Secret scanning
Use the REST API to retrieve and update secret alerts from a repository.
Observação: atualmente, os pontos de extremidade para gerenciar o secret scanning estão em versão beta e sujeitos a alterações.
Sobre a verificação de segredo
Você pode usar a API para:
- Habilite ou desabilite a secret scanning e a proteção por push em um repositório. Para obter mais informações, confira "Repositórios" e expanda a seção "Propriedades do objeto
security_and_analysis
" na documentação da API REST. - Recupere e atualize alertas de verificação de segredo por meio de um repositório. Para obter mais detalhes, confira as seções abaixo.
Para obter mais informações sobre a secret scanning, confira "Sobre a secret scanning".
List secret scanning alerts for an enterprise
Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo
scope or security_events
scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.
Parâmetros para "List secret scanning alerts for an enterprise"
Cabeçalhos |
---|
Nome, Type, Descrição |
accept string Setting to |
Parâmetros de caminho |
Nome, Type, Descrição |
enterprise string ObrigatórioThe slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Parâmetros de consulta |
Nome, Type, Descrição |
state string Set to Pode ser um dos: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
per_page integer The number of results per page (max 100). Padrão: |
before string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. |
after string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. |
Códigos de status de resposta HTTP para "List secret scanning alerts for an enterprise"
Código de status | Descrição |
---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Exemplos de código para "List secret scanning alerts for an enterprise"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
List secret scanning alerts for an organization
Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parâmetros para "List secret scanning alerts for an organization"
Cabeçalhos |
---|
Nome, Type, Descrição |
accept string Setting to |
Parâmetros de caminho |
Nome, Type, Descrição |
org string ObrigatórioThe organization name. The name is not case sensitive. |
Parâmetros de consulta |
Nome, Type, Descrição |
state string Set to Pode ser um dos: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
page integer Page number of the results to fetch. Padrão: |
per_page integer The number of results per page (max 100). Padrão: |
before string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string. |
after string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string. |
Códigos de status de resposta HTTP para "List secret scanning alerts for an organization"
Código de status | Descrição |
---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Exemplos de código para "List secret scanning alerts for an organization"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/orgs/ORG/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"repository": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://HOSTNAME/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://HOSTNAME/users/octocat/followers",
"following_url": "https://HOSTNAME/users/octocat/following{/other_user}",
"gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions",
"organizations_url": "https://HOSTNAME/users/octocat/orgs",
"repos_url": "https://HOSTNAME/users/octocat/repos",
"events_url": "https://HOSTNAME/users/octocat/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://HOSTNAME/repos/octocat/Hello-World",
"archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}",
"commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors",
"deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments",
"downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads",
"events_url": "https://HOSTNAME/repos/octocat/Hello-World/events",
"forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks",
"git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}",
"issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}",
"keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}",
"languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages",
"merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges",
"milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}",
"stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers",
"statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers",
"subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription",
"tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags",
"teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams",
"trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}",
"hooks_url": "https://HOSTNAME/repos/octocat/Hello-World/hooks"
},
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
List secret scanning alerts for a repository
Lists secret scanning alerts for an eligible repository, from newest to oldest.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parâmetros para "List secret scanning alerts for a repository"
Cabeçalhos |
---|
Nome, Type, Descrição |
accept string Setting to |
Parâmetros de caminho |
Nome, Type, Descrição |
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository. The name is not case sensitive. |
Parâmetros de consulta |
Nome, Type, Descrição |
state string Set to Pode ser um dos: |
secret_type string A comma-separated list of secret types to return. By default all secret types are returned. See "Secret scanning patterns" for a complete list of secret types. |
resolution string A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are |
sort string The property to sort the results by. Padrão: Pode ser um dos: |
direction string The direction to sort the results by. Padrão: Pode ser um dos: |
page integer Page number of the results to fetch. Padrão: |
per_page integer The number of results per page (max 100). Padrão: |
before string A cursor, as given in the Link header. If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string. |
after string A cursor, as given in the Link header. If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string. |
Códigos de status de resposta HTTP para "List secret scanning alerts for a repository"
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public or secret scanning is disabled for the repository |
503 | Service unavailable |
Exemplos de código para "List secret scanning alerts for a repository"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts
Response
Status: 200
[
{
"number": 2,
"created_at": "2020-11-06T18:48:51Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/2",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/2/locations",
"state": "resolved",
"resolution": "false_positive",
"resolved_at": "2020-11-07T02:47:13Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "adafruit_io_key",
"secret_type_display_name": "Adafruit IO Key",
"secret": "aio_XXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"push_protection_bypassed_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"push_protection_bypassed": true,
"push_protection_bypassed_at": "2020-11-06T21:48:51Z"
},
{
"number": 1,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/repo/secret-scanning/alerts/1",
"html_url": "https://github.com/owner/repo/security/secret-scanning/1",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/1/locations",
"state": "open",
"resolution": null,
"resolved_at": null,
"resolved_by": null,
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed_by": null,
"push_protection_bypassed": false,
"push_protection_bypassed_at": null
}
]
Get a secret scanning alert
Gets a single secret scanning alert detected in an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parâmetros para "Get a secret scanning alert"
Cabeçalhos |
---|
Nome, Type, Descrição |
accept string Setting to |
Parâmetros de caminho |
Nome, Type, Descrição |
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository. The name is not case sensitive. |
alert_number integer ObrigatórioThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Códigos de status de resposta HTTP para "Get a secret scanning alert"
Código de status | Descrição |
---|---|
200 | OK |
304 | Not modified |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Exemplos de código para "Get a secret scanning alert"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "open",
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed": false
}
Update a secret scanning alert
Updates the status of a secret scanning alert in an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
write permission to use this endpoint.
Parâmetros para "Update a secret scanning alert"
Cabeçalhos |
---|
Nome, Type, Descrição |
accept string Setting to |
Parâmetros de caminho |
Nome, Type, Descrição |
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository. The name is not case sensitive. |
alert_number integer ObrigatórioThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Parâmetros do corpo |
Nome, Type, Descrição |
state string ObrigatórioSets the state of the secret scanning alert. You must provide Pode ser um dos: |
resolution string or null Required when the Pode ser um dos: |
Códigos de status de resposta HTTP para "Update a secret scanning alert"
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
422 | State does not match the resolution |
503 | Service unavailable |
Exemplos de código para "Update a secret scanning alert"
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER \
-d '{"state":"resolved","resolution":"false_positive"}'
Response
Status: 200
{
"number": 42,
"created_at": "2020-11-06T18:18:30Z",
"url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42",
"html_url": "https://github.com/owner/private-repo/security/secret-scanning/42",
"locations_url": "https://HOSTNAME/repos/owner/private-repo/secret-scanning/alerts/42/locations",
"state": "resolved",
"resolution": "used_in_tests",
"resolved_at": "2020-11-16T22:42:07Z",
"resolved_by": {
"login": "monalisa",
"id": 2,
"node_id": "MDQ6VXNlcjI=",
"avatar_url": "https://alambic.github.com/avatars/u/2?",
"gravatar_id": "",
"url": "https://HOSTNAME/users/monalisa",
"html_url": "https://github.com/monalisa",
"followers_url": "https://HOSTNAME/users/monalisa/followers",
"following_url": "https://HOSTNAME/users/monalisa/following{/other_user}",
"gists_url": "https://HOSTNAME/users/monalisa/gists{/gist_id}",
"starred_url": "https://HOSTNAME/users/monalisa/starred{/owner}{/repo}",
"subscriptions_url": "https://HOSTNAME/users/monalisa/subscriptions",
"organizations_url": "https://HOSTNAME/users/monalisa/orgs",
"repos_url": "https://HOSTNAME/users/monalisa/repos",
"events_url": "https://HOSTNAME/users/monalisa/events{/privacy}",
"received_events_url": "https://HOSTNAME/users/monalisa/received_events",
"type": "User",
"site_admin": true
},
"secret_type": "mailchimp_api_key",
"secret_type_display_name": "Mailchimp API Key",
"secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-us2",
"push_protection_bypassed": false
}
List locations for a secret scanning alert
Lists all locations for a given secret scanning alert for an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have the secret_scanning_alerts
read permission to use this endpoint.
Parâmetros para "List locations for a secret scanning alert"
Cabeçalhos |
---|
Nome, Type, Descrição |
accept string Setting to |
Parâmetros de caminho |
Nome, Type, Descrição |
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository. The name is not case sensitive. |
alert_number integer ObrigatórioThe number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the |
Parâmetros de consulta |
Nome, Type, Descrição |
page integer Page number of the results to fetch. Padrão: |
per_page integer The number of results per page (max 100). Padrão: |
Códigos de status de resposta HTTP para "List locations for a secret scanning alert"
Código de status | Descrição |
---|---|
200 | OK |
404 | Repository is public, or secret scanning is disabled for the repository, or the resource is not found |
503 | Service unavailable |
Exemplos de código para "List locations for a secret scanning alert"
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/secret-scanning/alerts/ALERT_NUMBER/locations
Response
Status: 200
[
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 1,
"end_line": 1,
"start_column": 1,
"end_column": 64,
"blob_sha": "af5626b4a114abcb82d63db7c8082c3c4756e51b",
"blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/af5626b4a114abcb82d63db7c8082c3c4756e51b",
"commit_sha": "f14d7debf9775f957cf4f1e8176da0786431f72b",
"commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/f14d7debf9775f957cf4f1e8176da0786431f72b"
}
},
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 5,
"end_line": 5,
"start_column": 1,
"end_column": 64,
"blob_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
"blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/9def38117ab2d8355b982429aa924e268b4b0065",
"commit_sha": "588483b99a46342501d99e3f10630cfc1219ea32",
"commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/588483b99a46342501d99e3f10630cfc1219ea32"
}
},
{
"type": "commit",
"details": {
"path": "/example/secrets.txt",
"start_line": 12,
"end_line": 12,
"start_column": 1,
"end_column": 64,
"blob_sha": "0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
"blob_url": "https://HOSTNAME/repos/octocat/hello-world/git/blobs/0b33e9c66e19f7fb15137a82ff1c04c10cba6caf",
"commit_sha": "9def38117ab2d8355b982429aa924e268b4b0065",
"commit_url": "https://HOSTNAME/repos/octocat/hello-world/git/commits/9def38117ab2d8355b982429aa924e268b4b0065"
}
}
]