Esta versão do GitHub Enterprise foi descontinuada em 2022-10-12. Nenhum lançamento de patch será feito, mesmo para questões críticas de segurança. Para obter melhor desempenho, segurança aprimorada e novos recursos, atualize para a última versão do GitHub Enterprise. Para obter ajuda com a atualização, entre em contato com o suporte do GitHub Enterprise.
Verificação de segredo
Use a API a digitalização de segredo para recuperar e atualizar alertas de segredos de um repositório.
Observação: atualmente, a API da secret scanning está em versão beta e sujeita a alterações.
Sobre a API de Verificação de segredos
A API do secret scanning permite que você:
- Habilite ou desabilite a secret scanning em um repositório. Para obter mais informações, confira "Repositórios" e expanda a seção "Propriedades do objeto
security_and_analysis
" na documentação da API REST. - Recuperar e atualizar os alertas da secret scanning de um repositório. Para obter mais detalhes, confira as seções abaixo.
Para obter mais informações sobre a secret scanning, confira "Sobre a secret scanning".
List secret scanning alerts for a repository
Lists secret scanning alerts for a private repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parâmetros
Headers |
---|
Name, Type, Description |
accept stringSetting to |
Path parameters |
Name, Type, Description |
owner stringRequiredThe account owner of the repository. The name is not case sensitive. |
repo stringRequiredThe name of the repository. The name is not case sensitive. |
Query parameters |
Name, Type, Description |
state stringSet to Can be one of: |
secret_type stringA comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution stringA comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
page integerPage number of the results to fetch. Default: |
per_page integerThe number of results per page (max 100). Default: |
Códigos de status de resposta HTTP
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public or secret scanning is disabled for the repository |
503 | Service unavailable |
Exemplos de código
curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
Get a secret scanning alert
Gets a single secret scanning alert detected in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parâmetros
Headers |
---|
Name, Type, Description |
accept stringSetting to |
Path parameters |
Name, Type, Description |
owner stringRequiredThe account owner of the repository. The name is not case sensitive. |
repo stringRequiredThe name of the repository. The name is not case sensitive. |
alert_number integerRequiredThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Códigos de status de resposta HTTP
Código de status | Descrição |
---|---|
200 | OK |
304 | Not modified |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Exemplos de código
curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "open",
"secret_type": "mailchimp_api_key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}
Update a secret scanning alert
Updates the status of a secret scanning alert in a private repository. To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with the repo
scope or security_events
scope.
GitHub Apps must have the secret_scanning_alerts
write permission to use this endpoint.
Parâmetros
Headers |
---|
Name, Type, Description |
accept stringSetting to |
Path parameters |
Name, Type, Description |
owner stringRequiredThe account owner of the repository. The name is not case sensitive. |
repo stringRequiredThe name of the repository. The name is not case sensitive. |
alert_number integerRequiredThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Body parameters |
Name, Type, Description |
state stringRequiredSets the state of the secret scanning alert. You must provide Can be one of: |
resolution string or nullRequired when the Can be one of: |
Códigos de status de resposta HTTP
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
422 | State does not match the resolution |
503 | Service unavailable |
Exemplos de código
curl \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
-d '{"state":"resolved","resolution":"false_positive"}'
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://api.github.com/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "resolved",
"resolution": "used_in_tests",
"resolved_at": "2020-11-16T22:42:07Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://api.github.com/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://api.github.com/users/monalisa/followers",
"following_url": "https://api.github.com/users/monalisa/following{/other_user}",
"gists_url": "https://api.github.com/users/monalisa/gists{/gist_id}",
"starred_url": "https://api.github.com/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/monalisa/subscriptions",
"organizations_url": "https://api.github.com/users/monalisa/orgs",
"repos_url": "https://api.github.com/users/monalisa/repos",
"events_url": "https://api.github.com/users/monalisa/events{/privacy}",
"received_events_url": "https://api.github.com/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "mailchimp_api_key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2"
}