Skip to main content
ドキュメントには頻繁に更新が加えられ、その都度公開されています。本ページの翻訳はまだ未完成な部分があることをご了承ください。最新の情報については、英語のドキュメンテーションをご参照ください。本ページの翻訳に問題がある場合はこちらまでご連絡ください。

Secret scanning

Secret scanning APIを使うと、リポジトリからシークレットアラートの取得と更新ができます。

ノート: secret scanning APIは現在ベータで、変更されることがあります。

Secret scanning APIについて

secret scanning APIを使うと以下のことができます。

  • リポジトリのsecret scanningの有効化あるいは無効化。 詳しい情報については「リポジトリ」を参照し、REST APIドキュメンテーションの「security_and_analysisのプロパティ」セクションを展開してください。
  • リポジトリからの>- secret scanningアラートの取得と更新。 詳細については以下のセクションを参照してください。

secret scanning の詳細については、「secret scanning について」を参照してください。

List secret scanning alerts for a repository

Works with GitHub Apps

Lists secret scanning alerts for a private repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

パラメータ

Headers
名前, 種類, 説明
acceptstring

Setting to application/vnd.github.v3+json is recommended.

Path parameters
名前, 種類, 説明
ownerstring必須

The account owner of the repository. The name is not case sensitive.

repostring必須

The name of the repository. The name is not case sensitive.

クエリパラメータ
名前, 種類, 説明
statestring

Set to open or resolved to only list secret scanning alerts in a specific state.

Can be one of: open, resolved

secret_typestring

A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types (API slug).

resolutionstring

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.

pageinteger

Page number of the results to fetch.

デフォルト: 1

per_pageinteger

The number of results per page (max 100).

デフォルト: 30

HTTP response status codes

Status code説明
200

OK

404

Repository is public or secret scanning is disabled for the repository

503

Service unavailable

コードサンプル

get/repos/{owner}/{repo}/secret-scanning/alerts
curl \ -H "Accept: application/vnd.github.v3+json" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts

Response

Status: 200
[ { "number": 2, "created_at": "2020-11-06T18:48:51Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2", "state": "resolved", "resolution": "false_positive", "resolved_at": "2020-11-07T02:47:13Z", "resolved_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "secret_type": "adafruit_io_key", "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX" }, { "number": 1, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1", "html_url": "https://github.com/owner/repo/security/secret-scanning/1", "state": "open", "resolution": null, "resolved_at": null, "resolved_by": null, "secret_type": "mailchimp_api_key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2" } ]

Get a secret scanning alert

Works with GitHub Apps

Gets a single secret scanning alert detected in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

パラメータ

Headers
名前, 種類, 説明
acceptstring

Setting to application/vnd.github.v3+json is recommended.

Path parameters
名前, 種類, 説明
ownerstring必須

The account owner of the repository. The name is not case sensitive.

repostring必須

The name of the repository. The name is not case sensitive.

alert_numberinteger必須

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

HTTP response status codes

Status code説明
200

OK

304

Not modified

404

Repository is public, or secret scanning is disabled for the repository, or the resource is not found

503

Service unavailable

コードサンプル

get/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}
curl \ -H "Accept: application/vnd.github.v3+json" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER

Response

Status: 200
{ "number": 42, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations", "state": "open", "secret_type": "mailchimp_api_key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2" }

Update a secret scanning alert

Works with GitHub Apps

Updates the status of a secret scanning alert in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint.

パラメータ

Headers
名前, 種類, 説明
acceptstring

Setting to application/vnd.github.v3+json is recommended.

Path parameters
名前, 種類, 説明
ownerstring必須

The account owner of the repository. The name is not case sensitive.

repostring必須

The name of the repository. The name is not case sensitive.

alert_numberinteger必須

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

Body parameters
名前, 種類, 説明
statestring必須

Sets the state of the secret scanning alert. Can be either open or resolved. You must provide resolution when you set the state to resolved.

Can be one of: open, resolved

resolutionstring or null

Required when the state is resolved. The reason for resolving the alert.

Can be one of: , false_positive, wont_fix, revoked, used_in_tests

HTTP response status codes

Status code説明
200

OK

404

Repository is public, or secret scanning is disabled for the repository, or the resource is not found

422

State does not match the resolution

503

Service unavailable

コードサンプル

patch/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}
curl \ -X PATCH \ -H "Accept: application/vnd.github.v3+json" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \ -d '{"state":"resolved","resolution":"false_positive"}'

Response

Status: 200
{ "number": 42, "created_at": "2020-11-06T18:18:30Z", "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42", "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42", "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations", "state": "resolved", "resolution": "used_in_tests", "resolved_at": "2020-11-16T22:42:07Z", "resolved_by": { "login": "monalisa", "id": 2, "node_id": "MDQ6VXNlcjI=", "avatar_url": "https://alambic.github.com/avatars/u/2?", "gravatar_id": "", "url": "https://api.github.com/users/monalisa", "html_url": "https://github.com/monalisa", "followers_url": "https://api.github.com/users/monalisa/followers", "following_url": "https://api.github.com/users/monalisa/following{/other_user}", "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}", "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions", "organizations_url": "https://api.github.com/users/monalisa/orgs", "repos_url": "https://api.github.com/users/monalisa/repos", "events_url": "https://api.github.com/users/monalisa/events{/privacy}", "received_events_url": "https://api.github.com/users/monalisa/received_events", "type": "User", "site_admin": true }, "secret_type": "mailchimp_api_key", "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2" }