REST API はバージョン管理になりました。 詳細については、「API のバージョン管理について」を参照してください。

エンタープライズ コードのセキュリティと分析のための REST API エンドポイント

REST API を使って、エンタープライズに対するコードのセキュリティと分析の機能を管理します。

これらのエンドポイントでは、personal access token (classic) を使う認証のみがサポートされます。 詳しくは、「個人用アクセス トークンを管理する」を参照してください。

Get code security and analysis features for an enterprise

Gets code security and analysis settings for the specified enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

"Get code security and analysis features for an enterprise" のきめ細かいアクセス トークン

このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。

"Get code security and analysis features for an enterprise" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パス パラメーター
enterprise string 必須

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

"Get code security and analysis features for an enterprise" の HTTP 応答状態コード

状態コード説明
200

OK

404

Resource not found

"Get code security and analysis features for an enterprise" のコード サンプル

要求の例

get/enterprises/{enterprise}/code_security_and_analysis
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code_security_and_analysis

Response

Status: 200
{ "advanced_security_enabled_for_new_repositories": true, "dependabot_alerts_enabled_for_new_repositories": true, "secret_scanning_enabled_for_new_repositories": true, "secret_scanning_push_protection_enabled_for_new_repositories": true, "secret_scanning_push_protection_custom_link": "https://github.com/test-org/test-repo/blob/main/README.md", "secret_scanning_validity_checks_enabled": true }

Update code security and analysis features for an enterprise

Updates the settings for advanced security, Dependabot alerts, secret scanning, and push protection for new repositories in an enterprise.

The authenticated user must be an administrator of the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

"Update code security and analysis features for an enterprise" のきめ細かいアクセス トークン

このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。

"Update code security and analysis features for an enterprise" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パス パラメーター
enterprise string 必須

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

本文のパラメーター
advanced_security_enabled_for_new_repositories boolean

Whether GitHub Advanced Security is automatically enabled for new repositories. For more information, see "About GitHub Advanced Security."

advanced_security_enabled_new_user_namespace_repos boolean

Whether GitHub Advanced Security is automatically enabled for new user namespace repositories. For more information, see "About GitHub Advanced Security."

dependabot_alerts_enabled_for_new_repositories boolean

Whether Dependabot alerts are automatically enabled for new repositories. For more information, see "About Dependabot alerts."

secret_scanning_enabled_for_new_repositories boolean

Whether secret scanning is automatically enabled for new repositories. For more information, see "About secret scanning."

secret_scanning_push_protection_enabled_for_new_repositories boolean

Whether secret scanning push protection is automatically enabled for new repositories. For more information, see "Protecting pushes with secret scanning."

secret_scanning_push_protection_custom_link string or null

The URL that will be displayed to contributors who are blocked from pushing a secret. For more information, see "Protecting pushes with secret scanning." To disable this functionality, set this field to null.

secret_scanning_validity_checks_enabled boolean or null

Whether secret scanning automatic validity checks on supported partner tokens is enabled for all repositories under this enterprise.

"Update code security and analysis features for an enterprise" の HTTP 応答状態コード

状態コード説明
204

Action started

404

Resource not found

422

The action could not be taken due to an in progress enablement, or a policy is preventing enablement

"Update code security and analysis features for an enterprise" のコード サンプル

要求の例

patch/enterprises/{enterprise}/code_security_and_analysis
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/code_security_and_analysis \ -d '{"advanced_security_enabled_for_new_repositories":true,"advanced_security_enabled_new_user_namespace_repos":true,"dependabot_alerts_enabled_for_new_repositories":true,"secret_scanning_enabled_for_new_repositories":true,"secret_scanning_push_protection_enabled_for_new_repositories":true,"secret_scanning_push_protection_custom_link":"https://github.com/test-org/test-repo/blob/main/README.md","secret_scanning_validity_checks_enabled":true}'

Action started

Status: 204

Enable or disable a security feature

Enables or disables the specified security feature for all repositories in an enterprise.

The authenticated user must be an administrator of the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

"Enable or disable a security feature" のきめ細かいアクセス トークン

このエンドポイントは、GitHub アプリのユーザー アクセス トークン、GitHub アプリのインストール アクセス トークン、またはきめ細かい個人用アクセス トークンでは機能しません。

"Enable or disable a security feature" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パス パラメーター
enterprise string 必須

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

security_product string 必須

The security feature to enable or disable.

次のいずれかにできます: advanced_security, advanced_security_user_namespace, dependabot_alerts, secret_scanning, secret_scanning_push_protection

enablement string 必須

The action to take.

enable_all means to enable the specified security feature for all repositories in the enterprise. disable_all means to disable the specified security feature for all repositories in the enterprise.

次のいずれかにできます: enable_all, disable_all

"Enable or disable a security feature" の HTTP 応答状態コード

状態コード説明
204

Action started

404

Resource not found

422

The action could not be taken due to an in progress enablement, or a policy is preventing enablement

"Enable or disable a security feature" のコード サンプル

要求の例

post/enterprises/{enterprise}/{security_product}/{enablement}
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/enterprises/ENTERPRISE/SECURITY_PRODUCT/ENABLEMENT

Action started

Status: 204