| name | example | route | scope | type |
|---|---|---|---|---|
Set allowed actions for a repository |
octokit.actions.setAllowedActionsRepository({ owner, repo, github_owned_allowed, verified_allowed, patterns_allowed }) |
PUT /repos/{owner}/{repo}/actions/permissions/selected-actions |
actions |
API method |
Sets the actions that are allowed in a repository. To use this endpoint, the repository permission policy for allowed_actions must be configured to selected. For more information, see "Set GitHub Actions permissions for a repository."
If the repository belongs to an organization or enterprise that has selected actions set at the organization or enterprise levels, then you cannot override any of the allowed actions settings.
To use the patterns_allowed setting for private repositories, the repository must belong to an enterprise. If the repository does not belong to an enterprise, then the patterns_allowed setting only applies to public repositories.
You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the administration repository permission to use this API.
octokit.actions.setAllowedActionsRepository({
owner,
repo,
github_owned_allowed,
verified_allowed,
patterns_allowed,
});| name | required | description |
|---|---|---|
| owner | yes | |
| repo | yes | |
| github_owned_allowed | yes |
Whether GitHub-owned actions are allowed. For example, this includes the actions in the |
| verified_allowed | yes |
Whether actions in GitHub Marketplace from verified creators are allowed. Set to |
| patterns_allowed | yes |
Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, |
See also: GitHub Developer Guide documentation.