Skip to main content

commits

Overview

Namecommits
TypeResource
Idgithub.git.commits

Fields

NameDatatypeDescription
authorobjectIdentifying information for the git-user
committerobjectIdentifying information for the git-user
html_urlstring
messagestringMessage describing the purpose of the commit
node_idstring
parentsarray
shastringSHA for the commit
treeobject
urlstring
verificationobject

Methods

NameAccessible byRequired ParamsDescription
get_commitSELECTcommit_sha, owner, repoGets a Git commit object.

To get the contents of a commit, see "Get a commit."

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

| Name | Type | Description |
| ---- | ---- | ----------- |
| verified | boolean | Indicates whether GitHub considers the signature in this commit to be verified. |
| reason | string | The reason for verified value. Possible values and their meanings are enumerated in the table below. |
| signature | string | The signature that was extracted from the commit. |
| payload | string | The value that was signed. |

These are the possible values for reason in the verification object:

| Value | Description |
| ----- | ----------- |
| expired_key | The key that made the signature is expired. |
| not_signing_key | The "signing" flag is not among the usage flags in the GPG key that made the signature. |
| gpgverify_error | There was an error communicating with the signature verification service. |
| gpgverify_unavailable | The signature verification service is currently unavailable. |
| unsigned | The object does not include a signature. |
| unknown_signature_type | A non-PGP signature was found in the commit. |
| no_user | No user was associated with the committer email address in the commit. |
| unverified_email | The committer email address in the commit was associated with a user, but the email address is not verified on their account. |
| bad_email | The committer email address in the commit is not included in the identities of the PGP key that made the signature. |
| unknown_key | The key that made the signature has not been registered with any user's account. |
| malformed_signature | There was an error parsing the signature. |
| invalid | The signature could not be cryptographically verified using the key whose key-id was found in the signature. |
| valid | None of the above errors applied, so the signature is considered to be verified. |
create_commitINSERTowner, repo, data__message, data__treeCreates a new Git commit object.

Signature verification object

The response will include a verification object that describes the result of verifying the commit's signature. The following fields are included in the verification object:

| Name | Type | Description |
| ---- | ---- | ----------- |
| verified | boolean | Indicates whether GitHub considers the signature in this commit to be verified. |
| reason | string | The reason for verified value. Possible values and their meanings are enumerated in the table below. |
| signature | string | The signature that was extracted from the commit. |
| payload | string | The value that was signed. |

These are the possible values for reason in the verification object:

| Value | Description |
| ----- | ----------- |
| expired_key | The key that made the signature is expired. |
| not_signing_key | The "signing" flag is not among the usage flags in the GPG key that made the signature. |
| gpgverify_error | There was an error communicating with the signature verification service. |
| gpgverify_unavailable | The signature verification service is currently unavailable. |
| unsigned | The object does not include a signature. |
| unknown_signature_type | A non-PGP signature was found in the commit. |
| no_user | No user was associated with the committer email address in the commit. |
| unverified_email | The committer email address in the commit was associated with a user, but the email address is not verified on their account. |
| bad_email | The committer email address in the commit is not included in the identities of the PGP key that made the signature. |
| unknown_key | The key that made the signature has not been registered with any user's account. |
| malformed_signature | There was an error parsing the signature. |
| invalid | The signature could not be cryptographically verified using the key whose key-id was found in the signature. |
| valid | None of the above errors applied, so the signature is considered to be verified. |