L’API REST est maintenant versionnée. Pour plus d’informations, consultez « À propos des versions de l’API ».

Configurations

Utilisez l’API REST pour créer et gérer des configurations de sécurité pour votre organisation.

Get code security configurations for an enterprise

Lists all code security configurations available in an enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Get code security configurations for an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Get code security configurations for an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Paramètres de requête
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Default: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

Codes d’état de la réponse HTTP pour « Get code security configurations for an enterprise »

Code d’étatDescription
200

OK

403

Forbidden

404

Resource not found

Exemples de code pour « Get code security configurations for an enterprise »

Exemple de requête

get/enterprises/{enterprise}/code-security/configurations
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations

Response

Status: 200
[ { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-enterprise/settings/security_analysis/configurations/17/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1326", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1326/edit", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } ]

Create a code security configuration for an enterprise

Creates a code security configuration in an enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Create a code security configuration for an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Create a code security configuration for an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Paramètres du corps
name string Obligatoire

The name of the code security configuration. Must be unique within the enterprise.

description string Obligatoire

A description of the code security configuration

advanced_security string

The enablement status of GitHub Advanced Security

Default: disabled

Peut être: enabled, disabled

dependency_graph string

The enablement status of Dependency Graph

Default: enabled

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action string

The enablement status of Automatic dependency submission

Default: disabled

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action_options object

Feature options for Automatic dependency submission

labeled_runners boolean

Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.

Default: false

dependabot_alerts string

The enablement status of Dependabot alerts

Default: disabled

Peut être: enabled, disabled, not_set

dependabot_security_updates string

The enablement status of Dependabot security updates

Default: disabled

Peut être: enabled, disabled, not_set

code_scanning_default_setup string

The enablement status of code scanning default setup

Default: disabled

Peut être: enabled, disabled, not_set

code_scanning_default_setup_options object or null

Feature options for code scanning default setup

runner_type string

Whether to use labeled runners or standard GitHub runners.

Peut être: standard, labeled, not_set

runner_label string or null

The label of the runner to use for code scanning default setup when runner_type is 'labeled'.

secret_scanning string

The enablement status of secret scanning

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_push_protection string

The enablement status of secret scanning push protection

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_validity_checks string

The enablement status of secret scanning validity checks

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_non_provider_patterns string

The enablement status of secret scanning non provider patterns

Default: disabled

Peut être: enabled, disabled, not_set

private_vulnerability_reporting string

The enablement status of private vulnerability reporting

Default: disabled

Peut être: enabled, disabled, not_set

enforcement string

The enforcement status for a security configuration

Default: enforced

Peut être: enforced, unenforced

Codes d’état de la réponse HTTP pour « Create a code security configuration for an enterprise »

Code d’étatDescription
201

Successfully created code security configuration

400

Bad Request

403

Forbidden

404

Resource not found

Exemples de code pour « Create a code security configuration for an enterprise »

Exemple de requête

post/enterprises/{enterprise}/code-security/configurations
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations \ -d '{"name":"High rish settings","description":"This is a code security configuration for octo-enterprise","advanced_security":"enabled","dependabot_alerts":"enabled","dependabot_security_updates":"not_set","secret_scanning":"enabled"}'

Successfully created code security configuration

Status: 201
{ "id": 1325, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Get default code security configurations for an enterprise

Lists the default code security configurations for an enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Get default code security configurations for an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Get default code security configurations for an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

Codes d’état de la réponse HTTP pour « Get default code security configurations for an enterprise »

Code d’étatDescription
200

OK

Exemples de code pour « Get default code security configurations for an enterprise »

Exemple de requête

get/enterprises/{enterprise}/code-security/configurations/defaults
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/defaults

Response

Status: 200
[ { "default_for_new_repos": "public", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 1325, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }, { "default_for_new_repos": "private_and_internal", "configuration": { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" } } ]

Retrieve a code security configuration of an enterprise

Gets a code security configuration available in an enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Retrieve a code security configuration of an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Retrieve a code security configuration of an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Codes d’état de la réponse HTTP pour « Retrieve a code security configuration of an enterprise »

Code d’étatDescription
200

OK

304

Not modified

403

Forbidden

404

Resource not found

Exemples de code pour « Retrieve a code security configuration of an enterprise »

Exemple de requête

get/enterprises/{enterprise}/code-security/configurations/{configuration_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID

Response

Status: 200
{ "id": 1325, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Update a custom code security configuration for an enterprise

Updates a code security configuration in an enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Update a custom code security configuration for an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Update a custom code security configuration for an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres du corps
name string

The name of the code security configuration. Must be unique across the enterprise.

description string

A description of the code security configuration

advanced_security string

The enablement status of GitHub Advanced Security. Must be set to enabled if you want to enable any GHAS settings.

Peut être: enabled, disabled

dependency_graph string

The enablement status of Dependency Graph

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action string

The enablement status of Automatic dependency submission

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action_options object

Feature options for Automatic dependency submission

labeled_runners boolean

Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.

dependabot_alerts string

The enablement status of Dependabot alerts

Peut être: enabled, disabled, not_set

dependabot_security_updates string

The enablement status of Dependabot security updates

Peut être: enabled, disabled, not_set

code_scanning_default_setup string

The enablement status of code scanning default setup

Peut être: enabled, disabled, not_set

code_scanning_default_setup_options object or null

Feature options for code scanning default setup

runner_type string

Whether to use labeled runners or standard GitHub runners.

Peut être: standard, labeled, not_set

runner_label string or null

The label of the runner to use for code scanning default setup when runner_type is 'labeled'.

secret_scanning string

The enablement status of secret scanning

Peut être: enabled, disabled, not_set

secret_scanning_push_protection string

The enablement status of secret scanning push protection

Peut être: enabled, disabled, not_set

secret_scanning_validity_checks string

The enablement status of secret scanning validity checks

Peut être: enabled, disabled, not_set

secret_scanning_non_provider_patterns string

The enablement status of secret scanning non-provider patterns

Peut être: enabled, disabled, not_set

private_vulnerability_reporting string

The enablement status of private vulnerability reporting

Peut être: enabled, disabled, not_set

enforcement string

The enforcement status for a security configuration

Peut être: enforced, unenforced

Codes d’état de la réponse HTTP pour « Update a custom code security configuration for an enterprise »

Code d’étatDescription
200

OK

304

Not modified

403

Forbidden

404

Resource not found

409

Conflict

Exemples de code pour « Update a custom code security configuration for an enterprise »

Exemple de requête

patch/enterprises/{enterprise}/code-security/configurations/{configuration_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID \ -d '{"name":"octo-enterprise recommended settings v2","secret_scanning":"disabled","code_scanning_default_setup":"enabled"}'

Response

Status: 200
{ "id": 1325, "target_type": "enterprise", "name": "High risk settings", "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Delete a code security configuration for an enterprise

Deletes a code security configuration from an enterprise. Repositories attached to the configuration will retain their settings but will no longer be associated with the configuration.

The authenticated user must be an administrator for the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Delete a code security configuration for an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Delete a code security configuration for an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Codes d’état de la réponse HTTP pour « Delete a code security configuration for an enterprise »

Code d’étatDescription
204

A header with no content is returned.

400

Bad Request

403

Forbidden

404

Resource not found

409

Conflict

Exemples de code pour « Delete a code security configuration for an enterprise »

Exemple de requête

delete/enterprises/{enterprise}/code-security/configurations/{configuration_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID

A header with no content is returned.

Status: 204

Attach an enterprise configuration to repositories

Attaches an enterprise code security configuration to repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.

If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.

The authenticated user must be an administrator for the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Attach an enterprise configuration to repositories »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Attach an enterprise configuration to repositories »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres du corps
scope string Obligatoire

The type of repositories to attach the configuration to. selected means the configuration will be attached to only the repositories specified by selected_repository_ids

Peut être: all, all_without_configurations

Codes d’état de la réponse HTTP pour « Attach an enterprise configuration to repositories »

Code d’étatDescription
202

Accepted

403

Forbidden

404

Resource not found

409

Conflict

Exemples de code pour « Attach an enterprise configuration to repositories »

Exemple de requête

post/enterprises/{enterprise}/code-security/configurations/{configuration_id}/attach
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID/attach \ -d '{"scope":"all"}'

Accepted

Status: 202

Set a code security configuration as a default for an enterprise

Sets a code security configuration as a default to be applied to new repositories in your enterprise.

This configuration will be applied by default to the matching repository type when created, but only for organizations within the enterprise that do not already have a default code security configuration set.

The authenticated user must be an administrator for the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Set a code security configuration as a default for an enterprise »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Set a code security configuration as a default for an enterprise »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres du corps
default_for_new_repos string

Specify which types of repository this security configuration should be applied to by default.

Peut être: all, none, private_and_internal, public

Codes d’état de la réponse HTTP pour « Set a code security configuration as a default for an enterprise »

Code d’étatDescription
200

Default successfully changed.

403

Forbidden

404

Resource not found

Exemples de code pour « Set a code security configuration as a default for an enterprise »

Exemple de requête

put/enterprises/{enterprise}/code-security/configurations/{configuration_id}/defaults
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID/defaults \ -d '{"default_for_new_repos":"all"}'

Default successfully changed.

Status: 200
{ "default_for_new_repos": "all", "configuration": { "value": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } } }

Get repositories associated with an enterprise code security configuration

Lists the repositories associated with an enterprise code security configuration in an organization.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

Jetons d’accès affinés pour « Get repositories associated with an enterprise code security configuration »

Ce point de terminaison ne fonctionne pas avec les jetons d’accès utilisateur d’application GitHub, les jetons d’accès d’installation d’application GitHub ou les jetons d’accès personnels affinés.

Paramètres pour « Get repositories associated with an enterprise code security configuration »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
enterprise string Obligatoire

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres de requête
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Default: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

status string

A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.

Can be: all, attached, attaching, removed, enforced, failed, updating, removed_by_enterprise

Default: all

Codes d’état de la réponse HTTP pour « Get repositories associated with an enterprise code security configuration »

Code d’étatDescription
200

OK

403

Forbidden

404

Resource not found

Exemples de code pour « Get repositories associated with an enterprise code security configuration »

Exemple de requête

get/enterprises/{enterprise}/code-security/configurations/{configuration_id}/repositories
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code-security/configurations/CONFIGURATION_ID/repositories

Example of code security configuration repositories

Status: 200
[ { "status": "attached", "repository": { "value": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "git_url": "git:github.com/octocat/Hello-World.git", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "ssh_url": "git@github.com:octocat/Hello-World.git", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" } } } ]

Get code security configurations for an organization

Lists all code security configurations available in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Get code security configurations for an organization »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Get code security configurations for an organization »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

Paramètres de requête
target_type string

The target type of the code security configuration

Default: all

Peut être: global, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Default: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

Codes d’état de la réponse HTTP pour « Get code security configurations for an organization »

Code d’étatDescription
200

OK

403

Forbidden

404

Resource not found

Exemples de code pour « Get code security configurations for an organization »

Exemple de requête

get/orgs/{org}/code-security/configurations
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations

Response

Status: 200
[ { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 17, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, "target_type": "organization", "name": "High risk settings", "description": "This is a code security configuration for octo-org high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } ]

Create a code security configuration

Creates a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Create a code security configuration »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Create a code security configuration »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

Paramètres du corps
name string Obligatoire

The name of the code security configuration. Must be unique within the organization.

description string Obligatoire

A description of the code security configuration

advanced_security string

The enablement status of GitHub Advanced Security

Default: disabled

Peut être: enabled, disabled

dependency_graph string

The enablement status of Dependency Graph

Default: enabled

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action string

The enablement status of Automatic dependency submission

Default: disabled

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action_options object

Feature options for Automatic dependency submission

labeled_runners boolean

Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.

Default: false

dependabot_alerts string

The enablement status of Dependabot alerts

Default: disabled

Peut être: enabled, disabled, not_set

dependabot_security_updates string

The enablement status of Dependabot security updates

Default: disabled

Peut être: enabled, disabled, not_set

code_scanning_default_setup string

The enablement status of code scanning default setup

Default: disabled

Peut être: enabled, disabled, not_set

code_scanning_default_setup_options object or null

Feature options for code scanning default setup

runner_type string

Whether to use labeled runners or standard GitHub runners.

Peut être: standard, labeled, not_set

runner_label string or null

The label of the runner to use for code scanning default setup when runner_type is 'labeled'.

secret_scanning string

The enablement status of secret scanning

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_push_protection string

The enablement status of secret scanning push protection

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_delegated_bypass string

The enablement status of secret scanning delegated bypass

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_delegated_bypass_options object

Feature options for secret scanning delegated bypass

reviewers array of objects

The bypass reviewers for secret scanning delegated bypass

reviewer_id integer Obligatoire

The ID of the team or role selected as a bypass reviewer

reviewer_type string Obligatoire

The type of the bypass reviewer

Peut être: TEAM, ROLE

secret_scanning_validity_checks string

The enablement status of secret scanning validity checks

Default: disabled

Peut être: enabled, disabled, not_set

secret_scanning_non_provider_patterns string

The enablement status of secret scanning non provider patterns

Default: disabled

Peut être: enabled, disabled, not_set

private_vulnerability_reporting string

The enablement status of private vulnerability reporting

Default: disabled

Peut être: enabled, disabled, not_set

enforcement string

The enforcement status for a security configuration

Default: enforced

Peut être: enforced, unenforced

Codes d’état de la réponse HTTP pour « Create a code security configuration »

Code d’étatDescription
201

Successfully created code security configuration

Exemples de code pour « Create a code security configuration »

Exemple de requête

post/orgs/{org}/code-security/configurations
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations \ -d '{"name":"octo-org recommended settings","description":"This is a code security configuration for octo-org","advanced_security":"enabled","dependabot_alerts":"enabled","dependabot_security_updates":"not_set","secret_scanning":"enabled"}'

Successfully created code security configuration

Status: 201
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Get default code security configurations

Lists the default code security configurations for an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Get default code security configurations »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Get default code security configurations »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

Codes d’état de la réponse HTTP pour « Get default code security configurations »

Code d’étatDescription
200

OK

304

Not modified

403

Forbidden

404

Resource not found

Exemples de code pour « Get default code security configurations »

Exemple de requête

get/orgs/{org}/code-security/configurations/defaults
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/defaults

Response

Status: 200
[ { "default_for_new_repos": "public", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 1325, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }, { "default_for_new_repos": "private_and_internal", "configuration": { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" } } ]

Detach configurations from repositories

Detach code security configuration(s) from a set of repositories. Repositories will retain their settings but will no longer be associated with the configuration.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Detach configurations from repositories »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Detach configurations from repositories »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

Paramètres du corps
selected_repository_ids array of integers

An array of repository IDs to detach from configurations.

Codes d’état de la réponse HTTP pour « Detach configurations from repositories »

Code d’étatDescription
204

A header with no content is returned.

400

Bad Request

403

Forbidden

404

Resource not found

409

Conflict

Exemples de code pour « Detach configurations from repositories »

Exemple de requête

delete/orgs/{org}/code-security/configurations/detach
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/detach \ -d '{"selected_repository_ids":[32,91]}'

A header with no content is returned.

Status: 204

Get a code security configuration

Gets a code security configuration available in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Get a code security configuration »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Get a code security configuration »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Codes d’état de la réponse HTTP pour « Get a code security configuration »

Code d’étatDescription
200

OK

304

Not modified

403

Forbidden

404

Resource not found

Exemples de code pour « Get a code security configuration »

Exemple de requête

get/orgs/{org}/code-security/configurations/{configuration_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID

Response

Status: 200
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Update a code security configuration

Updates a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Update a code security configuration »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Update a code security configuration »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres du corps
name string

The name of the code security configuration. Must be unique within the organization.

description string

A description of the code security configuration

advanced_security string

The enablement status of GitHub Advanced Security

Peut être: enabled, disabled

dependency_graph string

The enablement status of Dependency Graph

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action string

The enablement status of Automatic dependency submission

Peut être: enabled, disabled, not_set

dependency_graph_autosubmit_action_options object

Feature options for Automatic dependency submission

labeled_runners boolean

Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.

dependabot_alerts string

The enablement status of Dependabot alerts

Peut être: enabled, disabled, not_set

dependabot_security_updates string

The enablement status of Dependabot security updates

Peut être: enabled, disabled, not_set

code_scanning_default_setup string

The enablement status of code scanning default setup

Peut être: enabled, disabled, not_set

code_scanning_default_setup_options object or null

Feature options for code scanning default setup

runner_type string

Whether to use labeled runners or standard GitHub runners.

Peut être: standard, labeled, not_set

runner_label string or null

The label of the runner to use for code scanning default setup when runner_type is 'labeled'.

secret_scanning string

The enablement status of secret scanning

Peut être: enabled, disabled, not_set

secret_scanning_push_protection string

The enablement status of secret scanning push protection

Peut être: enabled, disabled, not_set

secret_scanning_delegated_bypass string

The enablement status of secret scanning delegated bypass

Peut être: enabled, disabled, not_set

secret_scanning_delegated_bypass_options object

Feature options for secret scanning delegated bypass

reviewers array of objects

The bypass reviewers for secret scanning delegated bypass

reviewer_id integer Obligatoire

The ID of the team or role selected as a bypass reviewer

reviewer_type string Obligatoire

The type of the bypass reviewer

Peut être: TEAM, ROLE

secret_scanning_validity_checks string

The enablement status of secret scanning validity checks

Peut être: enabled, disabled, not_set

secret_scanning_non_provider_patterns string

The enablement status of secret scanning non-provider patterns

Peut être: enabled, disabled, not_set

private_vulnerability_reporting string

The enablement status of private vulnerability reporting

Peut être: enabled, disabled, not_set

enforcement string

The enforcement status for a security configuration

Peut être: enforced, unenforced

Codes d’état de la réponse HTTP pour « Update a code security configuration »

Code d’étatDescription
200

Response when a configuration is updated

204

Response when no new updates are made

Exemples de code pour « Update a code security configuration »

Exemple de requête

patch/orgs/{org}/code-security/configurations/{configuration_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID \ -d '{"name":"octo-org recommended settings v2","secret_scanning":"disabled","code_scanning_default_setup":"enabled"}'

Response when a configuration is updated

Status: 200
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings v2", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "disabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Delete a code security configuration

Deletes the desired code security configuration from an organization. Repositories attached to the configuration will retain their settings but will no longer be associated with the configuration.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Delete a code security configuration »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Delete a code security configuration »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Codes d’état de la réponse HTTP pour « Delete a code security configuration »

Code d’étatDescription
204

A header with no content is returned.

400

Bad Request

403

Forbidden

404

Resource not found

409

Conflict

Exemples de code pour « Delete a code security configuration »

Exemple de requête

delete/orgs/{org}/code-security/configurations/{configuration_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID

A header with no content is returned.

Status: 204

Attach a configuration to repositories

Attach a code security configuration to a set of repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.

If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Attach a configuration to repositories »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Attach a configuration to repositories »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres du corps
scope string Obligatoire

The type of repositories to attach the configuration to. selected means the configuration will be attached to only the repositories specified by selected_repository_ids

Peut être: all, all_without_configurations, public, private_or_internal, selected

selected_repository_ids array of integers

An array of repository IDs to attach the configuration to. You can only provide a list of repository ids when the scope is set to selected.

Codes d’état de la réponse HTTP pour « Attach a configuration to repositories »

Code d’étatDescription
202

Accepted

Exemples de code pour « Attach a configuration to repositories »

Exemple de requête

post/orgs/{org}/code-security/configurations/{configuration_id}/attach
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/attach \ -d '{"scope":"selected","selected_repository_ids":[32,91]}'

Accepted

Status: 202

Set a code security configuration as a default for an organization

Sets a code security configuration as a default to be applied to new repositories in your organization.

This configuration will be applied to the matching repository type (all, none, public, private and internal) by default when they are created.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Set a code security configuration as a default for an organization »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Set a code security configuration as a default for an organization »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres du corps
default_for_new_repos string

Specify which types of repository this security configuration should be applied to by default.

Peut être: all, none, private_and_internal, public

Codes d’état de la réponse HTTP pour « Set a code security configuration as a default for an organization »

Code d’étatDescription
200

Default successfully changed.

403

Forbidden

404

Resource not found

Exemples de code pour « Set a code security configuration as a default for an organization »

Exemple de requête

put/orgs/{org}/code-security/configurations/{configuration_id}/defaults
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/defaults \ -d '{"default_for_new_repos":"all"}'

Default successfully changed.

Status: 200
{ "default_for_new_repos": "all", "configuration": { "value": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "code_scanning_default_setup_options": { "runner_type": "not_set", "runner_label": null }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } } }

Get repositories associated with a code security configuration

Lists the repositories associated with a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Jetons d’accès affinés pour « Get repositories associated with a code security configuration »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" organization permissions (write)

Paramètres pour « Get repositories associated with a code security configuration »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
org string Obligatoire

The organization name. The name is not case sensitive.

configuration_id integer Obligatoire

The unique identifier of the code security configuration.

Paramètres de requête
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Default: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

status string

A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.

Can be: all, attached, attaching, detached, removed, enforced, failed, updating, removed_by_enterprise

Default: all

Codes d’état de la réponse HTTP pour « Get repositories associated with a code security configuration »

Code d’étatDescription
200

OK

403

Forbidden

404

Resource not found

Exemples de code pour « Get repositories associated with a code security configuration »

Exemple de requête

get/orgs/{org}/code-security/configurations/{configuration_id}/repositories
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-security/configurations/CONFIGURATION_ID/repositories

Example of code security configuration repositories

Status: 200
[ { "status": "attached", "repository": { "value": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "git_url": "git:github.com/octocat/Hello-World.git", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "ssh_url": "git@github.com:octocat/Hello-World.git", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" } } } ]

Get the code security configuration associated with a repository

Get the code security configuration that manages a repository's code security settings.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

Jetons d’accès affinés pour « Get the code security configuration associated with a repository »

Ce point de terminaison fonctionne avec les types de jetons précis suivants:

Le jeton précis doit avoir l’ensemble d’autorisations suivant:

  • "Administration" repository permissions (read)

Paramètres pour « Get the code security configuration associated with a repository »

En-têtes
accept string

Setting to application/vnd.github+json is recommended.

Paramètres de chemin d’accès
owner string Obligatoire

The account owner of the repository. The name is not case sensitive.

repo string Obligatoire

The name of the repository without the .git extension. The name is not case sensitive.

Codes d’état de la réponse HTTP pour « Get the code security configuration associated with a repository »

Code d’étatDescription
200

OK

204

A header with no content is returned.

304

Not modified

403

Forbidden

404

Resource not found

Exemples de code pour « Get the code security configuration associated with a repository »

Exemple de requête

get/repos/{owner}/{repo}/code-security-configuration
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-security-configuration

Response

Status: 200
{ "status": "attached", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }