or lowest number of matches (asc). This parameter is ignored unless you provide sort.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Secret-Scanning

Get a secret scanning alert

Gets a single secret scanning alert detected in an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

octokit.rest.secretScanning.getAlert({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

See also: GitHub Developer Guide documentation.

List secret scanning alerts for an enterprise

Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest. To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.

octokit.rest.secretScanning.listAlertsForEnterprise({
  enterprise,
});

Parameters

namerequireddescription
enterpriseyes

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

stateno

Set to open or resolved to only list secret scanning alerts in a specific state.

secret_typeno

A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.

resolutionno

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

sortno

The property to sort the results by. created means when the alert was created. updated means when the alert was updated or resolved.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100).

beforeno

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor.

afterno

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor.

See also: GitHub Developer Guide documentation.

List secret scanning alerts for an organization

Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest. To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

octokit.rest.secretScanning.listAlertsForOrg({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

stateno

Set to open or resolved to only list secret scanning alerts in a specific state.

secret_typeno

A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.

resolutionno

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

sortno

The property to sort the results by. created means when the alert was created. updated means when the alert was updated or resolved.

directionno

The direction to sort the results by.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

beforeno

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string.

afterno

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string.

See also: GitHub Developer Guide documentation.

List secret scanning alerts for a repository

Lists secret scanning alerts for an eligible repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

octokit.rest.secretScanning.listAlertsForRepo({
  owner,
  repo,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

stateno

Set to open or resolved to only list secret scanning alerts in a specific state.

secret_typeno

A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.

resolutionno

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

sortno

The property to sort the results by. created means when the alert was created. updated means when the alert was updated or resolved.

directionno

The direction to sort the results by.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

beforeno

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string.

afterno

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string.

See also: GitHub Developer Guide documentation.

List locations for a secret scanning alert

Lists all locations for a given secret scanning alert for an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

octokit.rest.secretScanning.listLocationsForAlert({
  owner,
  repo,
  alert_number,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

pageno

Page number of the results to fetch.

per_pageno

The number of results per page (max 100).

See also: GitHub Developer Guide documentation.

Update a secret scanning alert

Updates the status of a secret scanning alert in an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint.

octokit.rest.secretScanning.updateAlert({
  owner,
  repo,
  alert_number,
  state,
});

Parameters

namerequireddescription
owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

alert_numberyes

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

stateyes

Sets the state of the secret scanning alert. Can be either open or resolved. You must provide resolution when you set the state to resolved.

resolutionno

Required when the state is resolved. The reason for resolving the alert.

See also: GitHub Developer Guide documentation.

Teams

Add or update team membership for a user

Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see GitHub's products in the GitHub Help documentation.

Adds an organization member to a team. An authenticated organization owner or team maintainer can add organization members to a team.

Note: When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "Synchronizing teams between your identity provider and GitHub."

An organization owner can add someone who is not part of the team's organization to a team. When an organization owner adds someone to a team who is not an organization member, this endpoint will send an invitation to the person via email. This newly-created membership will be in the "pending" state until the person accepts the invitation, at which point the membership will transition to the "active" state and the user will be added as a member of the team.

If the user is already a member of the team, this endpoint will update the role of the team member's role. To update the membership of a team member, the authenticated user must be an organization owner or a team maintainer.

Note: You can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/memberships/{username}.

octokit.rest.teams.addOrUpdateMembershipForUserInOrg({
  org,
  team_slug,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

usernameyes

The handle for the GitHub user account.

roleno

The role that this user should have in the team.

See also: GitHub Developer Guide documentation.

Add or update team project permissions

Adds an organization project to a team. To add a project to a team or update the team's permission on a project, the authenticated user must have admin permissions for the project. The project and team must be part of the same organization.

Note: You can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/projects/{project_id}.

octokit.rest.teams.addOrUpdateProjectPermissionsInOrg({
  org,
  team_slug,
  project_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

project_idyes

The unique identifier of the project.

permissionno

The permission to grant to the team for this project. Default: the team's permission attribute will be used to determine what permission to grant the team on this project. Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling this endpoint. For more information, see "HTTP verbs."

See also: GitHub Developer Guide documentation.

Add or update team repository permissions

To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a 422 Unprocessable Entity status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

Note: You can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

For more information about the permission levels, see "Repository permission levels for an organization".

octokit.rest.teams.addOrUpdateRepoPermissionsInOrg({
  org,
  team_slug,
  owner,
  repo,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

permissionno

The permission to grant the team on this repository. In addition to the enumerated values, you can also specify a custom repository role name, if the owning organization has defined any. If no permission is specified, the team's permission attribute will be used to determine what permission to grant the team on this repository.

See also: GitHub Developer Guide documentation.

Check team permissions for a project

Checks whether a team has read, write, or admin permissions for an organization project. The response includes projects inherited from a parent team.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/projects/{project_id}.

octokit.rest.teams.checkPermissionsForProjectInOrg({
  org,
  team_slug,
  project_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

project_idyes

The unique identifier of the project.

See also: GitHub Developer Guide documentation.

Check team permissions for a repository

Checks whether a team has admin, push, maintain, triage, or pull permission for a repository. Repositories inherited through a parent team will also be checked.

You can also get information about the specified repository, including what permissions the team grants on it, by passing the following custom media type via the application/vnd.github.v3.repository+json accept header.

If a team doesn't have permission for the repository, you will receive a 404 Not Found response status.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

octokit.rest.teams.checkPermissionsForRepoInOrg({
  org,
  team_slug,
  owner,
  repo,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Create a team

To create a team, the authenticated user must be a member or owner of {org}. By default, organization members can create teams. Organization owners can limit team creation to organization owners. For more information, see "Setting team creation permissions."

When you create a new team, you automatically become a team maintainer without explicitly adding yourself to the optional array of maintainers. For more information, see "About teams".

octokit.rest.teams.create({
  org,
  name,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

nameyes

The name of the team.

descriptionno

The description of the team.

maintainersno

List GitHub IDs for organization members who will become team maintainers.

repo_namesno

The full name (e.g., "organization-name/repository-name") of repositories to add the team to.

privacyno

The level of privacy this team should have. The options are:
For a non-nested team:
* secret - only visible to organization owners and members of this team.
* closed - visible to all members of this organization.
Default: secret
For a parent or child team:
* closed - visible to all members of this organization.
Default for child team: closed

permissionno

Deprecated. The permission that new repositories will be added to the team with when none is specified.

parent_team_idno

The ID of a team to set as the parent team.

See also: GitHub Developer Guide documentation.

Create a discussion comment

Creates a new comment on a team discussion. OAuth access tokens require the write:discussion scope.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

Note: You can also specify a team by org_id and team_id using the route POST /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments.

octokit.rest.teams.createDiscussionCommentInOrg({
  org,
  team_slug,
  discussion_number,
  body,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

bodyyes

The discussion comment's body text.

See also: GitHub Developer Guide documentation.

Create a discussion

Creates a new discussion post on a team's page. OAuth access tokens require the write:discussion scope.

This endpoint triggers notifications. Creating content too quickly using this endpoint may result in secondary rate limiting. See "Secondary rate limits" and "Dealing with secondary rate limits" for details.

Note: You can also specify a team by org_id and team_id using the route POST /organizations/{org_id}/team/{team_id}/discussions.

octokit.rest.teams.createDiscussionInOrg({
  org,
  team_slug,
  title,
  body,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

titleyes

The discussion post's title.

bodyyes

The discussion post's body text.

privateno

Private posts are only visible to team members, organization owners, and team maintainers. Public posts are visible to all members of the organization. Set to true to create a private post.

See also: GitHub Developer Guide documentation.

Delete a discussion comment

Deletes a comment on a team discussion. OAuth access tokens require the write:discussion scope.

Note: You can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

octokit.rest.teams.deleteDiscussionCommentInOrg({
  org,
  team_slug,
  discussion_number,
  comment_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

comment_numberyes

The number that identifies the comment.

See also: GitHub Developer Guide documentation.

Delete a discussion

Delete a discussion from a team's page. OAuth access tokens require the write:discussion scope.

Note: You can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}.

octokit.rest.teams.deleteDiscussionInOrg({
  org,
  team_slug,
  discussion_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

See also: GitHub Developer Guide documentation.

Delete a team

To delete a team, the authenticated user must be an organization owner or team maintainer.

If you are an organization owner, deleting a parent team will delete all of its child teams as well.

Note: You can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}.

octokit.rest.teams.deleteInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

See also: GitHub Developer Guide documentation.

Get a team by name

Gets a team using the team's slug. GitHub generates the slug from the team name.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}.

octokit.rest.teams.getByName({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

See also: GitHub Developer Guide documentation.

Get a discussion comment

Get a specific comment on a team discussion. OAuth access tokens require the read:discussion scope.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

octokit.rest.teams.getDiscussionCommentInOrg({
  org,
  team_slug,
  discussion_number,
  comment_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

comment_numberyes

The number that identifies the comment.

See also: GitHub Developer Guide documentation.

Get a discussion

Get a specific discussion on a team's page. OAuth access tokens require the read:discussion scope.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}.

octokit.rest.teams.getDiscussionInOrg({
  org,
  team_slug,
  discussion_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

See also: GitHub Developer Guide documentation.

Get team membership for a user

Team members will include the members of child teams.

To get a user's membership with a team, the team must be visible to the authenticated user.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/memberships/{username}.

Note: The response contains the state of the membership and the member's role.

The role for organization owners is set to maintainer. For more information about maintainer roles, see see Create a team.

octokit.rest.teams.getMembershipForUserInOrg({
  org,
  team_slug,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

List teams

Lists all teams in an organization that are visible to the authenticated user.

octokit.rest.teams.list({
  org,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List child teams

Lists the child teams of the team specified by {team_slug}.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/teams.

octokit.rest.teams.listChildInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List discussion comments

List all comments on a team discussion. OAuth access tokens require the read:discussion scope.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments.

octokit.rest.teams.listDiscussionCommentsInOrg({
  org,
  team_slug,
  discussion_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List discussions

List all discussions on a team's page. OAuth access tokens require the read:discussion scope.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions.

octokit.rest.teams.listDiscussionsInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

directionno

The direction to sort the results by.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

pinnedno

Pinned discussions only filter

See also: GitHub Developer Guide documentation.

List teams for the authenticated user

List all of the teams across all of the organizations to which the authenticated user belongs. This method requires user, repo, or read:org scope when authenticating via OAuth.

octokit.rest.teams.listForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List team members

Team members will include the members of child teams.

To list members in a team, the team must be visible to the authenticated user.

octokit.rest.teams.listMembersInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

roleno

Filters members returned by their role in the team.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List pending team invitations

The return hash contains a role field which refers to the Organization Invitation role and will be one of the following values: direct_member, admin, billing_manager, hiring_manager, or reinstate. If the invitee is not a GitHub member, the login field in the return hash will be null.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/invitations.

octokit.rest.teams.listPendingInvitationsInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List team projects

Lists the organization projects for a team.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/projects.

octokit.rest.teams.listProjectsInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List team repositories

Lists a team's repositories visible to the authenticated user.

Note: You can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/repos.

octokit.rest.teams.listReposInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Remove team membership for a user

Team synchronization is available for organizations using GitHub Enterprise Cloud. For more information, see GitHub's products in the GitHub Help documentation.

To remove a membership between a user and a team, the authenticated user must have 'admin' permissions to the team or be an owner of the organization that the team is associated with. Removing team membership does not delete the user, it just removes their membership from the team.

Note: When you have team synchronization set up for a team with your organization's identity provider (IdP), you will see an error if you attempt to use the API for making changes to the team's membership. If you have access to manage group membership in your IdP, you can manage GitHub team membership through your identity provider, which automatically adds and removes team members in an organization. For more information, see "Synchronizing teams between your identity provider and GitHub."

Note: You can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/memberships/{username}.

octokit.rest.teams.removeMembershipForUserInOrg({
  org,
  team_slug,
  username,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Remove a project from a team

Removes an organization project from a team. An organization owner or a team maintainer can remove any project from the team. To remove a project from a team as an organization member, the authenticated user must have read access to both the team and project, or admin access to the team or project. This endpoint removes the project from the team, but does not delete the project.

Note: You can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/projects/{project_id}.

octokit.rest.teams.removeProjectInOrg({
  org,
  team_slug,
  project_id,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

project_idyes

The unique identifier of the project.

See also: GitHub Developer Guide documentation.

Remove a repository from a team

If the authenticated user is an organization owner or a team maintainer, they can remove any repositories from the team. To remove a repository from a team as an organization member, the authenticated user must have admin access to the repository and must be able to see the team. This does not delete the repository, it just removes it from the team.

Note: You can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

octokit.rest.teams.removeRepoInOrg({
  org,
  team_slug,
  owner,
  repo,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

owneryes

The account owner of the repository. The name is not case sensitive.

repoyes

The name of the repository. The name is not case sensitive.

See also: GitHub Developer Guide documentation.

Update a discussion comment

Edits the body text of a discussion comment. OAuth access tokens require the write:discussion scope.

Note: You can also specify a team by org_id and team_id using the route PATCH /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

octokit.rest.teams.updateDiscussionCommentInOrg({
  org,
  team_slug,
  discussion_number,
  comment_number,
  body,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

comment_numberyes

The number that identifies the comment.

bodyyes

The discussion comment's body text.

See also: GitHub Developer Guide documentation.

Update a discussion

Edits the title and body text of a discussion post. Only the parameters you provide are updated. OAuth access tokens require the write:discussion scope.

Note: You can also specify a team by org_id and team_id using the route PATCH /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}.

octokit.rest.teams.updateDiscussionInOrg({
  org,
  team_slug,
  discussion_number,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

discussion_numberyes

The number that identifies the discussion.

titleno

The discussion post's title.

bodyno

The discussion post's body text.

See also: GitHub Developer Guide documentation.

Update a team

To edit a team, the authenticated user must either be an organization owner or a team maintainer.

Note: You can also specify a team by org_id and team_id using the route PATCH /organizations/{org_id}/team/{team_id}.

octokit.rest.teams.updateInOrg({
  org,
  team_slug,
});

Parameters

namerequireddescription
orgyes

The organization name. The name is not case sensitive.

team_slugyes

The slug of the team name.

nameno

The name of the team.

descriptionno

The description of the team.

privacyno

The level of privacy this team should have. Editing teams without specifying this parameter leaves privacy intact. When a team is nested, the privacy for parent teams cannot be secret. The options are:
For a non-nested team:
* secret - only visible to organization owners and members of this team.
* closed - visible to all members of this organization.
For a parent or child team:
* closed - visible to all members of this organization.

permissionno

Deprecated. The permission that new repositories will be added to the team with when none is specified.

parent_team_idno

The ID of a team to set as the parent team.

See also: GitHub Developer Guide documentation.

Users

Add an email address for the authenticated user

Deprecated: This method has been renamed to users.addEmailForAuthenticatedUser

This endpoint is accessible with the user scope.

octokit.rest.users.addEmailForAuthenticated({
  emails,
});

Parameters

namerequireddescription
emailsyes

Adds one or more email addresses to your GitHub account. Must contain at least one email address. Note: Alternatively, you can pass a single email address or an array of emails addresses directly, but we recommend that you pass an object using the emails key.

See also: GitHub Developer Guide documentation.

Add an email address for the authenticated user

This endpoint is accessible with the user scope.

octokit.rest.users.addEmailForAuthenticatedUser({
  emails,
});

Parameters

namerequireddescription
emailsyes

Adds one or more email addresses to your GitHub account. Must contain at least one email address. Note: Alternatively, you can pass a single email address or an array of emails addresses directly, but we recommend that you pass an object using the emails key.

See also: GitHub Developer Guide documentation.

Block a user

octokit.rest.users.block({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Check if a user is blocked by the authenticated user

octokit.rest.users.checkBlocked({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Check if a user follows another user

octokit.rest.users.checkFollowingForUser({
  username,
  target_user,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

target_useryes

See also: GitHub Developer Guide documentation.

Check if a person is followed by the authenticated user

octokit.rest.users.checkPersonIsFollowedByAuthenticated({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Create a GPG key for the authenticated user

Deprecated: This method has been renamed to users.createGpgKeyForAuthenticatedUser

Adds a GPG key to the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth, or OAuth with at least write:gpg_key scope.

octokit.rest.users.createGpgKeyForAuthenticated({
  armored_public_key,
});

Parameters

namerequireddescription
nameno

A descriptive name for the new key.

armored_public_keyyes

A GPG key in ASCII-armored format.

See also: GitHub Developer Guide documentation.

Create a GPG key for the authenticated user

Adds a GPG key to the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth, or OAuth with at least write:gpg_key scope.

octokit.rest.users.createGpgKeyForAuthenticatedUser({
  armored_public_key,
});

Parameters

namerequireddescription
nameno

A descriptive name for the new key.

armored_public_keyyes

A GPG key in ASCII-armored format.

See also: GitHub Developer Guide documentation.

Create a public SSH key for the authenticated user

Deprecated: This method has been renamed to users.createPublicSshKeyForAuthenticatedUser

Adds a public SSH key to the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth, or OAuth with at least write:public_key scope.

octokit.rest.users.createPublicSshKeyForAuthenticated({
  key,
});

Parameters

namerequireddescription
titleno

A descriptive name for the new key.

keyyes

The public SSH key to add to your GitHub account.

See also: GitHub Developer Guide documentation.

Create a public SSH key for the authenticated user

Adds a public SSH key to the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth, or OAuth with at least write:public_key scope.

octokit.rest.users.createPublicSshKeyForAuthenticatedUser({
  key,
});

Parameters

namerequireddescription
titleno

A descriptive name for the new key.

keyyes

The public SSH key to add to your GitHub account.

See also: GitHub Developer Guide documentation.

Delete an email address for the authenticated user

Deprecated: This method has been renamed to users.deleteEmailForAuthenticatedUser

This endpoint is accessible with the user scope.

octokit.rest.users.deleteEmailForAuthenticated({
  emails,
});

Parameters

namerequireddescription
emailsyes

Email addresses associated with the GitHub user account.

See also: GitHub Developer Guide documentation.

Delete an email address for the authenticated user

This endpoint is accessible with the user scope.

octokit.rest.users.deleteEmailForAuthenticatedUser({
  emails,
});

Parameters

namerequireddescription
emailsyes

Email addresses associated with the GitHub user account.

See also: GitHub Developer Guide documentation.

Delete a GPG key for the authenticated user

Deprecated: This method has been renamed to users.deleteGpgKeyForAuthenticatedUser

Removes a GPG key from the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth or via OAuth with at least admin:gpg_key scope.

octokit.rest.users.deleteGpgKeyForAuthenticated({
  gpg_key_id,
});

Parameters

namerequireddescription
gpg_key_idyes

The unique identifier of the GPG key.

See also: GitHub Developer Guide documentation.

Delete a GPG key for the authenticated user

Removes a GPG key from the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth or via OAuth with at least admin:gpg_key scope.

octokit.rest.users.deleteGpgKeyForAuthenticatedUser({
  gpg_key_id,
});

Parameters

namerequireddescription
gpg_key_idyes

The unique identifier of the GPG key.

See also: GitHub Developer Guide documentation.

Delete a public SSH key for the authenticated user

Deprecated: This method has been renamed to users.deletePublicSshKeyForAuthenticatedUser

Removes a public SSH key from the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth or via OAuth with at least admin:public_key scope.

octokit.rest.users.deletePublicSshKeyForAuthenticated({
  key_id,
});

Parameters

namerequireddescription
key_idyes

The unique identifier of the key.

See also: GitHub Developer Guide documentation.

Delete a public SSH key for the authenticated user

Removes a public SSH key from the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth or via OAuth with at least admin:public_key scope.

octokit.rest.users.deletePublicSshKeyForAuthenticatedUser({
  key_id,
});

Parameters

namerequireddescription
key_idyes

The unique identifier of the key.

See also: GitHub Developer Guide documentation.

Follow a user

Note that you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see "HTTP verbs."

Following a user requires the user to be logged in and authenticated with basic auth or OAuth with the user:follow scope.

octokit.rest.users.follow({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get the authenticated user

If the authenticated user is authenticated through basic authentication or OAuth with the user scope, then the response lists public and private profile information.

If the authenticated user is authenticated through OAuth without the user scope, then the response lists only public profile information.

octokit.rest.users.getAuthenticated();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

Get a user

Provides publicly available information about someone with a GitHub account.

GitHub Apps with the Plan user permission can use this endpoint to retrieve information about a user's GitHub plan. The GitHub App must be authenticated as a user. See "Identifying and authorizing users for GitHub Apps" for details about authentication. For an example response, see 'Response with GitHub plan information' below"

The email key in the following response is the publicly visible email address from your GitHub profile page. When setting up your profile, you can select a primary email address to be “public” which provides an email entry for this endpoint. If you do not set a public email address for email, then it will have a value of null. You only see publicly visible email addresses when authenticated with GitHub. For more information, see Authentication.

The Emails API enables you to list all of your email addresses, and toggle a primary email to be visible publicly. For more information, see "Emails API".

octokit.rest.users.getByUsername({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Get contextual information for a user

Provides hovercard information when authenticated through basic auth or OAuth with the repo scope. You can find out more about someone in relation to their pull requests, issues, repositories, and organizations.

The subject_type and subject_id parameters provide context for the person's hovercard, which returns more information than without the parameters. For example, if you wanted to find out more about octocat who owns the Spoon-Knife repository via cURL, it would look like this:

 curl -u username:token
  https://api.github.com/users/octocat/hovercard?subject_type=repository&subject_id=1300192
octokit.rest.users.getContextForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

subject_typeno

Identifies which additional information you'd like to receive about the person's hovercard. Can be organization, repository, issue, pull_request. Required when using subject_id.

subject_idno

Uses the ID for the subject_type you specified. Required when using subject_type.

See also: GitHub Developer Guide documentation.

Get a GPG key for the authenticated user

Deprecated: This method has been renamed to users.getGpgKeyForAuthenticatedUser

View extended details for a single GPG key. Requires that you are authenticated via Basic Auth or via OAuth with at least read:gpg_key scope.

octokit.rest.users.getGpgKeyForAuthenticated({
  gpg_key_id,
});

Parameters

namerequireddescription
gpg_key_idyes

The unique identifier of the GPG key.

See also: GitHub Developer Guide documentation.

Get a GPG key for the authenticated user

View extended details for a single GPG key. Requires that you are authenticated via Basic Auth or via OAuth with at least read:gpg_key scope.

octokit.rest.users.getGpgKeyForAuthenticatedUser({
  gpg_key_id,
});

Parameters

namerequireddescription
gpg_key_idyes

The unique identifier of the GPG key.

See also: GitHub Developer Guide documentation.

Get a public SSH key for the authenticated user

Deprecated: This method has been renamed to users.getPublicSshKeyForAuthenticatedUser

View extended details for a single public SSH key. Requires that you are authenticated via Basic Auth or via OAuth with at least read:public_key scope.

octokit.rest.users.getPublicSshKeyForAuthenticated({
  key_id,
});

Parameters

namerequireddescription
key_idyes

The unique identifier of the key.

See also: GitHub Developer Guide documentation.

Get a public SSH key for the authenticated user

View extended details for a single public SSH key. Requires that you are authenticated via Basic Auth or via OAuth with at least read:public_key scope.

octokit.rest.users.getPublicSshKeyForAuthenticatedUser({
  key_id,
});

Parameters

namerequireddescription
key_idyes

The unique identifier of the key.

See also: GitHub Developer Guide documentation.

List users

Lists all users, in the order that they signed up on GitHub. This list includes personal user accounts and organization accounts.

Note: Pagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of users.

octokit.rest.users.list();

Parameters

namerequireddescription
sinceno

A user ID. Only return users with an ID greater than this ID.

per_pageno

The number of results per page (max 100).

See also: GitHub Developer Guide documentation.

List users blocked by the authenticated user

Deprecated: This method has been renamed to users.listBlockedByAuthenticatedUser

List the users you've blocked on your personal account.

octokit.rest.users.listBlockedByAuthenticated();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

List users blocked by the authenticated user

List the users you've blocked on your personal account.

octokit.rest.users.listBlockedByAuthenticatedUser();

Parameters

This endpoint has no parameters

See also: GitHub Developer Guide documentation.

List email addresses for the authenticated user

Deprecated: This method has been renamed to users.listEmailsForAuthenticatedUser

Lists all of your email addresses, and specifies which one is visible to the public. This endpoint is accessible with the user:email scope.

octokit.rest.users.listEmailsForAuthenticated();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List email addresses for the authenticated user

Lists all of your email addresses, and specifies which one is visible to the public. This endpoint is accessible with the user:email scope.

octokit.rest.users.listEmailsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List the people the authenticated user follows

Deprecated: This method has been renamed to users.listFollowedByAuthenticatedUser

Lists the people who the authenticated user follows.

octokit.rest.users.listFollowedByAuthenticated();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List the people the authenticated user follows

Lists the people who the authenticated user follows.

octokit.rest.users.listFollowedByAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List followers of the authenticated user

Lists the people following the authenticated user.

octokit.rest.users.listFollowersForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List followers of a user

Lists the people following the specified user.

octokit.rest.users.listFollowersForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List the people a user follows

Lists the people who the specified user follows.

octokit.rest.users.listFollowingForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List GPG keys for the authenticated user

Deprecated: This method has been renamed to users.listGpgKeysForAuthenticatedUser

Lists the current user's GPG keys. Requires that you are authenticated via Basic Auth or via OAuth with at least read:gpg_key scope.

octokit.rest.users.listGpgKeysForAuthenticated();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List GPG keys for the authenticated user

Lists the current user's GPG keys. Requires that you are authenticated via Basic Auth or via OAuth with at least read:gpg_key scope.

octokit.rest.users.listGpgKeysForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List GPG keys for a user

Lists the GPG keys for a user. This information is accessible by anyone.

octokit.rest.users.listGpgKeysForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public email addresses for the authenticated user

Deprecated: This method has been renamed to users.listPublicEmailsForAuthenticatedUser

Lists your publicly visible email address, which you can set with the Set primary email visibility for the authenticated user endpoint. This endpoint is accessible with the user:email scope.

octokit.rest.users.listPublicEmailsForAuthenticated();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public email addresses for the authenticated user

Lists your publicly visible email address, which you can set with the Set primary email visibility for the authenticated user endpoint. This endpoint is accessible with the user:email scope.

octokit.rest.users.listPublicEmailsForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public keys for a user

Lists the verified public SSH keys for a user. This is accessible by anyone.

octokit.rest.users.listPublicKeysForUser({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public SSH keys for the authenticated user

Deprecated: This method has been renamed to users.listPublicSshKeysForAuthenticatedUser

Lists the public SSH keys for the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth or via OAuth with at least read:public_key scope.

octokit.rest.users.listPublicSshKeysForAuthenticated();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

List public SSH keys for the authenticated user

Lists the public SSH keys for the authenticated user's GitHub account. Requires that you are authenticated via Basic Auth or via OAuth with at least read:public_key scope.

octokit.rest.users.listPublicSshKeysForAuthenticatedUser();

Parameters

namerequireddescription
per_pageno

The number of results per page (max 100).

pageno

Page number of the results to fetch.

See also: GitHub Developer Guide documentation.

Set primary email visibility for the authenticated user

Deprecated: This method has been renamed to users.setPrimaryEmailVisibilityForAuthenticatedUser

Sets the visibility for your primary email addresses.

octokit.rest.users.setPrimaryEmailVisibilityForAuthenticated({
  visibility,
});

Parameters

namerequireddescription
visibilityyes

Denotes whether an email is publicly visible.

See also: GitHub Developer Guide documentation.

Set primary email visibility for the authenticated user

Sets the visibility for your primary email addresses.

octokit.rest.users.setPrimaryEmailVisibilityForAuthenticatedUser({
  visibility,
});

Parameters

namerequireddescription
visibilityyes

Denotes whether an email is publicly visible.

See also: GitHub Developer Guide documentation.

Unblock a user

octokit.rest.users.unblock({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Unfollow a user

Unfollowing a user requires the user to be logged in and authenticated with basic auth or OAuth with the user:follow scope.

octokit.rest.users.unfollow({
  username,
});

Parameters

namerequireddescription
usernameyes

The handle for the GitHub user account.

See also: GitHub Developer Guide documentation.

Update the authenticated user

Note: If your email is set to private and you send an email parameter as part of this request to update your profile, your privacy settings are still enforced: the email address will not be displayed on your public profile or via the API.

octokit.rest.users.updateAuthenticated();

Parameters

namerequireddescription
nameno

The new name of the user.

emailno

The publicly visible email address of the user.

blogno

The new blog URL of the user.

twitter_usernameno

The new Twitter username of the user.

companyno

The new company of the user.

locationno

The new location of the user.

hireableno

The new hiring availability of the user.

biono

The new short biography of the user.

See also: GitHub Developer Guide documentation.