Push the proposal as a GitHub PR via the shared ZeroQuarryBot App.
POST/v1/autofix-proposals/:proposal_id/approve
Runs the layered safety stack before the network call:
- tier flag is on
- account-level kill switch is OFF
- proposal is associated with a github.com repo
- ZeroQuarryBot App is configured + has access to this repo for the calling account (cross-tenant authz boundary)
- per-repo kill switch is OFF
If layer 4 fails because the bot isn't installed on the org/user
that owns the repo, the response is 403 with
reason_code: "not_installed" and the repo_slug to install
on. The caller should direct the user to /account/github to
complete the install — there's no in-band way to trigger that
from the API (GitHub's own UI handles consent).
On a GitHub-side failure (network error, dry-run apply rejected
the patch, the App's installation token expired or was revoked,
etc.) the proposal status flips to failed and the response
is 502.
Request
Responses
- 200
- 403
- 404
- 409
- 502
- 503
PR opened. Proposal record now has status: pushed, pr_url, pr_number.
Safety check rejected the push. reason_code: "not_installed"
means the bot isn't installed for this repo; other 403s carry
no reason_code and indicate kill-switch / tier / non-GitHub
repo failures.
Resource not found or not visible to the caller.
Proposal is not in staged state.
GitHub push failed; proposal was transitioned to failed.
ZeroQuarryBot App is not configured on the server.