REST-API-Endpunkte für Sicherheitsfeatures für Code auf Unternehmensniveau

Note

Diese Endpunkte unterstützen nur die Authentifizierung über ein personal access token (classic). Weitere Informationen finden Sie unter Verwalten deiner persönlichen Zugriffstoken.

Get code security and analysis features for an enterprise

Warning

Closing down notice: The ability to fetch code security and analysis settings for an enterprise is closing down. Please use code security configurations instead. For more information, see the changelog.

Gets code security and analysis settings for the specified enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

Differenzierte Zugriffstoken für "Get code security and analysis features for an enterprise"

Dieser Endpunkt funktioniert nicht mit GitHub-App-Benutzerzugriffstoken, GitHub-App-Installationszugriffstoken oder differenzierten persönlichen Zugriffstoken.

Parameter für „Get code security and analysis features for an enterprise“

Header
Name, type, BESCHREIBUNG
`accept` string Setting to `application/vnd.github+json` is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
`enterprise` string Erforderlich The slug version of the enterprise name. You can also substitute this value with the enterprise id.

HTTP-Antwortstatuscodes für „Get code security and analysis features for an enterprise“

Statuscode	BESCHREIBUNG
`200`	OK
`404`	Resource not found

Codebeispiele für „Get code security and analysis features for an enterprise“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

get/enterprises/{enterprise}/code_security_and_analysis

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/code_security_and_analysis

Response

Status: 200

{
  "advanced_security_enabled_for_new_repositories": true,
  "dependabot_alerts_enabled_for_new_repositories": true,
  "secret_scanning_enabled_for_new_repositories": true,
  "secret_scanning_push_protection_enabled_for_new_repositories": true,
  "secret_scanning_push_protection_custom_link": "https://github.com/test-org/test-repo/blob/main/README.md",
  "secret_scanning_non_provider_patterns_enabled_for_new_repositories": true,
  "secret_scanning_validity_checks_enabled": true
}

Update code security and analysis features for an enterprise

Warning

Closing down notice: The ability to update code security and analysis settings for an enterprise is closing down. Please use code security configurations instead. For more information, see the changelog.

Updates the settings for advanced security, Dependabot alerts, secret scanning, and push protection for new repositories in an enterprise.

The authenticated user must be an administrator of the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Differenzierte Zugriffstoken für "Update code security and analysis features for an enterprise"

Dieser Endpunkt funktioniert nicht mit GitHub-App-Benutzerzugriffstoken, GitHub-App-Installationszugriffstoken oder differenzierten persönlichen Zugriffstoken.

Parameter für „Update code security and analysis features for an enterprise“

Header
Name, type, BESCHREIBUNG
`accept` string Setting to `application/vnd.github+json` is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
`enterprise` string Erforderlich The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Textparameter
Name, type, BESCHREIBUNG
`advanced_security_enabled_for_new_repositories` boolean Whether GitHub Advanced Security is automatically enabled for new repositories. For more information, see "About GitHub Advanced Security."
`advanced_security_enabled_new_user_namespace_repos` boolean Whether GitHub Advanced Security is automatically enabled for new user namespace repositories. For more information, see "About GitHub Advanced Security."
`dependabot_alerts_enabled_for_new_repositories` boolean Whether Dependabot alerts are automatically enabled for new repositories. For more information, see "About Dependabot alerts."
`secret_scanning_enabled_for_new_repositories` boolean Whether secret scanning is automatically enabled for new repositories. For more information, see "About secret scanning."
`secret_scanning_push_protection_enabled_for_new_repositories` boolean Whether secret scanning push protection is automatically enabled for new repositories. For more information, see "Protecting pushes with secret scanning."
`secret_scanning_push_protection_custom_link` string or null The URL that will be displayed to contributors who are blocked from pushing a secret. For more information, see "Protecting pushes with secret scanning." To disable this functionality, set this field to `null`.
`secret_scanning_non_provider_patterns_enabled_for_new_repositories` boolean or null Whether secret scanning of non-provider patterns is enabled for new repositories under this enterprise.

HTTP-Antwortstatuscodes für „Update code security and analysis features for an enterprise“

Statuscode	BESCHREIBUNG
`204`	Action started
`404`	Resource not found
`422`	The action could not be taken due to an in progress enablement, or a policy is preventing enablement

Codebeispiele für „Update code security and analysis features for an enterprise“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

patch/enterprises/{enterprise}/code_security_and_analysis

curl -L \
  -X PATCH \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/code_security_and_analysis \
  -d '{"advanced_security_enabled_for_new_repositories":true,"advanced_security_enabled_new_user_namespace_repos":true,"dependabot_alerts_enabled_for_new_repositories":true,"secret_scanning_enabled_for_new_repositories":true,"secret_scanning_push_protection_enabled_for_new_repositories":true,"secret_scanning_push_protection_custom_link":"https://github.com/test-org/test-repo/blob/main/README.md","secret_scanning_non_provider_patterns_enabled_for_new_repositories":true}'

Action started

Status: 204

Enable or disable a security feature

Warning

Closing down notice: The ability to enable or disable a security feature for an enterprise is closing down. Please use code security configurations instead. For more information, see the changelog.

Enables or disables the specified security feature for all repositories in an enterprise.

The authenticated user must be an administrator of the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Differenzierte Zugriffstoken für "Enable or disable a security feature"

Dieser Endpunkt funktioniert nicht mit GitHub-App-Benutzerzugriffstoken, GitHub-App-Installationszugriffstoken oder differenzierten persönlichen Zugriffstoken.

Parameter für „Enable or disable a security feature“

Header
Name, type, BESCHREIBUNG
`accept` string Setting to `application/vnd.github+json` is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
`enterprise` string Erforderlich The slug version of the enterprise name. You can also substitute this value with the enterprise id.
`security_product` string Erforderlich The security feature to enable or disable. Kann eine der Folgenden sein: `advanced_security`, `advanced_security_user_namespace`, `dependabot_alerts`, `secret_scanning`, `secret_scanning_push_protection`, `secret_scanning_non_provider_patterns`
`enablement` string Erforderlich The action to take. `enable_all` means to enable the specified security feature for all repositories in the enterprise. `disable_all` means to disable the specified security feature for all repositories in the enterprise. Kann eine der Folgenden sein: `enable_all`, `disable_all`

HTTP-Antwortstatuscodes für „Enable or disable a security feature“

Statuscode	BESCHREIBUNG
`204`	Action started
`404`	Resource not found
`422`	The action could not be taken due to an in progress enablement, or a policy is preventing enablement

Codebeispiele für „Enable or disable a security feature“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

post/enterprises/{enterprise}/{security_product}/{enablement}

curl -L \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/SECURITY_PRODUCT/ENABLEMENT

Action started

Status: 204