Diese Version von GitHub Enterprise Server wird eingestellt am 2026-08-25. Nicht mehr unterstützte Versionen werden nicht unterstützt. Es wird keine Patch-Freigabe vorgenommen, auch nicht für kritische Sicherheitsprobleme. Eine bessere Leistung, verbesserte Sicherheit und neue Features in GitHub Enterprise Server finden Sie unter Overview des Upgradeprozesses. Wenden Sie sich bei Fragen zum Upgrade an den GitHub Enterprise Support.
REST-API-Endpunkte für Git-Commits
Verwende die REST-API, um mit Commitobjekten in deiner Git-Datenbank in GitHub zu interagieren.
Informationen zu Git-Commits
Ein Git-Commit ist eine Momentaufnahme der Hierarchie (Git-Struktur) und der Inhalte der Dateien (Git-Blob) in einem Git-Repository. Diese Endpunkte bieten dir die Möglichkeit, Objekte in deiner Git-Datenbank auf GitHub zu lesen und zu schreiben.
Create a commit
Creates a new Git commit object.
Signature verification object
The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:
| Name | Type | Description |
|---|---|---|
verified | boolean | Indicates whether GitHub considers the signature in this commit to be verified. |
reason | string | The reason for verified value. Possible values and their meanings are enumerated in the table below. |
signature | string | The signature that was extracted from the commit. |
payload | string | The value that was signed. |
verified_at | string | The date the signature was verified by GitHub. |
These are the possible values for reason in the verification object:
| Value | Description |
|---|---|
expired_key | The key that made the signature is expired. |
not_signing_key | The "signing" flag is not among the usage flags in the GPG key that made the signature. |
gpgverify_error | There was an error communicating with the signature verification service. |
gpgverify_unavailable | The signature verification service is currently unavailable. |
unsigned | The object does not include a signature. |
unknown_signature_type | A non-PGP signature was found in the commit. |
no_user | No user was associated with the committer email address in the commit. |
unverified_email | The committer email address in the commit was associated with a user, but the email address is not verified on their account. |
bad_email | The committer email address in the commit is not included in the identities of the PGP key that made the signature. |
unknown_key | The key that made the signature has not been registered with any user's account. |
malformed_signature | There was an error parsing the signature. |
invalid | The signature could not be cryptographically verified using the key whose key-id was found in the signature. |
valid | None of the above errors applied, so the signature is considered to be verified. |
Feinkörnige Zugriffstoken für "Create a commit"
Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:
- GitHub App-Benutzerzugriffstoken
- GitHub-App-Installations-Zugriffstoken
- Feingranulare persönliche Zugriffstoken
Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:
- "Contents" repository permissions (write)
Parameter für "Create a commit"
| Name, Typ, BESCHREIBUNG |
|---|
accept string Setting to |
| Name, Typ, BESCHREIBUNG |
|---|
owner string ErforderlichThe account owner of the repository. The name is not case sensitive. |
repo string ErforderlichThe name of the repository without the |
| Name, Typ, BESCHREIBUNG | ||||
|---|---|---|---|---|
message string ErforderlichThe commit message | ||||
tree string ErforderlichThe SHA of the tree object this commit points to | ||||
parents array of strings The full SHAs of the commits that were the parents of this commit. If omitted or empty, the commit will be written as a root commit. For a single parent, an array of one SHA should be provided; for a merge commit, an array of more than one should be provided. | ||||
author object Information about the author of the commit. By default, the | ||||
| ||||
committer object Information about the person who is making the commit. By default, | ||||
Properties of |
| Name, Typ, BESCHREIBUNG |
|---|
name string The name of the author (or committer) of the commit |
email string The email of the author (or committer) of the commit |
date string Indicates when this commit was authored (or committed). This is a timestamp in ISO 8601 format: |
signature string The PGP signature of the commit. GitHub adds the signature to the gpgsig header of the created commit. For a commit signature to be verifiable by Git or GitHub, it must be an ASCII-armored detached PGP signature over the string commit as it would be written to the object database. To pass a signature parameter, you need to first manually create a valid PGP signature, which can be complicated. You may find it easier to use the command line to create signed commits.
HTTP-Antwortstatuscodes für "Create a commit"
| Statuscode | BESCHREIBUNG |
|---|---|
201 | Created |
404 | Resource not found |
409 | Conflict |
422 | Validation failed, or the endpoint has been spammed. |
Codebeispiele für "Create a commit"
Anforderungsbeispiel
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/git/commits \
-d '{"message":"my commit message","author":{"name":"Mona Octocat","email":"[email protected]","date":"2008-07-09T16:13:30+12:00"},"parents":["7d1b31e74ee336d15cbd21741bc88a537ed063a0"],"tree":"827efc6d56897b048c772eb4087f854f46256132","signature":"-----BEGIN PGP SIGNATURE-----\n\niQIzBAABAQAdFiEESn/54jMNIrGSE6Tp6cQjvhfv7nAFAlnT71cACgkQ6cQjvhfv\n7nCWwA//XVqBKWO0zF+bZl6pggvky3Oc2j1pNFuRWZ29LXpNuD5WUGXGG209B0hI\nDkmcGk19ZKUTnEUJV2Xd0R7AW01S/YSub7OYcgBkI7qUE13FVHN5ln1KvH2all2n\n2+JCV1HcJLEoTjqIFZSSu/sMdhkLQ9/NsmMAzpf/iIM0nQOyU4YRex9eD1bYj6nA\nOQPIDdAuaTQj1gFPHYLzM4zJnCqGdRlg0sOM/zC5apBNzIwlgREatOYQSCfCKV7k\nnrU34X8b9BzQaUx48Qa+Dmfn5KQ8dl27RNeWAqlkuWyv3pUauH9UeYW+KyuJeMkU\n+NyHgAsWFaCFl23kCHThbLStMZOYEnGagrd0hnm1TPS4GJkV4wfYMwnI4KuSlHKB\njHl3Js9vNzEUQipQJbgCgTiWvRJoK3ENwBTMVkKHaqT4x9U4Jk/XZB6Q8MA09ezJ\n3QgiTjTAGcum9E9QiJqMYdWQPWkaBIRRz5cET6HPB48YNXAAUsfmuYsGrnVLYbG+\nUpC6I97VybYHTy2O9XSGoaLeMI9CsFn38ycAxxbWagk5mhclNTP5mezIq6wKSwmr\nX11FW3n1J23fWZn5HJMBsRnUCgzqzX3871IqLYHqRJ/bpZ4h20RhTyPj5c/z7QXp\neSakNQMfbbMcljkha+ZMuVQX1K9aRlVqbmv3ZMWh+OijLYVU2bc=\n=5Io4\n-----END PGP SIGNATURE-----\n"}'Response
Status: 201{
"sha": "7638417db6d59f3c431d3e1f261cc637155684cd",
"node_id": "MDY6Q29tbWl0NzYzODQxN2RiNmQ1OWYzYzQzMWQzZTFmMjYxY2M2MzcxNTU2ODRjZA==",
"url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits/7638417db6d59f3c431d3e1f261cc637155684cd",
"author": {
"date": "2014-11-07T22:01:45Z",
"name": "Monalisa Octocat",
"email": "[email protected]"
},
"committer": {
"date": "2014-11-07T22:01:45Z",
"name": "Monalisa Octocat",
"email": "[email protected]"
},
"message": "my commit message",
"tree": {
"url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees/827efc6d56897b048c772eb4087f854f46256132",
"sha": "827efc6d56897b048c772eb4087f854f46256132"
},
"parents": [
{
"url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits/7d1b31e74ee336d15cbd21741bc88a537ed063a0",
"sha": "7d1b31e74ee336d15cbd21741bc88a537ed063a0",
"html_url": "https://github.com/octocat/Hello-World/commit/7d1b31e74ee336d15cbd21741bc88a537ed063a0"
}
],
"verification": {
"verified": false,
"reason": "unsigned",
"signature": null,
"payload": null,
"verified_at": null
},
"html_url": "https://github.com/octocat/Hello-World/commit/7638417db6d59f3c431d3e1f261cc637155684cd"
}Get a commit object
Gets a Git commit object.
To get the contents of a commit, see "Get a commit."
Signature verification object
The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:
| Name | Type | Description |
|---|---|---|
verified | boolean | Indicates whether GitHub considers the signature in this commit to be verified. |
reason | string | The reason for verified value. Possible values and their meanings are enumerated in the table below. |
signature | string | The signature that was extracted from the commit. |
payload | string | The value that was signed. |
verified_at | string | The date the signature was verified by GitHub. |
These are the possible values for reason in the verification object:
| Value | Description |
|---|---|
expired_key | The key that made the signature is expired. |
not_signing_key | The "signing" flag is not among the usage flags in the GPG key that made the signature. |
gpgverify_error | There was an error communicating with the signature verification service. |
gpgverify_unavailable | The signature verification service is currently unavailable. |
unsigned | The object does not include a signature. |
unknown_signature_type | A non-PGP signature was found in the commit. |
no_user | No user was associated with the committer email address in the commit. |
unverified_email | The committer email address in the commit was associated with a user, but the email address is not verified on their account. |
bad_email | The committer email address in the commit is not included in the identities of the PGP key that made the signature. |
unknown_key | The key that made the signature has not been registered with any user's account. |
malformed_signature | There was an error parsing the signature. |
invalid | The signature could not be cryptographically verified using the key whose key-id was found in the signature. |
valid | None of the above errors applied, so the signature is considered to be verified. |
Feinkörnige Zugriffstoken für "Get a commit object"
Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:
- GitHub App-Benutzerzugriffstoken
- GitHub-App-Installations-Zugriffstoken
- Feingranulare persönliche Zugriffstoken
Das differenzierte Token muss über den folgenden Berechtigungssatz verfügen.:
- "Contents" repository permissions (read)
Dieser Endpunkt kann ohne Authentifizierung oder die zuvor erwähnten Berechtigungen verwendet werden, wenn nur öffentliche Ressourcen angefordert werden.
Parameter für "Get a commit object"
| Name, Typ, BESCHREIBUNG |
|---|
accept string Setting to |
| Name, Typ, BESCHREIBUNG |
|---|
owner string ErforderlichThe account owner of the repository. The name is not case sensitive. |
repo string ErforderlichThe name of the repository without the |
commit_sha string ErforderlichThe SHA of the commit. |
HTTP-Antwortstatuscodes für "Get a commit object"
| Statuscode | BESCHREIBUNG |
|---|---|
200 | OK |
404 | Resource not found |
409 | Conflict |
Codebeispiele für "Get a commit object"
Anforderungsbeispiel
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/git/commits/COMMIT_SHAResponse
Status: 200{
"sha": "7638417db6d59f3c431d3e1f261cc637155684cd",
"node_id": "MDY6Q29tbWl0NmRjYjA5YjViNTc4NzVmMzM0ZjYxYWViZWQ2OTVlMmU0MTkzZGI1ZQ==",
"url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits/7638417db6d59f3c431d3e1f261cc637155684cd",
"html_url": "https://github.com/octocat/Hello-World/commit/7638417db6d59f3c431d3e1f261cc637155684cd",
"author": {
"date": "2014-11-07T22:01:45Z",
"name": "Monalisa Octocat",
"email": "[email protected]"
},
"committer": {
"date": "2014-11-07T22:01:45Z",
"name": "Monalisa Octocat",
"email": "[email protected]"
},
"message": "added readme, because im a good github citizen",
"tree": {
"url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees/691272480426f78a0138979dd3ce63b77f706feb",
"sha": "691272480426f78a0138979dd3ce63b77f706feb"
},
"parents": [
{
"url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits/1acc419d4d6a9ce985db7be48c6349a0475975b5",
"sha": "1acc419d4d6a9ce985db7be48c6349a0475975b5",
"html_url": "https://github.com/octocat/Hello-World/commit/7638417db6d59f3c431d3e1f261cc637155684cd"
}
],
"verification": {
"verified": false,
"reason": "unsigned",
"signature": null,
"payload": null,
"verified_at": null
}
}