Análisis de secretos

Usa la API REST para recuperar y actualizar las alertas de secretos de un repositorio.

Nota: Los puntos de conexión para administrar secret scanning se encuentran actualmente en versión beta y están sujetos a cambios.

Acerca del examen de secretos

Puedes usar la API para:

Habilitar o deshabilitar secret scanning e insertar protección para un repositorio. Para más información, consulta "Repositorios" y expande la sección "Propiedades del objeto security_and_analysis" en la documentación de la API REST.
Recuperar y actualizar alertas de examen de secretos de un repositorio. Para obtener más detalles, vea las secciones siguientes.

Para más información sobre secret scanning, consulta "Acerca del examen de secretos".

List secret scanning alerts for an enterprise

Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest. To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.

Parámetros para "List secret scanning alerts for an enterprise"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.
Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`enterprise` string Requerido The slug version of the enterprise name. You can also substitute this value with the enterprise id.
Parámetros de consulta
Nombre, Tipo, Descripción
`state` string Set to `open` or `resolved` to only list secret scanning alerts in a specific state. Puede ser uno de los siguientes: `open`, `resolved`
`secret_type` string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.
`resolution` string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are `false_positive`, `wont_fix`, `revoked`, `pattern_edited`, `pattern_deleted` or `used_in_tests`.
`per_page` integer The number of results per page (max 100). Valor predeterminado: `30`
`before` string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.
`after` string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.

Códigos de estado de respuesta HTTP para "List secret scanning alerts for an enterprise"

status code	Descripción
`200`	OK
`404`	Resource not found
`503`	Service unavailable

Ejemplos de código para "List secret scanning alerts for an enterprise"

get/enterprises/{enterprise}/secret-scanning/alerts

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/secret-scanning/alerts

Response

Status: 200

[
  {
    "number": 2,
    "created_at": "2020-11-06T18:48:51Z",
    "url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
    "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
    "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
    "state": "resolved",
    "resolution": "false_positive",
    "resolved_at": "2020-11-07T02:47:13Z",
    "resolved_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://HOSTNAME/users/monalisa/followers",
      "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
      "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
      "repos_url": "https://HOSTNAME/users/monalisa/repos",
      "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "secret_type": "adafruit_io_key",
    "secret_type_display_name": "Adafruit IO Key",
    "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://HOSTNAME/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://HOSTNAME/users/octocat/followers",
        "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
        "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
        "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
        "organizations_url": "https://HOSTNAME/users/octocat/orgs",
        "repos_url": "https://HOSTNAME/users/octocat/repos",
        "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
        "received_events_url": "https://HOSTNAME/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://HOSTNAME/repos/octocat/Hello-World",
      "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
      "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
      "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
      "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
      "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
      "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
      "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
      "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
    },
    "push_protection_bypassed_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://HOSTNAME/users/monalisa/followers",
      "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
      "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
      "repos_url": "https://HOSTNAME/users/monalisa/repos",
      "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "push_protection_bypassed": true,
    "push_protection_bypassed_at": "2020-11-06T21:48:51Z"
  },
  {
    "number": 1,
    "created_at": "2020-11-06T18:18:30Z",
    "url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
    "html_url": "https://github.com/owner/repo/security/secret-scanning/1",
    "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
    "state": "open",
    "resolution": null,
    "resolved_at": null,
    "resolved_by": null,
    "secret_type": "mailchimp_api_key",
    "secret_type_display_name": "Mailchimp API Key",
    "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://HOSTNAME/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://HOSTNAME/users/octocat/followers",
        "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
        "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
        "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
        "organizations_url": "https://HOSTNAME/users/octocat/orgs",
        "repos_url": "https://HOSTNAME/users/octocat/repos",
        "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
        "received_events_url": "https://HOSTNAME/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://HOSTNAME/repos/octocat/Hello-World",
      "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
      "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
      "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
      "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
      "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
      "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
      "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
      "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
    },
    "push_protection_bypassed_by": null,
    "push_protection_bypassed": false,
    "push_protection_bypassed_at": null
  }
]

List secret scanning alerts for an organization

Funciona con GitHub Apps

Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest. To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

Parámetros para "List secret scanning alerts for an organization"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.
Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`org` string Requerido The organization name. The name is not case sensitive.
Parámetros de consulta
Nombre, Tipo, Descripción
`state` string Set to `open` or `resolved` to only list secret scanning alerts in a specific state. Puede ser uno de los siguientes: `open`, `resolved`
`secret_type` string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.
`resolution` string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are `false_positive`, `wont_fix`, `revoked`, `pattern_edited`, `pattern_deleted` or `used_in_tests`.
`page` integer Page number of the results to fetch. Valor predeterminado: `1`
`per_page` integer The number of results per page (max 100). Valor predeterminado: `30`

Códigos de estado de respuesta HTTP para "List secret scanning alerts for an organization"

status code	Descripción
`200`	OK
`404`	Resource not found
`503`	Service unavailable

Ejemplos de código para "List secret scanning alerts for an organization"

get/orgs/{org}/secret-scanning/alerts

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/orgs/ORG/secret-scanning/alerts

Response

Status: 200

[
  {
    "number": 2,
    "created_at": "2020-11-06T18:48:51Z",
    "url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
    "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
    "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
    "state": "resolved",
    "resolution": "false_positive",
    "resolved_at": "2020-11-07T02:47:13Z",
    "resolved_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://HOSTNAME/users/monalisa/followers",
      "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
      "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
      "repos_url": "https://HOSTNAME/users/monalisa/repos",
      "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "secret_type": "adafruit_io_key",
    "secret_type_display_name": "Adafruit IO Key",
    "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://HOSTNAME/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://HOSTNAME/users/octocat/followers",
        "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
        "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
        "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
        "organizations_url": "https://HOSTNAME/users/octocat/orgs",
        "repos_url": "https://HOSTNAME/users/octocat/repos",
        "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
        "received_events_url": "https://HOSTNAME/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://HOSTNAME/repos/octocat/Hello-World",
      "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
      "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
      "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
      "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
      "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
      "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
      "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
      "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
    },
    "push_protection_bypassed_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://HOSTNAME/users/monalisa/followers",
      "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
      "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
      "repos_url": "https://HOSTNAME/users/monalisa/repos",
      "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "push_protection_bypassed": true,
    "push_protection_bypassed_at": "2020-11-06T21:48:51Z"
  },
  {
    "number": 1,
    "created_at": "2020-11-06T18:18:30Z",
    "url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
    "html_url": "https://github.com/owner/repo/security/secret-scanning/1",
    "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
    "state": "open",
    "resolution": null,
    "resolved_at": null,
    "resolved_by": null,
    "secret_type": "mailchimp_api_key",
    "secret_type_display_name": "Mailchimp API Key",
    "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://HOSTNAME/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://HOSTNAME/users/octocat/followers",
        "following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
        "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
        "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
        "organizations_url": "https://HOSTNAME/users/octocat/orgs",
        "repos_url": "https://HOSTNAME/users/octocat/repos",
        "events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
        "received_events_url": "https://HOSTNAME/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://HOSTNAME/repos/octocat/Hello-World",
      "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
      "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
      "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
      "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
      "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
      "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
      "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
      "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
    },
    "push_protection_bypassed_by": null,
    "push_protection_bypassed": false,
    "push_protection_bypassed_at": null
  }
]

List secret scanning alerts for a repository

Funciona con GitHub Apps

Lists secret scanning alerts for an eligible repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

Parámetros para "List secret scanning alerts for a repository"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.
Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository. The name is not case sensitive.
Parámetros de consulta
Nombre, Tipo, Descripción
`state` string Set to `open` or `resolved` to only list secret scanning alerts in a specific state. Puede ser uno de los siguientes: `open`, `resolved`
`secret_type` string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.
`resolution` string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are `false_positive`, `wont_fix`, `revoked`, `pattern_edited`, `pattern_deleted` or `used_in_tests`.
`page` integer Page number of the results to fetch. Valor predeterminado: `1`
`per_page` integer The number of results per page (max 100). Valor predeterminado: `30`

Códigos de estado de respuesta HTTP para "List secret scanning alerts for a repository"

status code	Descripción
`200`	OK
`404`	Repository is public or secret scanning is disabled for the repository
`503`	Service unavailable

Ejemplos de código para "List secret scanning alerts for a repository"

get/repos/{owner}/{repo}/secret-scanning/alerts

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts

Response

Status: 200

[
  {
    "number": 2,
    "created_at": "2020-11-06T18:48:51Z",
    "url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
    "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
    "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
    "state": "resolved",
    "resolution": "false_positive",
    "resolved_at": "2020-11-07T02:47:13Z",
    "resolved_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://HOSTNAME/users/monalisa/followers",
      "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
      "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
      "repos_url": "https://HOSTNAME/users/monalisa/repos",
      "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "secret_type": "adafruit_io_key",
    "secret_type_display_name": "Adafruit IO Key",
    "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "push_protection_bypassed_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://HOSTNAME/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://HOSTNAME/users/monalisa/followers",
      "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
      "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
      "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
      "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
      "repos_url": "https://HOSTNAME/users/monalisa/repos",
      "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
      "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "push_protection_bypassed": true,
    "push_protection_bypassed_at": "2020-11-06T21:48:51Z"
  },
  {
    "number": 1,
    "created_at": "2020-11-06T18:18:30Z",
    "url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
    "html_url": "https://github.com/owner/repo/security/secret-scanning/1",
    "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
    "state": "open",
    "resolution": null,
    "resolved_at": null,
    "resolved_by": null,
    "secret_type": "mailchimp_api_key",
    "secret_type_display_name": "Mailchimp API Key",
    "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
    "push_protection_bypassed_by": null,
    "push_protection_bypassed": false,
    "push_protection_bypassed_at": null
  }
]

Get a secret scanning alert

Funciona con GitHub Apps

Gets a single secret scanning alert detected in an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

Parámetros para "Get a secret scanning alert"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.
Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository. The name is not case sensitive.
`alert_number` integer Requerido The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the `number` field in the response from the `GET /repos/{owner}/{repo}/code-scanning/alerts` operation.

Códigos de estado de respuesta HTTP para "Get a secret scanning alert"

status code	Descripción
`200`	OK
`304`	Not modified
`404`	Repository is public, or secret scanning is disabled for the repository, or the resource is not found
`503`	Service unavailable

Ejemplos de código para "Get a secret scanning alert"

get/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER

Response

Status: 200

{
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42/locations",
  "state": "open",
  "secret_type": "mailchimp_api_key",
  "secret_type_display_name": "Mailchimp API Key",
  "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}

Update a secret scanning alert

Funciona con GitHub Apps

Updates the status of a secret scanning alert in an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint.

Parámetros para "Update a secret scanning alert"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.
Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository. The name is not case sensitive.
`alert_number` integer Requerido The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the `number` field in the response from the `GET /repos/{owner}/{repo}/code-scanning/alerts` operation.
Parámetros del cuerpo
Nombre, Tipo, Descripción
`state` string Requerido Sets the state of the secret scanning alert. You must provide `resolution` when you set the state to `resolved`. Puede ser uno de los siguientes: `open`, `resolved`
`resolution` string or null Required when the `state` is `resolved`. The reason for resolving the alert. Puede ser uno de los siguientes: `false_positive`, `wont_fix`, `revoked`, `used_in_tests`, `null`

Códigos de estado de respuesta HTTP para "Update a secret scanning alert"

status code	Descripción
`200`	OK
`404`	Repository is public, or secret scanning is disabled for the repository, or the resource is not found
`422`	State does not match the resolution
`503`	Service unavailable

Ejemplos de código para "Update a secret scanning alert"

patch/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}

curl -L \
  -X PATCH \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
  -d '{"state":"resolved","resolution":"false_positive"}'

Response

Status: 200

{
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42/locations",
  "state": "resolved",
  "resolution": "used_in_tests",
  "resolved_at": "2020-11-16T22:42:07Z",
  "resolved_by": {
    "login": "monalisa",
    "id": 2,
    "node_id": "MDQ6VXNlcjI=",
    "avatar_url": "https://alambic.github.com/avatars/u/2?",
    "gravatar_id": "",
    "url": "https://HOSTNAME/users/monalisa",
    "html_url": "https://github.com/monalisa",
    "followers_url": "https://HOSTNAME/users/monalisa/followers",
    "following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
    "gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
    "starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
    "subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
    "organizations_url": "https://HOSTNAME/users/monalisa/orgs",
    "repos_url": "https://HOSTNAME/users/monalisa/repos",
    "events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
    "received_events_url": "https://HOSTNAME/users/monalisa/received_events",
    "type": "User",
    "site_admin": true
  },
  "secret_type": "mailchimp_api_key",
  "secret_type_display_name": "Mailchimp API Key",
  "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}

List locations for a secret scanning alert

Funciona con GitHub Apps

Lists all locations for a given secret scanning alert for an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope. For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

Parámetros para "List locations for a secret scanning alert"

Encabezados
Nombre, Tipo, Descripción
`accept` string Setting to `application/vnd.github+json` is recommended.
Parámetros de la ruta de acceso
Nombre, Tipo, Descripción
`owner` string Requerido The account owner of the repository. The name is not case sensitive.
`repo` string Requerido The name of the repository. The name is not case sensitive.
`alert_number` integer Requerido The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the `number` field in the response from the `GET /repos/{owner}/{repo}/code-scanning/alerts` operation.
Parámetros de consulta
Nombre, Tipo, Descripción
`page` integer Page number of the results to fetch. Valor predeterminado: `1`
`per_page` integer The number of results per page (max 100). Valor predeterminado: `30`

Códigos de estado de respuesta HTTP para "List locations for a secret scanning alert"

status code	Descripción
`200`	OK
`404`	Repository is public, or secret scanning is disabled for the repository, or the resource is not found
`503`	Service unavailable

Ejemplos de código para "List locations for a secret scanning alert"

get/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER/locations

Response

Status: 200

[
  {
    "type": "commit",
    "details": {
      "path": "/example/secrets.txt",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 64,
      "blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b",
      "blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/af5626b4a114abcb82d63db7c8082c3c4756e51b",
      "commit_sha": "f14d7debf9775f957cf4f1e8176da0786431f72b",
      "commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/f14d7debf9775f957cf4f1e8176da0786431f72b"
    }
  },
  {
    "type": "commit",
    "details": {
      "path": "/example/secrets.txt",
      "start_line": 5,
      "end_line": 5,
      "start_column": 1,
      "end_column": 64,
      "blob_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
      "blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/9def38117ab2d8355b982429aa924e268b4b0065",
      "commit_sha": "588483b99a46342501d99e3f10630cfc1219ea32",
      "commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/588483b99a46342501d99e3f10630cfc1219ea32"
    }
  },
  {
    "type": "commit",
    "details": {
      "path": "/example/secrets.txt",
      "start_line": 12,
      "end_line": 12,
      "start_column": 1,
      "end_column": 64,
      "blob_sha": "0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
      "blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
      "commit_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
      "commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/9def38117ab2d8355b982429aa924e268b4b0065"
    }
  }
]