Problem

Repositories updated by bots are excluded (reduced security):

Description

Protections can be maintained with specific users (bots) excluded

In the GitHub GUI, the specific user exclusions look like this, for example:

The script (normalize_repos.py) already handles:

• Protect matching branches
  • Require a pull request before merging
    • Require approvals

It needs to be updated to also handle (with ability to specify one or more users):

• Protect matching branches
  • Allow specified actors to bypass required pull requests

Additional context

• Managing a branch protection rule - GitHub Docs
• BranchProtection — PyGithub documentation
• REST API endpoints for protected branches - GitHub Docs

Implementation

• I would be interested in implementing this feature.