Análisis de secretos
Usa la API REST para recuperar y actualizar las alertas de secretos de un repositorio.
Nota: Los puntos de conexión para administrar secret scanning se encuentran actualmente en versión beta y están sujetos a cambios.
Acerca del examen de secretos
Puedes usar la API para:
- Habilitar o deshabilitar secret scanning e insertar protección para un repositorio. Para más información, consulta "Repositorios" y expande la sección "Propiedades del objeto
security_and_analysis
" en la documentación de la API REST. - Recuperar y actualizar alertas de examen de secretos de un repositorio. Para obtener más detalles, vea las secciones siguientes.
Para más información sobre secret scanning, consulta "Acerca del examen de secretos".
List secret scanning alerts for an enterprise
Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo
scope or security_events
scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.
Parámetros para "List secret scanning alerts for an enterprise"
Encabezados |
---|
Nombre, Tipo, Descripción |
accept string Setting to |
Parámetros de la ruta de acceso |
Nombre, Tipo, Descripción |
enterprise string RequeridoThe slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Parámetros de consulta |
Nombre, Tipo, Descripción |
state string Set to Puede ser uno de los siguientes: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
per_page integer The number of results per page (max 100). Valor predeterminado: |
before string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. |
after string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. |
Códigos de estado de respuesta HTTP para "List secret scanning alerts for an enterprise"
status code | Descripción |
---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Ejemplos de código para "List secret scanning alerts for an enterprise"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
List secret scanning alerts for an organization
Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parámetros para "List secret scanning alerts for an organization"
Encabezados |
---|
Nombre, Tipo, Descripción |
accept string Setting to |
Parámetros de la ruta de acceso |
Nombre, Tipo, Descripción |
org string RequeridoThe organization name. The name is not case sensitive. |
Parámetros de consulta |
Nombre, Tipo, Descripción |
state string Set to Puede ser uno de los siguientes: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
page integer Page number of the results to fetch. Valor predeterminado: |
per_page integer The number of results per page (max 100). Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List secret scanning alerts for an organization"
status code | Descripción |
---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Ejemplos de código para "List secret scanning alerts for an organization"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/orgs/ORG/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
List secret scanning alerts for a repository
Lists secret scanning alerts for an eligible repository, from newest to oldest.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parámetros para "List secret scanning alerts for a repository"
Encabezados |
---|
Nombre, Tipo, Descripción |
accept string Setting to |
Parámetros de la ruta de acceso |
Nombre, Tipo, Descripción |
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository. The name is not case sensitive. |
Parámetros de consulta |
Nombre, Tipo, Descripción |
state string Set to Puede ser uno de los siguientes: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
page integer Page number of the results to fetch. Valor predeterminado: |
per_page integer The number of results per page (max 100). Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List secret scanning alerts for a repository"
status code | Descripción |
---|---|
200 | OK |
404 | Repository is public or secret scanning is disabled for the repository |
503 | Service unavailable |
Ejemplos de código para "List secret scanning alerts for a repository"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
Get a secret scanning alert
Gets a single secret scanning alert detected in an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parámetros para "Get a secret scanning alert"
Encabezados |
---|
Nombre, Tipo, Descripción |
accept string Setting to |
Parámetros de la ruta de acceso |
Nombre, Tipo, Descripción |
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository. The name is not case sensitive. |
alert_number integer RequeridoThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Códigos de estado de respuesta HTTP para "Get a secret scanning alert"
status code | Descripción |
---|---|
200 | OK |
304 | Not modified |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Ejemplos de código para "Get a secret scanning alert"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "open",
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}
Update a secret scanning alert
Updates the status of a secret scanning alert in an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
write permission to use this endpoint.
Parámetros para "Update a secret scanning alert"
Encabezados |
---|
Nombre, Tipo, Descripción |
accept string Setting to |
Parámetros de la ruta de acceso |
Nombre, Tipo, Descripción |
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository. The name is not case sensitive. |
alert_number integer RequeridoThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Parámetros del cuerpo |
Nombre, Tipo, Descripción |
state string RequeridoSets the state of the secret scanning alert. You must provide Puede ser uno de los siguientes: |
resolution string or null Required when the Puede ser uno de los siguientes: |
Códigos de estado de respuesta HTTP para "Update a secret scanning alert"
status code | Descripción |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
422 | State does not match the resolution |
503 | Service unavailable |
Ejemplos de código para "Update a secret scanning alert"
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
-d '{"state":"resolved","resolution":"false_positive"}'
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "resolved",
"resolution": "used_in_tests",
"resolved_at": "2020-11-16T22:42:07Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}
List locations for a secret scanning alert
Lists all locations for a given secret scanning alert for an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parámetros para "List locations for a secret scanning alert"
Encabezados |
---|
Nombre, Tipo, Descripción |
accept string Setting to |
Parámetros de la ruta de acceso |
Nombre, Tipo, Descripción |
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository. The name is not case sensitive. |
alert_number integer RequeridoThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Parámetros de consulta |
Nombre, Tipo, Descripción |
page integer Page number of the results to fetch. Valor predeterminado: |
per_page integer The number of results per page (max 100). Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List locations for a secret scanning alert"
status code | Descripción |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Ejemplos de código para "List locations for a secret scanning alert"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER/locations
Response
Status: 200
[
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 1,
"end_line": 1,
"start_column": 1,
"end_column": 64,
"blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b",
"blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/af5626b4a114abcb82d63db7c8082c3c4756e51b",
"commit_sha": "f14d7debf9775f957cf4f1e8176da0786431f72b",
"commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/f14d7debf9775f957cf4f1e8176da0786431f72b"
}
},
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 5,
"end_line": 5,
"start_column": 1,
"end_column": 64,
"blob_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
"blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/9def38117ab2d8355b982429aa924e268b4b0065",
"commit_sha": "588483b99a46342501d99e3f10630cfc1219ea32",
"commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/588483b99a46342501d99e3f10630cfc1219ea32"
}
},
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 12,
"end_line": 12,
"start_column": 1,
"end_column": 64,
"blob_sha": "0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
"blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
"commit_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
"commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/9def38117ab2d8355b982429aa924e268b4b0065"
}
}
]