I am attempting to update a repository's team permissions through the Github API, similar to this question. However, despite having receiving a 204 response, the permission does not get updated. I have full admin access over the repo and the team. I am following the documentation here.
Code snippet in Python:
headers = {'Authorization': f'token {token}'}
parameters = {'permission': 'push'}
response = requests.put(f'https://api.github.com/teams/{team_id}/repos/{org}/{name}', headers=headers, params=parameters)
I have also tried with the key pair 'permission': 'write' because that is one of the five permission options that appears on the repo's collaborators page, but both receive a 204 response and do not actually update the permission.
I'm doing this on a large scale for a number of repos, so I need to be able to change the permissions programmatically for each repo based on the team. I cannot tell if this is an API issue or if my code is incorrect. Thank you!
Related
I am looking for a way to extract GitHub repositories containing files with a certain code string. I can do manually using the GitHub search bar. For instance, if I'm looking for the usages of the library pymc3 I could look for it in the search bar and then click on Code
How does one do this programmatically?
I tried going over the GitHub Search API documentation. The Search Code functionality allows looking into code but that seems to only search based on an user, organization, or repository. The Search Repositories functionality only looks into the description, title and README.
Update 1:
While browsing this post, I believe I found the answer to identify some repositories that contain a code string.
If I write the following code -
url = "https://api.github.com/search/code?q=pymc3 +in:file"
headers = {
'Authorization': 'Token xxxxxxxxxxxxxxxxx'
}
response = requests.request("GET", url, headers=headers)
print(response.text)
I get the following result -
"total_count":43642,"incomplete_results":false,"items":[{"name":"pymc3_stoch_vol ...
However, the result gives me a bunch of information such as the git URL, HTML URL and some of the repositories that contain this string. I need to find a way to extract all the repositories that contain this string.
Update 2:
I now understand that GitHub limits results to 100 per page and 1000 results overall.
The only question remains why I didn't find this information on GitHub Search API documentation? Please do let me know if my understanding or the linked answer is wrong.
This kind of query should be addressed more by GraphQL API, but searching code is still not supported.
Only the new code-search (presented here) might be able to provide that, but:
it is still in beta
its API is not yet public.
So for now, code search in all GitHub repositories is not supported.
I'm using JavaScript and Octokit to dynamically create repositories in an organization and set a series of options.
Everything works, except adding write permissions to a team for the repository created.
Just to be clear, by write permission I mean the ones that can be set through the repository settings:
Settings > Collaborators and teams > Manage Acccess > Role: Write
What I've been trying to use so far, was the octokit.rest.teams.addOrUpdateRepoPermissionsInOrg function in Octokit, documented here, like this:
octokit.rest.teams.addOrUpdateRepoPermissionsInOrg({
org: "org-name",
team_slug: "team-name",
owner: "owner-name",
repo: "repo-name",
permission: "write",
}
When doing this, I receive a Validation Failed error.
Checking the relative documentation on the GitHub API docs, it effectively seems that the valid values for permission are: pull, push, admin, maintain, triage
So I guess that I'm simply using the wrong function.
But what's the correct one to change that kind of permission?
I managed to make it work: apparently, the push permission in the API corresponds to the write permission in the GitHub web interface.
FYI: this seems like a discrepancy, so I opened an issue.
I am creating anonymous Gists using Postman. The Gists get created successfully but when I try to patch them, I get:
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3/gists/#edit-a-gist"
}
The URL I am using is:
https://api.github.com/gists/14694f43065a32ec28ad
If I do a GET, it works fine. If I do a PATCH, I get an error message.
What's wrong here?
You can read and create anonymous gists, but you cannot edit them. If you want to create, read, update and delete, use authentication.
In the Authentication section, it says:
You can read public gists and create them for anonymous users without a token; however, to read or write gists on a user's behalf the gist OAuth scope is required.
You will get the same 404–Not found error if you just try to git push some commits into an anonymous gist.
$ git push
Username for 'https://gist.github.com': IonicaBizau
Password for 'https://IonicaBizau#gist.github.com':
remote: Repository not found.
fatal: repository 'https://gist.github.com/anonymous/5801....d2f/' not found
They don't even provide an edit button on the Gist page, for anonymous gists. They do have a Delete button associated with the IP (any user having the anonymous Gist link, being connected on the same network, assuming they get the same public ip, can delete the anonymous gist).
Otherwise you have to contact support for deleting the anonymous gist.
I'm trying to search for some piece of code using the GitHub API V3 given only the keyword, not limiting by user, organization, or repository.
For example, if I want to search for all pieces of code that contain the keyword "addClass", the results would be
https://github.com/search?q=addClass&type=Code&ref=searchresults without using GitHub API.
But how can I do the same thing through GitHub API? I tried https://api.github.com/search/code?q=addClass
It says "Must include at least one user, organization, or repository". How can I fix this?
You can do a code search without specifying a user/org/repo if you authenticate.
First, generate a personal access token for use for this purpose, from your Profile on GitHub's website:
Settings -> Developer Settings -> Personal Access Token -> Generate New Token (you can leave all access options unticked, since you're just using to make web requests)
Now, your original GET request will work and return results, if you append the token to it:
https://api.github.com/search/code?q=addClass&access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
UPDATE: OCT 2021
As pointed out by a comment below, passing the token in via a query parameter (like above) is deprecated. You must now add it as an Authorization header.
e.g.
curl --location --request GET 'https://api.github.com/search/code?q=addClass +in:file +language:csharp' \
--header 'Authorization: Token xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
or in Python:
import requests
url = "https://api.github.com/search/code?q=addClass +in:file +language:csharp"
headers = {
'Authorization': 'Token xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
}
response = requests.request("GET", url, headers=headers)
print(response.text)
2020: As detailed in Mark Z.'s answer, using an authentication (Authorization': 'Token xxxx') allows for a code search.
get /search/code
You can use:
either a dedicated command-line tool like feinoujc/gh-search-cli
ghs code --extension js "import _ from 'lodash'"
or the official GitHub CLI gh, (after a gh auth login) as show in issue 5117:
gh api --method=GET "search/code?q=filename:test+extension:yaml+org:new-org"
Or even:
gh api --method=GET search/code -f q='filename:test extension:yaml org:new-org' \
--jq '.items[] | [.repository.full_name,.path,.sha] | #tsv'
That would get a line-based, tab-separated list of fields in this order: repo name, file path, git sha. (see gh help formatting)
2014 (original answer): That seems related to the new restriction "New Validation Rule for Beta Code Search API" (Oct. 2013)
In order to support the expected volume of requests, we’re applying a new validation rule to the Code Search API. Starting today, you will need to scope your code queries to a specific set of users, organizations, or repositories.
So, the example of the API search code mentions now:
Suppose you want to find the definition of the addClass function inside jQuery. Your query would look something like this:
https://api.github.com/search/code?q=addClass+in:file+language:js+repo:jquery/jquery
While Gihub does not currently support code search without repo, user, or organization (see VonC's answer), codesearch does index some sources from Github via the codesearch API, albeit with an API less fully featured out than Github's.
For example, to search for wget invocations indexed from Github, call
curl "https://searchcode.com/api/codesearch_I/?q=wget&src=2"
The optional src parameter picks the code source (e.g., Github, BitBucket) that should be searched, and you can find its integer value for a source by altering the parameters of faceted search in the codesearch UI. The current value of src for Github is 2.
You can verify that the returned results from the above example come from github.com by viewing the the repo property of results items.
I am working on a library in LUA for an ipad app called Codea. I'm trying to figure out to use OAuth for GitHub Gists. Only part that i can not figure out is how to get an Auth token via code. I used curl in terminal to get myself a token but this seems to be to much work for other users.
I've read through the github api docs multiple times but I cant figure out how to get a Token programmatically. I've tried to duplicate the method I've used to GET and POST gists but it does not seem to work. I'm not sure how to pass the username and password.
I'm creating a table with the needed params then encoding it in json. Everything I try gets a 404 error or 500 error. Thank you all in advance.
local url = "https://api.github.com/authorizations"
local d = {}
d.scopes = {"gist"}
d.note = "AutoGist Codea"
projectAuth = json.encode(d)
opts = { data = projectAuth }
opts.method = "POST"
opts.headers = {Authorization = "basic " .."username:password"}
http.request(url,successCallback,failedCallback,opts)
Scopes are coming, but only in Q4 2013.
See "OAuth changes coming" (October 2013, by Tim Cleam - tclem):
Starting today, we are returning granted scopes as part of the access_token response.
For example, if you are making a POST with the application/json mime-type you’ll see an additional field for the granted scopes.
{
"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a",
"scope":"repo,gist",
"token_type":"bearer"
}
Right now, these scopes will be identical to what you requested, but we are moving towards a feature set that will allow GitHub users to edit their scopes, effectively granting your application less access than you originally requested.
You should be aware of this possibility and adjust your application behavior accordingly.
Some things to watch out for and keep in mind:
Most third party applications using GitHub OAuth to identify users have the best success in adoption by starting out with a request for the minimum access that the application can possibly get away with.
Something like no scopes or just user:email is very sane.
It is important to handle the error cases where a users chooses to grant you less access than you originally requested.
Now that we are surfacing the granted scopes on the access_token response, applications can warn or otherwise communicate with their users that they will see reduced functionality or be unable to perform some actions.
Applications can always send users back through the flow again to get additional permission, but don’t forget that users can always say no.