Configurations
Utilisez l’API REST pour créer et gérer des configurations de sécurité pour votre organisation.
Get code security configurations for an organization
Lists all code security configurations available in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Get code security configurations for an organization »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Get code security configurations for an organization »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
Nom, Type, Description |
---|
target_type string The target type of the code security configuration Default: Peut être: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
before string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API." |
after string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API." |
Codes d’état de la réponse HTTP pour « Get code security configurations for an organization »
Code d’état | Description |
---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Exemples de code pour « Get code security configurations for an organization »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations
Response
Status: 200
[
{
"id": 17,
"target_type": "global",
"name": "GitHub recommended",
"description": "Suggested settings for Dependabot, secret scanning, and code scanning.",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "not_set",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "enabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "enabled",
"secret_scanning_delegated_bypass": "enabled",
"secret_scanning_delegated_bypass_options": {
"reviewers": [
{
"security_configuration_id": 17,
"reviewer_id": 5678,
"reviewer_type": "TEAM"
}
]
},
"secret_scanning_validity_checks": "enabled",
"secret_scanning_non_provider_patterns": "enabled",
"private_vulnerability_reporting": "enabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/17",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view",
"created_at": "2023-12-04T15:58:07Z",
"updated_at": "2023-12-04T15:58:07Z"
},
{
"id": 1326,
"target_type": "organization",
"name": "High risk settings",
"description": "This is a code security configuration for octo-org high risk repositories",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "enabled",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "enabled",
"code_scanning_default_setup": "enabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "enabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"secret_scanning_non_provider_patterns": "disabled",
"private_vulnerability_reporting": "enabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326",
"created_at": "2024-05-10T00:00:00Z",
"updated_at": "2024-05-10T00:00:00Z"
}
]
Create a code security configuration
Creates a code security configuration in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Create a code security configuration »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Create a code security configuration »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
Nom, Type, Description | ||||||
---|---|---|---|---|---|---|
name string ObligatoireThe name of the code security configuration. Must be unique within the organization. | ||||||
description string ObligatoireA description of the code security configuration | ||||||
advanced_security string The enablement status of GitHub Advanced Security Default: Peut être: | ||||||
dependency_graph string The enablement status of Dependency Graph Default: Peut être: | ||||||
dependency_graph_autosubmit_action string The enablement status of Automatic dependency submission Default: Peut être: | ||||||
dependency_graph_autosubmit_action_options object Feature options for Automatic dependency submission | ||||||
Properties of |
Nom, Type, Description |
---|
labeled_runners boolean Whether to use runners labeled with 'dependency-submission' or standard GitHub runners. Default: |
dependabot_alerts
string The enablement status of Dependabot alerts
Default: disabled
Peut être: enabled
, disabled
, not_set
dependabot_security_updates
string The enablement status of Dependabot security updates
Default: disabled
Peut être: enabled
, disabled
, not_set
code_scanning_default_setup
string The enablement status of code scanning default setup
Default: disabled
Peut être: enabled
, disabled
, not_set
secret_scanning
string The enablement status of secret scanning
Default: disabled
Peut être: enabled
, disabled
, not_set
secret_scanning_push_protection
string The enablement status of secret scanning push protection
Default: disabled
Peut être: enabled
, disabled
, not_set
secret_scanning_delegated_bypass
string The enablement status of secret scanning delegated bypass
Default: disabled
Peut être: enabled
, disabled
, not_set
secret_scanning_delegated_bypass_options
object Feature options for secret scanning delegated bypass
Properties of secret_scanning_delegated_bypass_options
Nom, Type, Description | |||
---|---|---|---|
reviewers array of objects The bypass reviewers for secret scanning delegated bypass | |||
Properties of |
Nom, Type, Description |
---|
reviewer_id integer ObligatoireThe ID of the team or role selected as a bypass reviewer |
reviewer_type string ObligatoireThe type of the bypass reviewer Peut être: |
secret_scanning_validity_checks
string The enablement status of secret scanning validity checks
Default: disabled
Peut être: enabled
, disabled
, not_set
secret_scanning_non_provider_patterns
string The enablement status of secret scanning non provider patterns
Default: disabled
Peut être: enabled
, disabled
, not_set
private_vulnerability_reporting
string The enablement status of private vulnerability reporting
Default: disabled
Peut être: enabled
, disabled
, not_set
enforcement
string The enforcement status for a security configuration
Default: enforced
Peut être: enforced
, unenforced
Codes d’état de la réponse HTTP pour « Create a code security configuration »
Code d’état | Description |
---|---|
201 | Successfully created code security configuration |
Exemples de code pour « Create a code security configuration »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations \
-d '{"name":"octo-org recommended settings","description":"This is a code security configuration for octo-org","advanced_security":"enabled","dependabot_alerts":"enabled","dependabot_security_updates":"not_set","secret_scanning":"enabled"}'
Successfully created code security configuration
Status: 201
{
"id": 1325,
"target_type": "organization",
"name": "octo-org recommended settings",
"description": "This is a code security configuration for octo-org",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "enabled",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "disabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "disabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"secret_scanning_non_provider_patterns": "disabled",
"private_vulnerability_reporting": "disabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325",
"created_at": "2024-05-01T00:00:00Z",
"updated_at": "2024-05-01T00:00:00Z"
}
Get default code security configurations
Lists the default code security configurations for an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Get default code security configurations »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Get default code security configurations »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
Codes d’état de la réponse HTTP pour « Get default code security configurations »
Code d’état | Description |
---|---|
200 | OK |
304 | Not modified |
403 | Forbidden |
404 | Resource not found |
Exemples de code pour « Get default code security configurations »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/defaults
Response
Status: 200
[
{
"default_for_new_repos": "public",
"configuration": {
"id": 1325,
"target_type": "organization",
"name": "octo-org recommended settings",
"description": "This is a code security configuration for octo-org",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "not_set",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "enabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "enabled",
"secret_scanning_delegated_bypass": "enabled",
"secret_scanning_delegated_bypass_options": {
"reviewers": [
{
"security_configuration_id": 1325,
"reviewer_id": 5678,
"reviewer_type": "TEAM"
}
]
},
"secret_scanning_validity_checks": "enabled",
"secret_scanning_non_provider_patterns": "enabled",
"private_vulnerability_reporting": "enabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325",
"created_at": "2024-05-01T00:00:00Z",
"updated_at": "2024-05-01T00:00:00Z"
}
},
{
"default_for_new_repos": "private_and_internal",
"configuration": {
"id": 17,
"target_type": "global",
"name": "GitHub recommended",
"description": "Suggested settings for Dependabot, secret scanning, and code scanning.",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "not_set",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "enabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "enabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"private_vulnerability_reporting": "enabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/17",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view",
"created_at": "2023-12-04T15:58:07Z",
"updated_at": "2023-12-04T15:58:07Z"
}
}
]
Detach configurations from repositories
Detach code security configuration(s) from a set of repositories. Repositories will retain their settings but will no longer be associated with the configuration.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Detach configurations from repositories »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Detach configurations from repositories »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
Nom, Type, Description |
---|
selected_repository_ids array of integers An array of repository IDs to detach from configurations. |
Codes d’état de la réponse HTTP pour « Detach configurations from repositories »
Code d’état | Description |
---|---|
204 | A header with no content is returned. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
409 | Conflict |
Exemples de code pour « Detach configurations from repositories »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/detach \
-d '{"selected_repository_ids":[32,91]}'
A header with no content is returned.
Status: 204
Get a code security configuration
Gets a code security configuration available in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Get a code security configuration »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Get a code security configuration »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
configuration_id integer ObligatoireThe unique identifier of the code security configuration. |
Codes d’état de la réponse HTTP pour « Get a code security configuration »
Code d’état | Description |
---|---|
200 | OK |
304 | Not modified |
403 | Forbidden |
404 | Resource not found |
Exemples de code pour « Get a code security configuration »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID
Response
Status: 200
{
"id": 1325,
"target_type": "organization",
"name": "octo-org recommended settings",
"description": "This is a code security configuration for octo-org",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "enabled",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "disabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "disabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"secret_scanning_non_provider_patterns": "disabled",
"private_vulnerability_reporting": "disabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325",
"created_at": "2024-05-01T00:00:00Z",
"updated_at": "2024-05-01T00:00:00Z"
}
Update a code security configuration
Updates a code security configuration in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Update a code security configuration »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Update a code security configuration »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
configuration_id integer ObligatoireThe unique identifier of the code security configuration. |
Nom, Type, Description | ||||||
---|---|---|---|---|---|---|
name string The name of the code security configuration. Must be unique within the organization. | ||||||
description string A description of the code security configuration | ||||||
advanced_security string The enablement status of GitHub Advanced Security Peut être: | ||||||
dependency_graph string The enablement status of Dependency Graph Peut être: | ||||||
dependency_graph_autosubmit_action string The enablement status of Automatic dependency submission Peut être: | ||||||
dependency_graph_autosubmit_action_options object Feature options for Automatic dependency submission | ||||||
Properties of |
Nom, Type, Description |
---|
labeled_runners boolean Whether to use runners labeled with 'dependency-submission' or standard GitHub runners. |
dependabot_alerts
string The enablement status of Dependabot alerts
Peut être: enabled
, disabled
, not_set
dependabot_security_updates
string The enablement status of Dependabot security updates
Peut être: enabled
, disabled
, not_set
code_scanning_default_setup
string The enablement status of code scanning default setup
Peut être: enabled
, disabled
, not_set
secret_scanning
string The enablement status of secret scanning
Peut être: enabled
, disabled
, not_set
secret_scanning_push_protection
string The enablement status of secret scanning push protection
Peut être: enabled
, disabled
, not_set
secret_scanning_delegated_bypass
string The enablement status of secret scanning delegated bypass
Peut être: enabled
, disabled
, not_set
secret_scanning_delegated_bypass_options
object Feature options for secret scanning delegated bypass
Properties of secret_scanning_delegated_bypass_options
Nom, Type, Description | |||
---|---|---|---|
reviewers array of objects The bypass reviewers for secret scanning delegated bypass | |||
Properties of |
Nom, Type, Description |
---|
reviewer_id integer ObligatoireThe ID of the team or role selected as a bypass reviewer |
reviewer_type string ObligatoireThe type of the bypass reviewer Peut être: |
secret_scanning_validity_checks
string The enablement status of secret scanning validity checks
Peut être: enabled
, disabled
, not_set
secret_scanning_non_provider_patterns
string The enablement status of secret scanning non-provider patterns
Peut être: enabled
, disabled
, not_set
private_vulnerability_reporting
string The enablement status of private vulnerability reporting
Peut être: enabled
, disabled
, not_set
enforcement
string The enforcement status for a security configuration
Peut être: enforced
, unenforced
Codes d’état de la réponse HTTP pour « Update a code security configuration »
Code d’état | Description |
---|---|
200 | Response when a configuration is updated |
204 | Response when no new updates are made |
Exemples de code pour « Update a code security configuration »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID \
-d '{"name":"octo-org recommended settings v2","secret_scanning":"disabled","code_scanning_default_setup":"enabled"}'
Response when a configuration is updated
Status: 200
{
"id": 1325,
"target_type": "organization",
"name": "octo-org recommended settings v2",
"description": "This is a code security configuration for octo-org",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "enabled",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "enabled",
"secret_scanning": "disabled",
"secret_scanning_push_protection": "disabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"secret_scanning_non_provider_patterns": "disabled",
"private_vulnerability_reporting": "disabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325",
"created_at": "2024-05-01T00:00:00Z",
"updated_at": "2024-05-01T00:00:00Z"
}
Delete a code security configuration
Deletes the desired code security configuration from an organization. Repositories attached to the configuration will retain their settings but will no longer be associated with the configuration.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Delete a code security configuration »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Delete a code security configuration »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
configuration_id integer ObligatoireThe unique identifier of the code security configuration. |
Codes d’état de la réponse HTTP pour « Delete a code security configuration »
Code d’état | Description |
---|---|
204 | A header with no content is returned. |
400 | Bad Request |
403 | Forbidden |
404 | Resource not found |
409 | Conflict |
Exemples de code pour « Delete a code security configuration »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID
A header with no content is returned.
Status: 204
Attach a configuration to repositories
Attach a code security configuration to a set of repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.
If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Attach a configuration to repositories »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Attach a configuration to repositories »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
configuration_id integer ObligatoireThe unique identifier of the code security configuration. |
Nom, Type, Description |
---|
scope string ObligatoireThe type of repositories to attach the configuration to. Peut être: |
selected_repository_ids array of integers An array of repository IDs to attach the configuration to. You can only provide a list of repository ids when the |
Codes d’état de la réponse HTTP pour « Attach a configuration to repositories »
Code d’état | Description |
---|---|
202 | Accepted |
Exemples de code pour « Attach a configuration to repositories »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/attach \
-d '{"scope":"selected","selected_repository_ids":[32,91]}'
Accepted
Status: 202
Set a code security configuration as a default for an organization
Sets a code security configuration as a default to be applied to new repositories in your organization.
This configuration will be applied to the matching repository type (all, none, public, private and internal) by default when they are created.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Set a code security configuration as a default for an organization »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Set a code security configuration as a default for an organization »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
configuration_id integer ObligatoireThe unique identifier of the code security configuration. |
Nom, Type, Description |
---|
default_for_new_repos string Specify which types of repository this security configuration should be applied to by default. Peut être: |
Codes d’état de la réponse HTTP pour « Set a code security configuration as a default for an organization »
Code d’état | Description |
---|---|
200 | Default successfully changed. |
403 | Forbidden |
404 | Resource not found |
Exemples de code pour « Set a code security configuration as a default for an organization »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-X PUT \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/defaults \
-d '{"default_for_new_repos":"all"}'
Default successfully changed.
Status: 200
{
"default_for_new_repos": "all",
"configuration": {
"value": {
"id": 1325,
"target_type": "organization",
"name": "octo-org recommended settings",
"description": "This is a code security configuration for octo-org",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "enabled",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "disabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "disabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"secret_scanning_non_provider_patterns": "disabled",
"private_vulnerability_reporting": "disabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325",
"created_at": "2024-05-01T00:00:00Z",
"updated_at": "2024-05-01T00:00:00Z"
}
}
}
Get repositories associated with a code security configuration
Lists the repositories associated with a code security configuration in an organization.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the write:org
scope to use this endpoint.
Jetons d’accès affinés pour « Get repositories associated with a code security configuration »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" organization permissions (write)
Paramètres pour « Get repositories associated with a code security configuration »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
org string ObligatoireThe organization name. The name is not case sensitive. |
configuration_id integer ObligatoireThe unique identifier of the code security configuration. |
Nom, Type, Description |
---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Default: |
before string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API." |
after string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API." |
status string A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned. Can be: Default: |
Codes d’état de la réponse HTTP pour « Get repositories associated with a code security configuration »
Code d’état | Description |
---|---|
200 | OK |
403 | Forbidden |
404 | Resource not found |
Exemples de code pour « Get repositories associated with a code security configuration »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/repositories
Example of code security configuration repositories
Status: 200
[
{
"status": "attached",
"repository": {
"value": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks"
}
}
}
]
Get the code security configuration associated with a repository
Get the code security configuration that manages a repository's code security settings.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo
scope to use this endpoint.
Jetons d’accès affinés pour « Get the code security configuration associated with a repository »
Ce point de terminaison fonctionne avec les types de jetons précis suivants:
- Jetons d’accès utilisateur d’application GitHub
- Jetons d’accès d’installation d’application GitHub
- Jetons d’accès personnel affiné
Le jeton précis doit avoir l’ensemble d’autorisations suivant:
- "Administration" repository permissions (read)
Paramètres pour « Get the code security configuration associated with a repository »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
owner string ObligatoireThe account owner of the repository. The name is not case sensitive. |
repo string ObligatoireThe name of the repository without the |
Codes d’état de la réponse HTTP pour « Get the code security configuration associated with a repository »
Code d’état | Description |
---|---|
200 | OK |
204 | A header with no content is returned. |
304 | Not modified |
403 | Forbidden |
404 | Resource not found |
Exemples de code pour « Get the code security configuration associated with a repository »
Si vous accédez à GitHub à GHE.com, remplacez api.github.com
par le sous-domaine dédié de votre entreprise à api.SUBDOMAIN.ghe.com
.
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/code-security-configuration
Response
Status: 200
{
"status": "attached",
"configuration": {
"id": 1325,
"target_type": "organization",
"name": "octo-org recommended settings",
"description": "This is a code security configuration for octo-org",
"advanced_security": "enabled",
"dependency_graph": "enabled",
"dependency_graph_autosubmit_action": "enabled",
"dependency_graph_autosubmit_action_options": {
"labeled_runners": false
},
"dependabot_alerts": "enabled",
"dependabot_security_updates": "not_set",
"code_scanning_default_setup": "disabled",
"secret_scanning": "enabled",
"secret_scanning_push_protection": "disabled",
"secret_scanning_delegated_bypass": "disabled",
"secret_scanning_validity_checks": "disabled",
"secret_scanning_non_provider_patterns": "disabled",
"private_vulnerability_reporting": "disabled",
"enforcement": "enforced",
"url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325",
"html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325",
"created_at": "2024-05-01T00:00:00Z",
"updated_at": "2024-05-01T00:00:00Z"
}
}