Points de terminaison d’API REST pour la sécurité et l’analyse du code d’entreprise
Utilisez l’API REST pour gérer les fonctionnalités de sécurité et d’analyse du code pour votre entreprise.
Ces points de terminaison prennent uniquement en charge l’authentification à l’aide d’un personal access token (classic). Pour plus d’informations, consultez « Gestion de vos jetons d'accès personnels ».
Get code security and analysis features for an enterprise
Gets code security and analysis settings for the specified enterprise.
The authenticated user must be an administrator of the enterprise in order to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the read:enterprise
scope to use this endpoint.
Jetons d’accès affinés pour « Get code security and analysis features for an enterprise »
Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.
Paramètres pour « Get code security and analysis features for an enterprise »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
enterprise string ObligatoireThe slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Codes d’état de la réponse HTTP pour « Get code security and analysis features for an enterprise »
Code d’état | Description |
---|---|
200 | OK |
404 | Resource not found |
Exemples de code pour « Get code security and analysis features for an enterprise »
Exemple de requête
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/code_security_and_analysis
Response
Status: 200
{
"advanced_security_enabled_for_new_repositories": true,
"dependabot_alerts_enabled_for_new_repositories": true,
"secret_scanning_enabled_for_new_repositories": true,
"secret_scanning_push_protection_enabled_for_new_repositories": true,
"secret_scanning_push_protection_custom_link": "https://github.com/test-org/test-repo/blob/main/README.md",
"secret_scanning_non_provider_patterns_enabled_for_new_repositories": true
}
Update code security and analysis features for an enterprise
Updates the settings for advanced security, Dependabot alerts, secret scanning, and push protection for new repositories in an enterprise.
The authenticated user must be an administrator of the enterprise to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise
scope to use this endpoint.
Jetons d’accès affinés pour « Update code security and analysis features for an enterprise »
Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.
Paramètres pour « Update code security and analysis features for an enterprise »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
enterprise string ObligatoireThe slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Nom, Type, Description |
---|
advanced_security_enabled_for_new_repositories boolean Whether GitHub Advanced Security is automatically enabled for new repositories. For more information, see "About GitHub Advanced Security." |
advanced_security_enabled_new_user_namespace_repos boolean Whether GitHub Advanced Security is automatically enabled for new user namespace repositories. For more information, see "About GitHub Advanced Security." |
dependabot_alerts_enabled_for_new_repositories boolean Whether Dependabot alerts are automatically enabled for new repositories. For more information, see "About Dependabot alerts." |
secret_scanning_enabled_for_new_repositories boolean Whether secret scanning is automatically enabled for new repositories. For more information, see "About secret scanning." |
secret_scanning_push_protection_enabled_for_new_repositories boolean Whether secret scanning push protection is automatically enabled for new repositories. For more information, see "Protecting pushes with secret scanning." |
secret_scanning_push_protection_custom_link string or null The URL that will be displayed to contributors who are blocked from pushing a secret. For more information, see "Protecting pushes with secret scanning."
To disable this functionality, set this field to |
secret_scanning_non_provider_patterns_enabled_for_new_repositories boolean or null Whether secret scanning of non-provider patterns is enabled for new repositories under this enterprise. |
Codes d’état de la réponse HTTP pour « Update code security and analysis features for an enterprise »
Code d’état | Description |
---|---|
204 | Action started |
404 | Resource not found |
422 | The action could not be taken due to an in progress enablement, or a policy is preventing enablement |
Exemples de code pour « Update code security and analysis features for an enterprise »
Exemple de requête
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/code_security_and_analysis \
-d '{"advanced_security_enabled_for_new_repositories":true,"advanced_security_enabled_new_user_namespace_repos":true,"dependabot_alerts_enabled_for_new_repositories":true,"secret_scanning_enabled_for_new_repositories":true,"secret_scanning_push_protection_enabled_for_new_repositories":true,"secret_scanning_push_protection_custom_link":"https://github.com/test-org/test-repo/blob/main/README.md","secret_scanning_non_provider_patterns_enabled_for_new_repositories":true}'
Action started
Status: 204
Enable or disable a security feature
Enables or disables the specified security feature for all repositories in an enterprise.
The authenticated user must be an administrator of the enterprise to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise
scope to use this endpoint.
Jetons d’accès affinés pour « Enable or disable a security feature »
Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.
Paramètres pour « Enable or disable a security feature »
Nom, Type, Description |
---|
accept string Setting to |
Nom, Type, Description |
---|
enterprise string ObligatoireThe slug version of the enterprise name. You can also substitute this value with the enterprise id. |
security_product string ObligatoireThe security feature to enable or disable. Peut être: |
enablement string ObligatoireThe action to take.
Peut être: |
Codes d’état de la réponse HTTP pour « Enable or disable a security feature »
Code d’état | Description |
---|---|
204 | Action started |
404 | Resource not found |
422 | The action could not be taken due to an in progress enablement, or a policy is preventing enablement |
Exemples de code pour « Enable or disable a security feature »
Exemple de requête
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/SECURITY_PRODUCT/ENABLEMENT
Action started
Status: 204