Varredura secreta

Use a API a digitalização de segredo para recuperar e atualizar alertas de segredos de um repositório.

Observação: A API de varredura secreta está atualmente em fase beta e sujeita a alterações.

Sobre a API de digitalização de segredo

A API de varredura secreta permite que você recuperar e atualizar alertas de varredura secreta de um repositório.

Para obter mais informações sobre varredura secreta, consulte "Sobre varredura secreta."

List secret scanning alerts for a repository

Lists secret scanning alerts for a private repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

Parâmetros

Headers
Nome, Tipo, Descrição
`accept`string Setting to `application/vnd.github.v3+json` is recommended.
Path parameters
Nome, Tipo, Descrição
`owner`stringObrigatório The account owner of the repository. The name is not case sensitive.
`repo`stringObrigatório The name of the repository. The name is not case sensitive.
Parâmetros de consulta
Nome, Tipo, Descrição
`state`string Set to `open` or `resolved` to only list secret scanning alerts in a specific state. Pode ser uma das ações a seguir: `open`, `resolved`
`secret_type`string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types.
`resolution`string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are `false_positive`, `wont_fix`, `revoked`, `pattern_edited`, `pattern_deleted` or `used_in_tests`.
`page`integer Page number of the results to fetch. Padrão: `1`
`per_page`integer The number of results per page (max 100). Padrão: `30`

HTTP response status codes

Status code	Descrição
`200`	OK
`404`	Repository is public or secret scanning is disabled for the repository
`503`	Service unavailable

Amostras de código

get/repos/{owner}/{repo}/secret-scanning/alerts

curl \
  -H "Accept: application/vnd.github.v3+json" \ 
  -H "Authorization: token <TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts

Response

Status: 200

[
  {
    "number": 2,
    "created_at": "2020-11-06T18:48:51Z",
    "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
    "html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
    "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
    "state": "resolved",
    "resolution": "false_positive",
    "resolved_at": "2020-11-07T02:47:13Z",
    "resolved_by": {
      "login": "monalisa",
      "id": 2,
      "node_id": "MDQ6VXNlcjI=",
      "avatar_url": "https://alambic.github.com/avatars/u/2?",
      "gravatar_id": "",
      "url": "https://api.github.com/users/monalisa",
      "html_url": "https://github.com/monalisa",
      "followers_url": "https://api.github.com/users/monalisa/followers",
      "following_url": "https://api.github.com/users/monalisa/following{/other_user}",
      "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
      "organizations_url": "https://api.github.com/users/monalisa/orgs",
      "repos_url": "https://api.github.com/users/monalisa/repos",
      "events_url": "https://api.github.com/users/monalisa/events{/privacy}",
      "received_events_url": "https://api.github.com/users/monalisa/received_events",
      "type": "User",
      "site_admin": true
    },
    "secret_type": "adafruit_io_key",
    "secret_type_display_name": "Adafruit IO Key",
    "secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  },
  {
    "number": 1,
    "created_at": "2020-11-06T18:18:30Z",
    "url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
    "html_url": "https://github.com/owner/repo/security/secret-scanning/1",
    "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
    "state": "open",
    "resolution": null,
    "resolved_at": null,
    "resolved_by": null,
    "secret_type": "mailchimp_api_key",
    "secret_type_display_name": "Mailchimp API Key",
    "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
  }
]

Get a secret scanning alert

Works with GitHub Apps

Gets a single secret scanning alert detected in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.

Parâmetros

Headers
Nome, Tipo, Descrição
`accept`string Setting to `application/vnd.github.v3+json` is recommended.
Path parameters
Nome, Tipo, Descrição
`owner`stringObrigatório The account owner of the repository. The name is not case sensitive.
`repo`stringObrigatório The name of the repository. The name is not case sensitive.
`alert_number`integerObrigatório The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the `number` field in the response from the `GET /repos/{owner}/{repo}/code-scanning/alerts` operation.

HTTP response status codes

Status code	Descrição
`200`	OK
`304`	Not modified
`404`	Repository is public, or secret scanning is disabled for the repository, or the resource is not found
`503`	Service unavailable

Amostras de código

get/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}

curl \
  -H "Accept: application/vnd.github.v3+json" \ 
  -H "Authorization: token <TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER

Response

Status: 200

{
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
  "state": "open",
  "secret_type": "mailchimp_api_key",
  "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}

Update a secret scanning alert

Works with GitHub Apps

Updates the status of a secret scanning alert in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo scope or security_events scope.

GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint.

Parâmetros

Headers
Nome, Tipo, Descrição
`accept`string Setting to `application/vnd.github.v3+json` is recommended.
Path parameters
Nome, Tipo, Descrição
`owner`stringObrigatório The account owner of the repository. The name is not case sensitive.
`repo`stringObrigatório The name of the repository. The name is not case sensitive.
`alert_number`integerObrigatório The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the `number` field in the response from the `GET /repos/{owner}/{repo}/code-scanning/alerts` operation.
Body parameters
Nome, Tipo, Descrição
`state`stringObrigatório Sets the state of the secret scanning alert. Can be either `open` or `resolved`. You must provide `resolution` when you set the state to `resolved`. Pode ser uma das ações a seguir: `open`, `resolved`
`resolution`string or null Required when the `state` is `resolved`. The reason for resolving the alert. Pode ser uma das ações a seguir: , `false_positive`, `wont_fix`, `revoked`, `used_in_tests`

HTTP response status codes

Status code	Descrição
`200`	OK
`404`	Repository is public, or secret scanning is disabled for the repository, or the resource is not found
`422`	State does not match the resolution
`503`	Service unavailable

Amostras de código

patch/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}

curl \
  -X PATCH \
  -H "Accept: application/vnd.github.v3+json" \ 
  -H "Authorization: token <TOKEN>" \
  http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
  -d '{"state":"resolved","resolution":"false_positive"}'

Response

Status: 200

{
  "number": 42,
  "created_at": "2020-11-06T18:18:30Z",
  "url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
  "html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
  "locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
  "state": "resolved",
  "resolution": "used_in_tests",
  "resolved_at": "2020-11-16T22:42:07Z",
  "resolved_by": {
    "login": "monalisa",
    "id": 2,
    "node_id": "MDQ6VXNlcjI=",
    "avatar_url": "https://alambic.github.com/avatars/u/2?",
    "gravatar_id": "",
    "url": "https://api.github.com/users/monalisa",
    "html_url": "https://github.com/monalisa",
    "followers_url": "https://api.github.com/users/monalisa/followers",
    "following_url": "https://api.github.com/users/monalisa/following{/other_user}",
    "gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
    "organizations_url": "https://api.github.com/users/monalisa/orgs",
    "repos_url": "https://api.github.com/users/monalisa/repos",
    "events_url": "https://api.github.com/users/monalisa/events{/privacy}",
    "received_events_url": "https://api.github.com/users/monalisa/received_events",
    "type": "User",
    "site_admin": true
  },
  "secret_type": "mailchimp_api_key",
  "secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}