Pontos de extremidade da API REST para verificação de segredos
Use a API REST para recuperar e atualizar os alertas de segredos de um repositório.
Sobre a verificação de segredo
Você pode usar a API para:
- Habilita ou desabilita secret scanning e a proteção por push em um repositório. Para saber mais, confira "Pontos de extremidade da API REST para repositórios" e expanda a seção "Propriedades do objeto
security_and_analysis
". - Recupere e atualize alertas de verificação de segredo por meio de um repositório. Para obter mais detalhes, confira as seções abaixo.
Para obter mais informações, confira secret scanning, confira "Sobre a verificação de segredo".
List secret scanning alerts for an enterprise
Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo
scope or security_events
scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager, or for repositories owned by enterprise managed users.
Tokens de acesso refinados para "List secret scanning alerts for an enterprise"
Esse ponto de extremidade não funciona com tokens de acesso de usuário do aplicativo GitHub, tokens de acesso de instalação do aplicativo GitHub ou tokens de acesso pessoal refinados.
Parâmetros para "List secret scanning alerts for an enterprise"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
enterprise string ObrigatórioThe slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Nome, Tipo, Descrição |
---|
state string Set to Pode ser um dos: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Supported secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
before string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API." |
after string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API." |
validity string A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are |
is_publicly_leaked boolean A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present. Padrão: |
is_multi_repo boolean A boolean value representing whether or not to filter alerts by the multi-repo tag being present. Padrão: |
Códigos de status de resposta HTTP para "List secret scanning alerts for an enterprise"
Código de status | Descrição |
---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Exemplos de código para "List secret scanning alerts for an enterprise"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/enterprises/ENTERPRISE/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z",
"push_protection_bypass_request_reviewer": {
"login": "octocat",
"id": 3,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/3?",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypass_request_comment": "Example comment",
"push_protection_bypass_request_html_url": "https://github.com/owner/repo/secret_scanning_exemptions/1",
"resolution_comment": "Example comment",
"validity": "active",
"publicly_leaked": false,
"multi_repo": false
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null,
"push_protection_bypass_request_reviewer": null,
"push_protection_bypass_request_comment": null,
"push_protection_bypass_request_html_url": null,
"resolution_comment": null,
"validity": "unknown",
"publicly_leaked": false,
"multi_repo": false
}
]
List secret scanning alerts for an organization
Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
The authenticated user must be an administrator or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo
or security_events
scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo
scope instead.
Tokens de acesso refinados para "List secret scanning alerts for an organization"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (read)
Parâmetros para "List secret scanning alerts for an organization"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
org string ObrigatórioThe organization name. The name is not case sensitive. |
Nome, Tipo, Descrição |
---|
state string Set to Pode ser um dos: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Supported secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Padrão: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
before string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string. |
after string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string. |
validity string A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are |
is_publicly_leaked boolean A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present. Padrão: |
is_multi_repo boolean A boolean value representing whether or not to filter alerts by the multi-repo tag being present. Padrão: |
Códigos de status de resposta HTTP para "List secret scanning alerts for an organization"
Código de status | Descrição |
---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Exemplos de código para "List secret scanning alerts for an organization"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z",
"push_protection_bypass_request_reviewer": {
"login": "octocat",
"id": 3,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/3?",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypass_request_comment": "Example comment",
"push_protection_bypass_request_html_url": "https://github.com/owner/repo/secret_scanning_exemptions/1",
"resolution_comment": "Example comment",
"validity": "active",
"publicly_leaked": false,
"multi_repo": false
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "https://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null,
"push_protection_bypass_request_reviewer": null,
"push_protection_bypass_request_comment": null,
"push_protection_bypass_request_html_url": null,
"resolution_comment": null,
"validity": "unknown",
"publicly_leaked": false,
"multi_repo": false
}
]
List secret scanning alerts for a repository
Lists secret scanning alerts for an eligible repository, from newest to oldest.
The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo
or security_events
scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo
scope instead.
Tokens de acesso refinados para "List secret scanning alerts for a repository"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (read)
Parâmetros para "List secret scanning alerts for a repository"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
Nome, Tipo, Descrição |
---|
state string Set to Pode ser um dos: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Supported secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Padrão: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
before string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string. |
after string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string. |
validity string A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are |
is_publicly_leaked boolean A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present. Padrão: |
is_multi_repo boolean A boolean value representing whether or not to filter alerts by the multi-repo tag being present. Padrão: |
Códigos de status de resposta HTTP para "List secret scanning alerts for a repository"
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public or secret scanning is disabled for the repository |
503 | Service unavailable |
Exemplos de código para "List secret scanning alerts for a repository"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z",
"push_protection_bypass_request_reviewer": {
"login": "octocat",
"id": 3,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/3?",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypass_request_comment": "Example comment",
"push_protection_bypass_request_html_url": "https://github.com/owner/repo/secret_scanning_exemptions/1",
"resolution_comment": "Example comment",
"validity": "inactive",
"publicly_leaked": false,
"multi_repo": false
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null,
"push_protection_bypass_request_reviewer": null,
"push_protection_bypass_request_comment": null,
"push_protection_bypass_request_html_url": null,
"resolution_comment": null,
"validity": "unknown",
"publicly_leaked": false,
"multi_repo": false
}
]
Get a secret scanning alert
Gets a single secret scanning alert detected in an eligible repository.
The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo
or security_events
scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo
scope instead.
Tokens de acesso refinados para "Get a secret scanning alert"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (read)
Parâmetros para "Get a secret scanning alert"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
alert_number integer ObrigatórioThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Códigos de status de resposta HTTP para "Get a secret scanning alert"
Código de status | Descrição |
---|---|
200 | OK |
304 | Not modified |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Exemplos de código para "Get a secret scanning alert"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null,
"push_protection_bypass_request_reviewer": null,
"push_protection_bypass_request_comment": null,
"push_protection_bypass_request_html_url": null,
"resolution_comment": null,
"validity": "unknown",
"publicly_leaked": false,
"multi_repo": false
}
Update a secret scanning alert
Updates the status of a secret scanning alert in an eligible repository.
The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo
or security_events
scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo
scope instead.
Tokens de acesso refinados para "Update a secret scanning alert"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (write)
Parâmetros para "Update a secret scanning alert"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
alert_number integer ObrigatórioThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Nome, Tipo, Descrição |
---|
state string ObrigatórioSets the state of the secret scanning alert. You must provide Pode ser um dos: |
resolution string or null Required when the Pode ser um dos: |
resolution_comment string or null An optional comment when closing an alert. Cannot be updated or deleted. Must be |
Códigos de status de resposta HTTP para "Update a secret scanning alert"
Código de status | Descrição |
---|---|
200 | OK |
400 | Bad request, resolution comment is invalid or the resolution was not changed. |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
422 | State does not match the resolution or resolution comment |
503 | Service unavailable |
Exemplos de código para "Update a secret scanning alert"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
-d '{"state":"resolved","resolution":"false_positive"}'
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "resolved",
"resolution": "used_in_tests",
"resolved_at": "2020-11-16T22:42:07Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed": false,
"push_protection_bypassed_by": null,
"push_protection_bypassed_at": null,
"push_protection_bypass_request_reviewer": null,
"push_protection_bypass_request_comment": null,
"push_protection_bypass_request_html_url": null,
"resolution_comment": "Example comment",
"validity": "unknown",
"publicly_leaked": false,
"multi_repo": false
}
List locations for a secret scanning alert
Lists all locations for a given secret scanning alert for an eligible repository.
The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo
or security_events
scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo
scope instead.
Tokens de acesso refinados para "List locations for a secret scanning alert"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (read)
Parâmetros para "List locations for a secret scanning alert"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
alert_number integer ObrigatórioThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Nome, Tipo, Descrição |
---|
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Padrão: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
Códigos de status de resposta HTTP para "List locations for a secret scanning alert"
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Exemplos de código para "List locations for a secret scanning alert"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER/locations
Response
Status: 200
[
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 1,
"end_line": 1,
"start_column": 1,
"end_column": 64,
"blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b",
"blob_url": "https://api.github.com/repos/octocat/hello-world/git/blobs/af5626b4a114abcb82d63db7c8082c3c4756e51b",
"commit_sha": "f14d7debf9775f957cf4f1e8176da0786431f72b",
"commit_url": "https://api.github.com/repos/octocat/hello-world/git/commits/f14d7debf9775f957cf4f1e8176da0786431f72b"
}
},
{
"type": "wiki_commit",
"details": {
"path": "/example/Home.md",
"start_line": 1,
"end_line": 1,
"start_column": 1,
"end_column": 64,
"blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b",
"page_url": "https://github.com/octocat/Hello-World/wiki/Home/302c0b7e200761c9dd9b57e57db540ee0b4293a5",
"commit_sha": "302c0b7e200761c9dd9b57e57db540ee0b4293a5",
"commit_url": "https://github.com/octocat/Hello-World/wiki/_compare/302c0b7e200761c9dd9b57e57db540ee0b4293a5"
}
},
{
"type": "issue_title",
"details": {
"issue_title_url": "https://api.github.com/repos/octocat/Hello-World/issues/1347"
}
},
{
"type": "issue_body",
"details": {
"issue_body_url": "https://api.github.com/repos/octocat/Hello-World/issues/1347"
}
},
{
"type": "issue_comment",
"details": {
"issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments/1081119451"
}
},
{
"type": "discussion_title",
"details": {
"discussion_title_url": "https://github.com/community/community/discussions/39082"
}
},
{
"type": "discussion_body",
"details": {
"discussion_body_url": "https://github.com/community/community/discussions/39082#discussion-4566270"
}
},
{
"type": "discussion_comment",
"details": {
"discussion_comment_url": "https://github.com/community/community/discussions/39082#discussioncomment-4158232"
}
},
{
"type": "pull_request_title",
"details": {
"pull_request_title_url": "https://api.github.com/repos/octocat/Hello-World/pulls/2846"
}
},
{
"type": "pull_request_body",
"details": {
"pull_request_body_url": "https://api.github.com/repos/octocat/Hello-World/pulls/2846"
}
},
{
"type": "pull_request_comment",
"details": {
"pull_request_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments/1825855898"
}
},
{
"type": "pull_request_review",
"details": {
"pull_request_review_url": "https://api.github.com/repos/octocat/Hello-World/pulls/2846/reviews/80"
}
},
{
"type": "pull_request_review_comment",
"details": {
"pull_request_review_comment_url": "https://api.github.com/repos/octocat/Hello-World/pulls/comments/12"
}
}
]
Create a push protection bypass
Creates a bypass for a previously push protected secret.
The authenticated user must be the original author of the committed secret.
OAuth app tokens and personal access tokens (classic) need the repo
scope to use this endpoint.
Tokens de acesso refinados para "Create a push protection bypass"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
O token refinado deve ter os seguintes conjuntos de permissões:
- "Contents" repository permissions (write)
Parâmetros para "Create a push protection bypass"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
Nome, Tipo, Descrição |
---|
reason string ObrigatórioThe reason for bypassing push protection. Pode ser um dos: |
placeholder_id string ObrigatórioThe ID of the push protection bypass placeholder. This value is returned on any push protected routes. |
Códigos de status de resposta HTTP para "Create a push protection bypass"
Código de status | Descrição |
---|---|
200 | OK |
403 | User does not have enough permissions to perform this action. |
404 | Placeholder ID not found, or push protection is disabled on this repository. |
422 | Bad request, input data missing or incorrect. |
503 | Service unavailable |
Exemplos de código para "Create a push protection bypass"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/push-protection-bypasses \
-d '{"reason":"will_fix_later","placeholder_id":"2k4dM4tseyC5lPIsjl5emX9sPNk"}'
Response
Status: 200
{
"reason": "will_fix_later",
"expire_at": "2020-11-06T18:18:30Z",
"token_type": "mailchimp_api_key"
}
Get secret scanning scan history for a repository
Lists the latest incremental and backfill scans by type for a repository.
OAuth app tokens and personal access tokens (classic) need the repo
or security_events
scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo
scope instead.
Tokens de acesso refinados para "Get secret scanning scan history for a repository"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Secret scanning alerts" repository permissions (read)
Parâmetros para "Get secret scanning scan history for a repository"
Nome, Tipo, Descrição |
---|
accept string Setting to |
Nome, Tipo, Descrição |
---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
Códigos de status de resposta HTTP para "Get secret scanning scan history for a repository"
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository does not have GitHub Advanced Security or secret scanning enabled |
503 | Service unavailable |
Exemplos de código para "Get secret scanning scan history for a repository"
Se você acessar o GitHub em GHE.com, substitua api.github.com
pelo subdomínio dedicado da sua empresa em api.SUBDOMAIN.ghe.com
.
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/secret-scanning/scan-history
Response
Status: 200
{
"incremental_scans": [
{
"type": "git",
"status": "completed",
"completed_at": "2024-10-07T02:47:00Z"
}
],
"backfill_scans": [
{
"type": "git",
"status": "completed",
"started_at": "2024-10-07T02:47:00Z",
"completed_at": "2024-10-07T02:50:00Z"
},
{
"type": "issue",
"status": "completed",
"started_at": "2024-10-07T02:47:00Z",
"completed_at": "2024-10-07T02:49:00Z"
},
{
"type": "discussion",
"status": "completed",
"started_at": "2024-10-07T02:47:00Z",
"completed_at": "2024-10-07T02:48:00Z"
}
],
"pattern_update_scans": [
{
"type": "discussion",
"status": "in_progress",
"started_at": "2024-10-07T02:47:00Z",
"completed_at": "2024-10-07T02:51:00Z"
}
],
"custom_pattern_backfill_scans": [
{
"type": "git",
"status": "completed",
"started_at": "2024-10-07T02:47:00Z",
"completed_at": "2024-10-07T02:55:00Z",
"pattern_slug": "my-custom-pattern",
"pattern_scope": "enterprise"
},
{
"type": "git",
"status": "completed",
"started_at": "2024-10-07T02:47:00Z",
"completed_at": "2024-10-07T02:55:00Z",
"pattern_slug": "my-custom-pattern",
"pattern_scope": "organization"
}
]
}