> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# GH_BypassPullRequestAllowances

> User or team can bypass pull request requirements on a branch protection rule

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Edge Schema

* Source: [GH\_User](/opengraph/extensions/github/nodes/gh_user), [GH\_Team](/opengraph/extensions/github/nodes/gh_team)
* Destination: [GH\_BranchProtectionRule](/opengraph/extensions/github/nodes/gh_branchprotectionrule)
* Traversable: ❌

## General Information

The non-traversable GH\_BypassPullRequestAllowances edge represents a per-actor allowance that bypasses the pull request review requirement on a branch protection rule. This edge identifies specific users or teams that can merge code without going through the normal PR review process. This is a significant security concern because these actors can push or merge changes directly, circumventing code review controls that protect branch integrity. Note that this bypass is suppressed when `enforce_admins` is enabled on the branch protection rule, meaning even listed actors must follow the PR review requirement.

```mermaid theme={null}
graph LR
    user1("GH_User alice")
    team1("GH_Team release-managers")
    bpr1("GH_BranchProtectionRule main")
    user1 -- GH_BypassPullRequestAllowances --> bpr1
    team1 -- GH_BypassPullRequestAllowances --> bpr1
```