Skip to main content
Die REST-API verfügt jetzt über eine Versionskontrolle. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

REST-API-Endpunkte für die Geheimnisüberprüfung

Verwende die REST-API, um Geheimniswarnungen aus einem Repository abzurufen und zu aktualisieren.

Informationen zur Geheimnisüberprüfung

Du kannst die API für Folgendes verwenden:

  • Aktivieren oder deaktivieren Sie secret scanning und den Push-Schutz für ein Repository. Weitere Informationen findest du unter „REST-API-Endpunkte für Repositorys“. Erweitere den Abschnitt „Eigenschaften des security_and_analysis-Objekts“.
  • Abrufen und Aktualisieren von Warnungen zur Geheimnisüberprüfung aus einem Repository. Weitere Details findest du in den folgenden Abschnitten.

Weitere Informationen zu secret scanning findest du unter Informationen zur Geheimnisüberprüfung.

List secret scanning alerts for an enterprise

Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.

Alerts are only returned for organizations in the enterprise for which the authenticated user is an organization owner or a security manager.

The authenticated user must be a member of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope or security_events scope to use this endpoint.

Differenzierte Zugriffstoken für "List secret scanning alerts for an enterprise"

Dieser Endpunkt funktioniert nicht mit GitHub-App-Benutzerzugriffstoken, GitHub-App-Installationszugriffstoken oder differenzierten persönlichen Zugriffstoken.

Parameter für „List secret scanning alerts for an enterprise“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
enterprise string Erforderlich

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Abfrageparameter
Name, type, BESCHREIBUNG
state string

Set to open or resolved to only list secret scanning alerts in a specific state.

Kann eine der Folgenden sein: open, resolved

secret_type string

A comma-separated list of secret types to return. By default all secret types are returned. See "Supported secret scanning patterns" for a complete list of secret types.

resolution string

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

sort string

The property to sort the results by. created means when the alert was created. updated means when the alert was updated or resolved.

Standard: created

Kann eine der Folgenden sein: created, updated

direction string

The direction to sort the results by.

Standard: desc

Kann eine der Folgenden sein: asc, desc

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

validity string

A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are active, inactive, and unknown.

is_publicly_leaked boolean

A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present.

Standard: false

is_multi_repo boolean

A boolean value representing whether or not to filter alerts by the multi-repo tag being present.

Standard: false

HTTP-Antwortstatuscodes für „List secret scanning alerts for an enterprise“

StatuscodeBESCHREIBUNG
200

OK

404

Resource not found

503

Service unavailable

Codebeispiele für „List secret scanning alerts for an enterprise“

Anforderungsbeispiel

get/enterprises/{enterprise}/secret-scanning/alerts
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/secret-scanning/alerts

Response

Status: 200
[ { "number": 2, "created_at": "2020-11-06T18:48:51Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations", "state": "resolved", "resolution": "false_positive", "resolved_at": "2020-11-07T02:47:13Z", "resolved_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "secret_type": "adafruit_io_key", "secret_type_display_name": "Adafruit IO Key", "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX", "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "push_protection_bypassed_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "push_protection_bypassed": true, "push_protection_bypassed_at": "2020-11-06T21:48:51Z", "push_protection_bypass_request_reviewer": { "login": "octocat", "id": 3, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/3?", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "push_protection_bypass_request_comment": "Example comment", "push_protection_bypass_request_html_url": "https://github.com/owner/repo/secret_scanning_exemptions/1", "resolution_comment": "Example comment", "validity": "active", "publicly_leaked": false, "multi_repo": false }, { "number": 1, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1", "html_url": "https://github.com/owner/repo/security/secret-scanning/1", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations", "state": "open", "resolution": null, "resolved_at": null, "resolved_by": null, "secret_type": "mailchimp_api_key", "secret_type_display_name": "Mailchimp API Key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2", "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "push_protection_bypassed_by": null, "push_protection_bypassed": false, "push_protection_bypassed_at": null, "push_protection_bypass_request_reviewer": null, "push_protection_bypass_request_comment": null, "push_protection_bypass_request_html_url": null, "resolution_comment": null, "validity": "unknown", "publicly_leaked": false, "multi_repo": false } ]

List secret scanning alerts for an organization

Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Differenzierte Zugriffstoken für "List secret scanning alerts for an organization"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für „List secret scanning alerts for an organization“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
org string Erforderlich

The organization name. The name is not case sensitive.

Abfrageparameter
Name, type, BESCHREIBUNG
state string

Set to open or resolved to only list secret scanning alerts in a specific state.

Kann eine der Folgenden sein: open, resolved

secret_type string

A comma-separated list of secret types to return. By default all secret types are returned. See "Supported secret scanning patterns" for a complete list of secret types.

resolution string

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

sort string

The property to sort the results by. created means when the alert was created. updated means when the alert was updated or resolved.

Standard: created

Kann eine der Folgenden sein: created, updated

direction string

The direction to sort the results by.

Standard: desc

Kann eine der Folgenden sein: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string.

after string

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string.

validity string

A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are active, inactive, and unknown.

is_publicly_leaked boolean

A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present.

Standard: false

is_multi_repo boolean

A boolean value representing whether or not to filter alerts by the multi-repo tag being present.

Standard: false

HTTP-Antwortstatuscodes für „List secret scanning alerts for an organization“

StatuscodeBESCHREIBUNG
200

OK

404

Resource not found

503

Service unavailable

Codebeispiele für „List secret scanning alerts for an organization“

Anforderungsbeispiel

get/orgs/{org}/secret-scanning/alerts
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/secret-scanning/alerts

Response

Status: 200
[ { "number": 2, "created_at": "2020-11-06T18:48:51Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations", "state": "resolved", "resolution": "false_positive", "resolved_at": "2020-11-07T02:47:13Z", "resolved_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "secret_type": "adafruit_io_key", "secret_type_display_name": "Adafruit IO Key", "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX", "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "push_protection_bypassed_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "push_protection_bypassed": true, "push_protection_bypassed_at": "2020-11-06T21:48:51Z", "push_protection_bypass_request_reviewer": { "login": "octocat", "id": 3, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/3?", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "push_protection_bypass_request_comment": "Example comment", "push_protection_bypass_request_html_url": "https://github.com/owner/repo/secret_scanning_exemptions/1", "resolution_comment": "Example comment", "validity": "active", "publicly_leaked": false, "multi_repo": false }, { "number": 1, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1", "html_url": "https://github.com/owner/repo/security/secret-scanning/1", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations", "state": "open", "resolution": null, "resolved_at": null, "resolved_by": null, "secret_type": "mailchimp_api_key", "secret_type_display_name": "Mailchimp API Key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2", "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "push_protection_bypassed_by": null, "push_protection_bypassed": false, "push_protection_bypassed_at": null, "push_protection_bypass_request_reviewer": null, "push_protection_bypass_request_comment": null, "push_protection_bypass_request_html_url": null, "resolution_comment": null, "validity": "unknown", "publicly_leaked": false, "multi_repo": false } ]

List secret scanning alerts for a repository

Lists secret scanning alerts for an eligible repository, from newest to oldest.

The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Differenzierte Zugriffstoken für "List secret scanning alerts for a repository"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für „List secret scanning alerts for a repository“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Abfrageparameter
Name, type, BESCHREIBUNG
state string

Set to open or resolved to only list secret scanning alerts in a specific state.

Kann eine der Folgenden sein: open, resolved

secret_type string

A comma-separated list of secret types to return. By default all secret types are returned. See "Supported secret scanning patterns" for a complete list of secret types.

resolution string

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

sort string

The property to sort the results by. created means when the alert was created. updated means when the alert was updated or resolved.

Standard: created

Kann eine der Folgenden sein: created, updated

direction string

The direction to sort the results by.

Standard: desc

Kann eine der Folgenden sein: asc, desc

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string.

after string

A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string.

validity string

A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are active, inactive, and unknown.

is_publicly_leaked boolean

A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present.

Standard: false

is_multi_repo boolean

A boolean value representing whether or not to filter alerts by the multi-repo tag being present.

Standard: false

HTTP-Antwortstatuscodes für „List secret scanning alerts for a repository“

StatuscodeBESCHREIBUNG
200

OK

404

Repository is public or secret scanning is disabled for the repository

503

Service unavailable

Codebeispiele für „List secret scanning alerts for a repository“

Anforderungsbeispiel

get/repos/{owner}/{repo}/secret-scanning/alerts
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts

Response

Status: 200
[ { "number": 2, "created_at": "2020-11-06T18:48:51Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations", "state": "resolved", "resolution": "false_positive", "resolved_at": "2020-11-07T02:47:13Z", "resolved_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "secret_type": "adafruit_io_key", "secret_type_display_name": "Adafruit IO Key", "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX", "push_protection_bypassed_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "push_protection_bypassed": true, "push_protection_bypassed_at": "2020-11-06T21:48:51Z", "push_protection_bypass_request_reviewer": { "login": "octocat", "id": 3, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/3?", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": true }, "push_protection_bypass_request_comment": "Example comment", "push_protection_bypass_request_html_url": "https://github.com/owner/repo/secret_scanning_exemptions/1", "resolution_comment": "Example comment", "validity": "inactive", "publicly_leaked": false, "multi_repo": false }, { "number": 1, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1", "html_url": "https://github.com/owner/repo/security/secret-scanning/1", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations", "state": "open", "resolution": null, "resolved_at": null, "resolved_by": null, "secret_type": "mailchimp_api_key", "secret_type_display_name": "Mailchimp API Key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2", "push_protection_bypassed_by": null, "push_protection_bypassed": false, "push_protection_bypassed_at": null, "push_protection_bypass_request_reviewer": null, "push_protection_bypass_request_comment": null, "push_protection_bypass_request_html_url": null, "resolution_comment": null, "validity": "unknown", "publicly_leaked": false, "multi_repo": false } ]

Get a secret scanning alert

Gets a single secret scanning alert detected in an eligible repository.

The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Differenzierte Zugriffstoken für "Get a secret scanning alert"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für „Get a secret scanning alert“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer Erforderlich

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

HTTP-Antwortstatuscodes für „Get a secret scanning alert“

StatuscodeBESCHREIBUNG
200

OK

304

Not modified

404

Repository is public, or secret scanning is disabled for the repository, or the resource is not found

503

Service unavailable

Codebeispiele für „Get a secret scanning alert“

Anforderungsbeispiel

get/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER

Response

Status: 200
{ "number": 42, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations", "state": "open", "resolution": null, "resolved_at": null, "resolved_by": null, "secret_type": "mailchimp_api_key", "secret_type_display_name": "Mailchimp API Key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2", "push_protection_bypassed_by": null, "push_protection_bypassed": false, "push_protection_bypassed_at": null, "push_protection_bypass_request_reviewer": null, "push_protection_bypass_request_comment": null, "push_protection_bypass_request_html_url": null, "resolution_comment": null, "validity": "unknown", "publicly_leaked": false, "multi_repo": false }

Update a secret scanning alert

Updates the status of a secret scanning alert in an eligible repository.

The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Differenzierte Zugriffstoken für "Update a secret scanning alert"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (write)

Parameter für „Update a secret scanning alert“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer Erforderlich

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

Textparameter
Name, type, BESCHREIBUNG
state string Erforderlich

Sets the state of the secret scanning alert. You must provide resolution when you set the state to resolved.

Kann eine der Folgenden sein: open, resolved

resolution string or null

Required when the state is resolved. The reason for resolving the alert.

Kann eine der Folgenden sein: false_positive, wont_fix, revoked, used_in_tests, null

resolution_comment string or null

An optional comment when closing an alert. Cannot be updated or deleted. Must be null when changing state to open.

HTTP-Antwortstatuscodes für „Update a secret scanning alert“

StatuscodeBESCHREIBUNG
200

OK

400

Bad request, resolution comment is invalid or the resolution was not changed.

404

Repository is public, or secret scanning is disabled for the repository, or the resource is not found

422

State does not match the resolution or resolution comment

503

Service unavailable

Codebeispiele für „Update a secret scanning alert“

Anforderungsbeispiel

patch/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \ -d '{"state":"resolved","resolution":"false_positive"}'

Response

Status: 200
{ "number": 42, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations", "state": "resolved", "resolution": "used_in_tests", "resolved_at": "2020-11-16T22:42:07Z", "resolved_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "secret_type": "mailchimp_api_key", "secret_type_display_name": "Mailchimp API Key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2", "push_protection_bypassed": false, "push_protection_bypassed_by": null, "push_protection_bypassed_at": null, "push_protection_bypass_request_reviewer": null, "push_protection_bypass_request_comment": null, "push_protection_bypass_request_html_url": null, "resolution_comment": "Example comment", "validity": "unknown", "publicly_leaked": false, "multi_repo": false }

List locations for a secret scanning alert

Lists all locations for a given secret scanning alert for an eligible repository.

The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Differenzierte Zugriffstoken für "List locations for a secret scanning alert"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für „List locations for a secret scanning alert“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer Erforderlich

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

Abfrageparameter
Name, type, BESCHREIBUNG
page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

HTTP-Antwortstatuscodes für „List locations for a secret scanning alert“

StatuscodeBESCHREIBUNG
200

OK

404

Repository is public, or secret scanning is disabled for the repository, or the resource is not found

503

Service unavailable

Codebeispiele für „List locations for a secret scanning alert“

Anforderungsbeispiel

get/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER/locations

Response

Status: 200
[ { "type": "commit", "details": { "path": "/example/secrets.txt", "start_line": 1, "end_line": 1, "start_column": 1, "end_column": 64, "blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b", "blob_url": "https://api.github.com/repos/octocat/hello-world/git/blobs/af5626b4a114abcb82d63db7c8082c3c4756e51b", "commit_sha": "f14d7debf9775f957cf4f1e8176da0786431f72b", "commit_url": "https://api.github.com/repos/octocat/hello-world/git/commits/f14d7debf9775f957cf4f1e8176da0786431f72b" } }, { "type": "wiki_commit", "details": { "path": "/example/Home.md", "start_line": 1, "end_line": 1, "start_column": 1, "end_column": 64, "blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b", "page_url": "https://github.com/octocat/Hello-World/wiki/Home/302c0b7e200761c9dd9b57e57db540ee0b4293a5", "commit_sha": "302c0b7e200761c9dd9b57e57db540ee0b4293a5", "commit_url": "https://github.com/octocat/Hello-World/wiki/_compare/302c0b7e200761c9dd9b57e57db540ee0b4293a5" } }, { "type": "issue_title", "details": { "issue_title_url": "https://api.github.com/repos/octocat/Hello-World/issues/1347" } }, { "type": "issue_body", "details": { "issue_body_url": "https://api.github.com/repos/octocat/Hello-World/issues/1347" } }, { "type": "issue_comment", "details": { "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments/1081119451" } }, { "type": "discussion_title", "details": { "discussion_title_url": "https://github.com/community/community/discussions/39082" } }, { "type": "discussion_body", "details": { "discussion_body_url": "https://github.com/community/community/discussions/39082#discussion-4566270" } }, { "type": "discussion_comment", "details": { "discussion_comment_url": "https://github.com/community/community/discussions/39082#discussioncomment-4158232" } }, { "type": "pull_request_title", "details": { "pull_request_title_url": "https://api.github.com/repos/octocat/Hello-World/pulls/2846" } }, { "type": "pull_request_body", "details": { "pull_request_body_url": "https://api.github.com/repos/octocat/Hello-World/pulls/2846" } }, { "type": "pull_request_comment", "details": { "pull_request_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments/1825855898" } }, { "type": "pull_request_review", "details": { "pull_request_review_url": "https://api.github.com/repos/octocat/Hello-World/pulls/2846/reviews/80" } }, { "type": "pull_request_review_comment", "details": { "pull_request_review_comment_url": "https://api.github.com/repos/octocat/Hello-World/pulls/comments/12" } } ]

Create a push protection bypass

Creates a bypass for a previously push protected secret.

The authenticated user must be the original author of the committed secret.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

Differenzierte Zugriffstoken für "Create a push protection bypass"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Contents" repository permissions (write)

Parameter für „Create a push protection bypass“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Textparameter
Name, type, BESCHREIBUNG
reason string Erforderlich

The reason for bypassing push protection.

Kann eine der Folgenden sein: false_positive, used_in_tests, will_fix_later

placeholder_id string Erforderlich

The ID of the push protection bypass placeholder. This value is returned on any push protected routes.

HTTP-Antwortstatuscodes für „Create a push protection bypass“

StatuscodeBESCHREIBUNG
200

OK

403

User does not have enough permissions to perform this action.

404

Placeholder ID not found, or push protection is disabled on this repository.

422

Bad request, input data missing or incorrect.

503

Service unavailable

Codebeispiele für „Create a push protection bypass“

Anforderungsbeispiel

post/repos/{owner}/{repo}/secret-scanning/push-protection-bypasses
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/push-protection-bypasses \ -d '{"reason":"will_fix_later","placeholder_id":"2k4dM4tseyC5lPIsjl5emX9sPNk"}'

Response

Status: 200
{ "reason": "will_fix_later", "expire_at": "2020-11-06T18:18:30Z", "token_type": "mailchimp_api_key" }

Get secret scanning scan history for a repository

Lists the latest incremental and backfill scans by type for a repository.

OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.

Differenzierte Zugriffstoken für "Get secret scanning scan history for a repository"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für „Get secret scanning scan history for a repository“

Header
Name, type, BESCHREIBUNG
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
Name, type, BESCHREIBUNG
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

HTTP-Antwortstatuscodes für „Get secret scanning scan history for a repository“

StatuscodeBESCHREIBUNG
200

OK

404

Repository does not have GitHub Advanced Security or secret scanning enabled

503

Service unavailable

Codebeispiele für „Get secret scanning scan history for a repository“

Anforderungsbeispiel

get/repos/{owner}/{repo}/secret-scanning/scan-history
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/secret-scanning/scan-history

Response

Status: 200
{ "incremental_scans": [ { "type": "git", "status": "completed", "completed_at": "2024-10-07T02:47:00Z" } ], "backfill_scans": [ { "type": "git", "status": "completed", "started_at": "2024-10-07T02:47:00Z", "completed_at": "2024-10-07T02:50:00Z" }, { "type": "issue", "status": "completed", "started_at": "2024-10-07T02:47:00Z", "completed_at": "2024-10-07T02:49:00Z" }, { "type": "discussion", "status": "completed", "started_at": "2024-10-07T02:47:00Z", "completed_at": "2024-10-07T02:48:00Z" } ], "pattern_update_scans": [ { "type": "discussion", "status": "in_progress", "started_at": "2024-10-07T02:47:00Z", "completed_at": "2024-10-07T02:51:00Z" } ], "custom_pattern_backfill_scans": [ { "type": "git", "status": "completed", "started_at": "2024-10-07T02:47:00Z", "completed_at": "2024-10-07T02:55:00Z", "pattern_slug": "my-custom-pattern", "pattern_scope": "enterprise" }, { "type": "git", "status": "completed", "started_at": "2024-10-07T02:47:00Z", "completed_at": "2024-10-07T02:55:00Z", "pattern_slug": "my-custom-pattern", "pattern_scope": "organization" } ] }