GitHub - Opus Transcript

{
  "query": "WebFetch WebSearch",
  "max_results": 2
}

[
  {
    "type": "tool_reference",
    "tool_name": "WebFetch"
  }
]

{
  "url": "https://github.com/llms.txt",
  "prompt": "Extract the full contents of this llms.txt file. List all sections, URLs, and descriptions provided."
}

{
  "url": "https://docs.github.com/en/rest/overview/about-githubs-apis",
  "prompt": "Extract all information about GitHub's APIs: what APIs are available (REST, GraphQL, etc.), how they work, versioning, base URLs, and any key concepts mentioned."
}

{
  "url": "https://docs.github.com/en/rest/authentication/authenticating-to-the-rest-api",
  "prompt": "Extract all authentication methods for GitHub's REST API: tokens, OAuth, GitHub Apps, permissions, and how each method works."
}

{
  "url": "https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api",
  "prompt": "Extract all rate limit details: limits for different auth types, how to check remaining limits, what happens when exceeded, and best practices."
}

# GitHub APIs Overview

## Available APIs

GitHub offers two primary APIs:
- **REST API**: The longer-established option using standard HTTP verbs and conventions
- **GraphQL API**: A newer alternative for more efficient data retrieval

## Key Characteristics

**GraphQL API:**
- Returns only the requested data in a predictable structure matching your query
- Enables multiple REST API-equivalent requests in a single call
- Particularly valuable for mobile app developers seeking to minimize requests and data transfer

**REST API:**
- Uses familiar HTTP verbs and standard web concepts
- Returns comprehensive data regardless of specific needs
- Employs a predetermined response structure

## Interoperability

The documentation notes: "Node IDs let you move between the REST API and GraphQL API," allowing developers to leverage both systems without being locked into one approach.

## Access Methods

Both APIs can be accessed through:
- GitHub CLI
- curl commands
- Official Octokit libraries
- Third-party libraries

## Feature Parity Note

The documentation acknowledges that "a feature may be supported on one API but not the other," so developers should select the API best matching their specific requirements rather than exclusively committing to either option.

# GitHub llms.txt Contents

## Overview
The document introduces GitHub as a developer platform offering Git repository hosting, CI/CD via Actions, project management, code review, AI development tools, and APIs for automation.

## Main Sections & Resources

**Programmatic Access APIs**
- Page List API: Returns documentation page paths
- Article API: Retrieves full rendered documentation as markdown
- Search API: Searches across all documentation content

**Building with GitHub**
- GitHub MCP Server integration with Copilot Chat
- GitHub CLI for command-line workflows
- REST and GraphQL APIs for integrations
- GitHub Actions for workflow automation

**GitHub Copilot Features**
- IDE chat functionality and code suggestions
- Agent skills and custom agents for specialized tasks
- CLI tools for command-line assistance
- Code review capabilities
- Multiple AI model support

**Getting Started**
- Account creation and setup
- Git basics and remote repositories
- SSH authentication and personal access tokens
- Two-factor authentication configuration

**Development Tools**
- GitHub Actions for CI/CD automation
- GitHub Pages for website hosting
- Repositories management and protection
- Issues, Projects, and pull requests

**Additional Sections**
- Billing for Actions, Copilot, and Models
- Codespaces for cloud development
- Organizations and access controls
- Container registry support
- Code search syntax

All documentation available at https://docs.github.com

{
  "url": "https://docs.github.com/en/graphql/overview/about-the-graphql-api",
  "prompt": "Extract all information about GitHub's GraphQL API: how it works, advantages over REST, endpoint, authentication, and key concepts."
}

# GitHub REST API Authentication Methods

## 1. Personal Access Tokens
**How it works:** Users create tokens that act as their identity when making API requests, sent via the `Authorization: Bearer` header.

**Types:**
- Fine-grained tokens (recommended): Require specific permissions per endpoint
- Classic tokens: Require OAuth scopes for each endpoint

**Key consideration:** "If you use a personal access token (classic) to access an organization that enforces SAML single sign-on (SSO) for authentication, you will need to authorize your token after creation."

## 2. GitHub Apps
**How it works:** Apps generate tokens that are "automatically authorized for SAML SSO," eliminating manual authorization steps.

**Permissions:** Each endpoint requires specific permissions; some need multiple or alternative permissions.

**Advantage:** Provides "more control over the access and permission that the app has" compared to OAuth apps.

## 3. OAuth Apps
**How it works:** Generate access tokens for API use, though GitHub recommends GitHub Apps instead.

## 4. Basic Authentication
**Use case:** Required for certain GitHub App and OAuth app endpoints.

**Method:** Uses "the app's client ID as the username and the app's client secret as the password."

## 5. GitHub Actions Built-in Token
**How it works:** Use the `GITHUB_TOKEN` environment variable within workflows, with permissions managed via the `permissions` key.

**Implementation:** Can authenticate via GitHub CLI (`gh api`) or `curl` commands.

## Rate Limiting & Security
Authentication increases hourly request limits. Failed login attempts trigger temporary `403 Forbidden` responses after multiple invalid credential attempts.

# GitHub's GraphQL API Overview

## How It Works

GraphQL is a specification-based query language that is "strongly typed" with a schema defining the API's type system. The system is "introspective," allowing clients to query schema details, and "hierarchical," where GraphQL call shapes mirror their JSON response structures.

## Key Advantages Over REST

GitHub adopted GraphQL because it provides "significantly more flexibility for our integrators." The primary benefit is precision—developers can "define precisely the data you want—and *only* the data you want." This eliminates the inefficiency of REST APIs: GraphQL enables users to "replace multiple REST requests with *a single call*."

## Architecture Principles

The system functions as "an application layer" rather than a storage or database query language. The schema uses graph structures where nodes represent objects and edges define relationships between them, allowing the API to traverse and return application data independent of storage implementation.

## Technical Foundation

The GraphQL endpoint serves as the root for all calls. Authentication is required for API access. The schema is introspectable, enabling discovery of allowed operations (queries and mutations) and schema-defined types (scalars, objects, enums, interfaces, unions, and input objects).

## Support Resources

GitHub provides documentation on authentication, rate limits, and migration guidance. For technical questions, the API and Webhooks Community Discussions category offers community-moderated support, while GitHub Support handles sensitive issues and feature requests.

# GitHub API Rate Limits Summary

## Rate Limits by Authentication Type

**Unauthenticated Users:**
- 60 requests per hour (IP-based)
- Git LFS: 300 requests/minute (30,000 objects/minute)

**Authenticated Users (Personal Access Token):**
- 5,000 requests per hour
- Git LFS: 3,000 requests/minute (300,000 objects/minute)

**Enterprise Cloud Organizations:**
- GitHub Apps: 15,000 requests per hour
- OAuth apps: 15,000 requests per hour

**GitHub App Installations:**
- Base: 5,000 requests per hour
- Enterprise Cloud: 15,000 requests per hour
- Scaling installations: up to 12,500 requests per hour (50 requests per hour per repository/user over 20)

**GitHub Actions (`GITHUB_TOKEN`):**
- 1,000 requests per hour per repository
- Enterprise Cloud: 15,000 requests per hour per repository

**OAuth Apps (Client ID/Secret):**
- 5,000 requests per hour per app
- Enterprise Cloud: 15,000 requests per hour

## Secondary Rate Limits

- **Concurrent requests:** Maximum 100
- **Points per minute:** 900 (REST), 2,000 (GraphQL)
- **CPU time:** 90 seconds per 60 seconds real time
- **Content creation:** 80 requests/minute, 500/hour
- **OAuth token requests:** 2,000 per hour

Point values: GET/HEAD/OPTIONS = 1; POST/PATCH/PUT/DELETE = 5

## Checking Your Limits

Response headers indicate status:
- `x-ratelimit-limit` – maximum requests per hour
- `x-ratelimit-remaining` – requests left in window
- `x-ratelimit-reset` – window reset time (UTC epoch)

Alternatively, call `GET /rate_limit` endpoint (doesn't count toward primary limit).

## Exceeding Limits

Responses return `403` or `429` status codes with `x-ratelimit-remaining` set to `0`. "You should not retry your request until after the time specified by the `x-ratelimit-reset` header."

For secondary limits with `retry-after` header, wait the specified seconds before retrying. Repeated violations may result in integration banning.

## Best Practices

Make authenticated requests instead of unauthenticated ones. Consider GitHub Apps for automation—their limits scale with repositories and organization members. Upgrade to Enterprise Cloud for higher limits. Review the "Best practices for using the REST API" guide for additional strategies.

{
  "url": "https://docs.github.com/en/apps/overview",
  "prompt": "Extract all information about GitHub Apps: what they are, how they differ from OAuth apps, their permissions model, installation scoping, and when to use them for automation/internal tools."
}

{
  "url": "https://docs.github.com/en/rest/overview/github-openapi-description",
  "prompt": "Extract all information about GitHub's OpenAPI description/spec: where to find it, what formats are available, how to use it, and what it covers."
}

{
  "url": "https://docs.github.com/en/rest/guides/scripting-with-the-rest-api-and-javascript",
  "prompt": "Extract information about GitHub's official SDKs/libraries (Octokit), what languages they support, how to use them for scripting and automation."
}

# GitHub Apps: Overview and Key Distinctions

## What GitHub Apps Are

GitHub Apps extend GitHub's capabilities both within and outside the platform. They can perform actions like opening issues and commenting on pull requests directly on GitHub, or trigger external actions based on GitHub events—for example, "a GitHub App can post on Slack when an issue is opened on GitHub."

## Permissions and Security Model

GitHub Apps employ a more restrictive approach to permissions. They feature "fine-grained permissions" and allow users to control "which repositories the app can access." Additionally, they utilize "short-lived tokens," which limits exposure if credentials are compromised.

## Comparison to OAuth Apps

While GitHub supports OAuth applications, the platform favors GitHub Apps. The key advantage is security: OAuth apps lack the granular permission controls and repository-level access restrictions that GitHub Apps provide. The short-lived token model in GitHub Apps reduces potential damage from credential leaks compared to OAuth's longer-lived tokens.

## When to Use GitHub Apps

The documentation suggests GitHub Apps are the preferred choice over OAuth apps, particularly when you need enhanced security through restricted permissions and controlled repository access. This makes them well-suited for automation and internal tools where security hardening is a priority.

{
  "url": "https://github.com/github/github-mcp-server",
  "prompt": "Extract all information about the GitHub MCP server: what it is, what tools/capabilities it provides, how to set it up, and what operations it supports (issues, PRs, branches, etc.)."
}

{
  "url": "https://docs.github.com/en/rest/issues/issues",
  "prompt": "Extract the key API endpoints for managing issues: creating, listing, updating, closing issues. Include the HTTP methods and paths."
}

# GitHub MCP Server Overview

## What It Is

The GitHub MCP Server is an integration that "connects AI tools directly to GitHub's platform," enabling AI agents and chatbots to interact with GitHub through natural language.

## Key Capabilities

The server provides functionality across several domains:

**Repository Operations**: Browse code, search files, analyze commits, and understand project structure.

**Issue & PR Management**: "Create, update, and manage issues and pull requests. Let AI help triage bugs, review code changes."

**Workflow Intelligence**: Monitor GitHub Actions, analyze build failures, manage releases, and track development pipelines.

**Code Analysis**: Examine security findings, review Dependabot alerts, and gain insights into codebases.

**Team Collaboration**: Access discussions, manage notifications, and streamline team processes.

## Installation Options

**Remote Server** (easiest): Hosted by GitHub at `https://api.githubcopilot.com/mcp/`, supporting OAuth or Personal Access Tokens (PATs).

**Local Server**: Runs via Docker container at `ghcr.io/github/github-mcp-server`, requiring manual PAT configuration.

**Build from Source**: Compile the Go binary and run standalone.

## Configuration Features

- **Toolsets**: Enable/disable specific functionality groups (repos, issues, pull requests, actions, code security)
- **GitHub Enterprise**: Supports both Enterprise Server and Enterprise Cloud via data residency
- **Insiders Mode**: Access early experimental features
- **Tool Filtering**: Select individual tools for fine-grained control

## Supported Host Applications

VS Code, Claude Desktop, Cursor, Windsurf, JetBrains IDEs, Visual Studio, and other MCP-compatible clients.

Request failed with status code 503

Request failed with status code 503

I cannot extract the API endpoints you're requesting because the provided web page content is incomplete. The page only shows a comment indicating that "Content after this section is automatically generated," but no actual endpoint documentation or API specifications are included.

To provide the information you need about issue management endpoints (create, list, update, close operations), I would require the actual API documentation or specification content that follows that comment.

If you can share the complete page content or the relevant API documentation section, I'll be happy to extract the HTTP methods and paths in a concise format.

{
  "url": "https://docs.github.com/en/rest/pulls/pulls",
  "prompt": "Extract the key API endpoints for pull requests: creating, listing, updating PRs. Include HTTP methods and URL paths."
}

{
  "url": "https://docs.github.com/en/rest/branches/branches",
  "prompt": "Extract the key API endpoints for branch management: creating, listing, deleting branches. Include HTTP methods and paths."
}

{
  "url": "https://docs.github.com/en/apps/creating-github-apps/about-creating-github-apps",
  "prompt": "Extract information about creating GitHub Apps for automation: permissions model details, installation tokens, how permissions are scoped to repositories, and the app registration process."
}

# Pull Request API Endpoints

Based on the provided content, **specific HTTP methods and URL paths for creating, listing, and updating pull requests are not detailed in this section**.

The documentation indicates that:

- **General PR operations** use REST API endpoints, though exact paths aren't specified in this excerpt
- **Issue-related actions** (assignees, labels, milestones) on PRs utilize the issues API: `/repos/{owner}/{repo}/issues/{issue_number}`
- **Link relations** provide API locations, including `self` for the PR's API location and `commits` for PR commits

The passage states: *"You can list, view, edit, create, and merge pull requests using the REST API"* but reserves detailed endpoint documentation for other sections. For complete endpoint specifications with HTTP methods, you'd need to reference the full REST API endpoints documentation for pull requests.

I appreciate your request, but I'm unable to provide the information you're asking for. The web page content section in your message is empty—there's no actual content between the dashes for me to extract from.

To help you effectively, please provide:

1. The actual GitHub documentation or web page content about GitHub Apps
2. Specific sections covering permissions, installation tokens, repository scoping, and registration

Once you share the source material, I'll be happy to extract and summarize the relevant information while adhering to your guidelines about character limits for quotes and paraphrasing requirements.

Request failed with status code 503

{
  "command": "gh api / 2>&1 | head -30",
  "description": "Check GitHub CLI API access and root endpoint"
}

{
  "url": "https://docs.github.com/en/rest/git/refs",
  "prompt": "Extract API endpoints for Git references (refs) which are used to create branches programmatically. Include HTTP methods, paths, and parameters needed to create a branch via refs."
}

{
  "url": "https://docs.github.com/en/rest/overview/libraries-for-the-rest-api",
  "prompt": "Extract all official and community SDK/library information: what languages are supported, library names (Octokit), and links."
}

Get "https://api.github.com/": tls: failed to verify certificate: x509: OSStatus -26276

# Git References API Endpoints

Based on the provided content, I cannot extract specific API endpoints, HTTP methods, or parameters for creating branches via refs because that information is not included in the page excerpt provided.

The content only offers a **conceptual overview**, stating that:

> "A Git reference is a file that contains a Git commit SHA-1 hash" and "These endpoints allow you to read and write references to your Git database on GitHub."

However, the actual endpoint documentation appears after a note indicating "Content after this section is automatically generated," which is not included in your source material.

**To find the specific endpoints you need**, you would need to:
- Access the complete GitHub API documentation page
- Look for sections detailing HTTP methods (GET, POST, PATCH, DELETE)
- Review parameter specifications for creating or updating refs/branches

I cannot provide fabricated endpoint details based on this introductory section alone.

# GitHub API Libraries Overview

## Official Octokit Libraries

GitHub maintains these official client libraries:

* **JavaScript**: "octokit.js" - https://github.com/octokit/octokit.js
* **Ruby**: "octokit.rb" - https://github.com/octokit/octokit.rb
* **.NET**: "octokit.net" - https://github.com/octokit/octokit.net
* **Terraform**: "terraform-provider-github" - https://github.com/integrations/terraform-provider-github

## Third-Party Libraries by Language

The documentation lists community-maintained options across 15+ languages:

| Language | Notable Libraries |
|----------|-------------------|
| **Clojure** | Tentacles |
| **Dart** | github.dart |
| **Go** | go-github |
| **Java** | GitHub API for Java, JCabi GitHub API |
| **JavaScript** | octonode, Github.js, github-client |
| **Python** | PyGithub, gidgethub, ghapi, github3.py, agithub, githubkit |
| **Rust** | Octocrab |
| **Scala** | Github4s |
| **PHP, Perl, PowerShell, Shell** | Multiple options available |

All third-party libraries "are governed by separate terms of service, privacy policy, and support documentation" and are not maintained by GitHub.