此版本的 GitHub Enterprise 已停止服务 2022-10-12. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持。
机密扫描
使用机密扫描 API 从存储库中检索和更新机密警报。
注意:secret scanning API 目前为 beta 版本,可能会有变动。
关于机密扫描 API
使用 secret scanning API,� 可以:
- 为存储库启用或禁用 secret scanning。 有关详细信息,请参阅“存储库”,并展开 REST API 文档中的“
security_and_analysis
对象的属性”部分。 - 从存储库检索和更新 secret scanning 警报。 有关更多详细信息,请参阅以下部分。
有关 secret scanning 的详细信息,请参阅“关于 secret scanning”。
List secret scanning alerts for a repository
Lists secret scanning alerts for a private repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
参数
Headers |
---|
Name, Type, Description |
accept stringSetting to |
Path parameters |
Name, Type, Description |
owner stringRequiredThe account owner of the repository. The name is not case sensitive. |
repo stringRequiredThe name of the repository. The name is not case sensitive. |
Query parameters |
Name, Type, Description |
state stringSet to Can be one of: |
secret_type stringA comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution stringA comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
page integerPage number of the results to fetch. Default: |
per_page integerThe number of results per page (max 100). Default: |
HTTP 响应状态代� �
状态代� � | 说明 |
---|---|
200 | OK |
404 | Repository is public or secret scanning is disabled for the repository |
503 | Service unavailable |
代� �示例
curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
Get a secret scanning alert
Gets a single secret scanning alert detected in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
参数
Headers |
---|
Name, Type, Description |
accept stringSetting to |
Path parameters |
Name, Type, Description |
owner stringRequiredThe account owner of the repository. The name is not case sensitive. |
repo stringRequiredThe name of the repository. The name is not case sensitive. |
alert_number integerRequiredThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
HTTP 响应状态代� �
状态代� � | 说明 |
---|---|
200 | OK |
304 | Not modified |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
代� �示例
curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "open",
"secret_type": "mailchimp_api_key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}
Update a secret scanning alert
Updates the status of a secret scanning alert in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
write permission to use this endpoint.
参数
Headers |
---|
Name, Type, Description |
accept stringSetting to |
Path parameters |
Name, Type, Description |
owner stringRequiredThe account owner of the repository. The name is not case sensitive. |
repo stringRequiredThe name of the repository. The name is not case sensitive. |
alert_number integerRequiredThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Body parameters |
Name, Type, Description |
state stringRequiredSets the state of the secret scanning alert. You must provide Can be one of: |
resolution string or nullRequired when the Can be one of: |
HTTP 响应状态代� �
状态代� � | 说明 |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
422 | State does not match the resolution |
503 | Service unavailable |
代� �示例
curl \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
-d '{"state":"resolved","resolution":"false_positive"}'
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "resolved",
"resolution": "used_in_tests",
"resolved_at": "2020-11-16T22:42:07Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "mailchimp_api_key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}