Skip to main content

Enterprise Server 3.15 в настоящее время доступен в качестве кандидата на выпуск.

REST API теперь версия. Дополнительные сведения см. в разделе "О управлении версиями API".

Конфигурации

Используйте REST API для создания конфигураций безопасности для организации и управления ими.

Get code security configurations for an organization

Lists all code security configurations available in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Note

The enablement status will only be returned for installed security products.

Подробные маркеры доступа для "Get code security configurations for an organization

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Get code security configurations for an organization"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
target_type string

The target type of the code security configuration

По умолчанию.: all

Возможные значения: global, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

Коды состояния http-ответа для "Get code security configurations for an organization"

Код состоянияОписание
200

OK

403

Forbidden

404

Resource not found

Примеры кода для "Get code security configurations for an organization"

Пример запроса

get/orgs/{org}/code-security/configurations
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations

Response

Status: 200
[ { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "not_set", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 17, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, "target_type": "organization", "name": "High risk settings", "description": "This is a code security configuration for octo-org high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1326", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z", "value": [ { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": null, "dependency_graph_autosubmit_action_options": null, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 17, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, "target_type": "organization", "name": "High risk settings", "description": "This is a code security configuration for octo-org high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": null, "dependency_graph_autosubmit_action_options": null, "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1326", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } ] } ]

Create a code security configuration

Creates a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Note

Only installed security products may be specified in the request body. Specifying an uninstalled security product will result in a validation error.

Подробные маркеры доступа для "Create a code security configuration

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Create a code security configuration"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
name string Обязательное поле

The name of the code security configuration. Must be unique within the organization.

description string Обязательное поле

A description of the code security configuration

advanced_security string

The enablement status of GitHub Advanced Security

По умолчанию.: disabled

Возможные значения: enabled, disabled

dependency_graph string

The enablement status of Dependency Graph. Dependency Graph is not configurable in GitHub Enterprise Server.

По умолчанию.: enabled

Возможные значения: enabled, disabled, not_set

dependabot_alerts string

The enablement status of Dependabot alerts

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

dependabot_security_updates string

The enablement status of Dependabot security updates

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

code_scanning_default_setup string

The enablement status of code scanning default setup

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

secret_scanning string

The enablement status of secret scanning

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

secret_scanning_push_protection string

The enablement status of secret scanning push protection

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

secret_scanning_delegated_bypass string

The enablement status of secret scanning delegated bypass

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

secret_scanning_delegated_bypass_options object

Feature options for secret scanning delegated bypass

Имя., Тип, Description
reviewers array of objects

The bypass reviewers for secret scanning delegated bypass

Имя., Тип, Description
reviewer_id integer Обязательное поле

The ID of the team or role selected as a bypass reviewer

reviewer_type string Обязательное поле

The type of the bypass reviewer

Возможные значения: TEAM, ROLE

secret_scanning_validity_checks string

The enablement status of secret scanning validity checks

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

secret_scanning_non_provider_patterns string

The enablement status of secret scanning non provider patterns

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

private_vulnerability_reporting string

The enablement status of private vulnerability reporting

По умолчанию.: disabled

Возможные значения: enabled, disabled, not_set

enforcement string

The enforcement status for a security configuration

По умолчанию.: enforced

Возможные значения: enforced, unenforced

Коды состояния http-ответа для "Create a code security configuration"

Код состоянияОписание
201

Successfully created code security configuration

Примеры кода для "Create a code security configuration"

Пример запроса

post/orgs/{org}/code-security/configurations
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations \ -d '{"name":"octo-org recommended settings","description":"This is a code security configuration for octo-org","advanced_security":"enabled","dependabot_alerts":"enabled","dependabot_security_updates":"not_set","secret_scanning":"enabled"}'

Successfully created code security configuration

Status: 201
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z", "value": {} }

Get default code security configurations

Lists the default code security configurations for an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

Note

The enablement status will only be returned for installed security products.

Подробные маркеры доступа для "Get default code security configurations

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Get default code security configurations"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Коды состояния http-ответа для "Get default code security configurations"

Код состоянияОписание
200

OK

304

Not modified

403

Forbidden

404

Resource not found

Примеры кода для "Get default code security configurations"

Пример запроса

get/orgs/{org}/code-security/configurations/defaults
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/defaults

Response

Status: 200
[ { "default_for_new_repos": "public", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": null, "dependency_graph_autosubmit_action_options": null, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "enabled", "secret_scanning_delegated_bypass_options": { "reviewers": [ { "security_configuration_id": 1325, "reviewer_id": 5678, "reviewer_type": "TEAM" } ] }, "secret_scanning_validity_checks": "enabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" } }, { "default_for_new_repos": "private_and_internal", "configuration": { "id": 17, "target_type": "global", "name": "GitHub recommended", "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": null, "dependency_graph_autosubmit_action_options": null, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/17", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" } } ]

Detach configurations from repositories

Detach code security configuration(s) from a set of repositories. Repositories will retain their settings but will no longer be associated with the configuration.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Подробные маркеры доступа для "Detach configurations from repositories

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Detach configurations from repositories"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

Параметры запроса
Имя., Тип, Description
selected_repository_ids array of integers

An array of repository IDs to detach from configurations.

Коды состояния http-ответа для "Detach configurations from repositories"

Код состоянияОписание
204

A header with no content is returned.

400

Bad Request

403

Forbidden

404

Resource not found

409

Conflict

Примеры кода для "Detach configurations from repositories"

Пример запроса

delete/orgs/{org}/code-security/configurations/detach
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/detach \ -d '{"selected_repository_ids":[32,91]}'

A header with no content is returned.

Status: 204

Get a code security configuration

Gets a code security configuration available in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Note

The enablement status will only be returned for installed security products.

Подробные маркеры доступа для "Get a code security configuration

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Get a code security configuration"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

configuration_id integer Обязательное поле

The unique identifier of the code security configuration.

Коды состояния http-ответа для "Get a code security configuration"

Код состоянияОписание
200

OK

304

Not modified

403

Forbidden

404

Resource not found

Примеры кода для "Get a code security configuration"

Пример запроса

get/orgs/{org}/code-security/configurations/{configuration_id}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/CONFIGURATION_ID

Response

Status: 200
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z", "value": {} }

Update a code security configuration

Updates a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Note

Only installed security products may be specified in the request body. Specifying an uninstalled security product will result in a validation error.

Подробные маркеры доступа для "Update a code security configuration

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Update a code security configuration"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

configuration_id integer Обязательное поле

The unique identifier of the code security configuration.

Параметры запроса
Имя., Тип, Description
name string

The name of the code security configuration. Must be unique within the organization.

description string

A description of the code security configuration

advanced_security string

The enablement status of GitHub Advanced Security

Возможные значения: enabled, disabled

dependency_graph string

The enablement status of Dependency Graph. Dependency Graph is not configurable in GitHub Enterprise Server.

Возможные значения: enabled, disabled, not_set

dependabot_alerts string

The enablement status of Dependabot alerts

Возможные значения: enabled, disabled, not_set

dependabot_security_updates string

The enablement status of Dependabot security updates

Возможные значения: enabled, disabled, not_set

code_scanning_default_setup string

The enablement status of code scanning default setup

Возможные значения: enabled, disabled, not_set

secret_scanning string

The enablement status of secret scanning

Возможные значения: enabled, disabled, not_set

secret_scanning_push_protection string

The enablement status of secret scanning push protection

Возможные значения: enabled, disabled, not_set

secret_scanning_delegated_bypass string

The enablement status of secret scanning delegated bypass

Возможные значения: enabled, disabled, not_set

secret_scanning_delegated_bypass_options object

Feature options for secret scanning delegated bypass

Имя., Тип, Description
reviewers array of objects

The bypass reviewers for secret scanning delegated bypass

Имя., Тип, Description
reviewer_id integer Обязательное поле

The ID of the team or role selected as a bypass reviewer

reviewer_type string Обязательное поле

The type of the bypass reviewer

Возможные значения: TEAM, ROLE

secret_scanning_validity_checks string

The enablement status of secret scanning validity checks

Возможные значения: enabled, disabled, not_set

secret_scanning_non_provider_patterns string

The enablement status of secret scanning non-provider patterns

Возможные значения: enabled, disabled, not_set

private_vulnerability_reporting string

The enablement status of private vulnerability reporting

Возможные значения: enabled, disabled, not_set

enforcement string

The enforcement status for a security configuration

Возможные значения: enforced, unenforced

Коды состояния http-ответа для "Update a code security configuration"

Код состоянияОписание
200

Response when a configuration is updated

204

Response when no new updates are made

Примеры кода для "Update a code security configuration"

Пример запроса

patch/orgs/{org}/code-security/configurations/{configuration_id}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/CONFIGURATION_ID \ -d '{"name":"octo-org recommended settings v2","secret_scanning":"disabled","code_scanning_default_setup":"enabled"}'

Response when a configuration is updated

Status: 200
{ "id": 1325, "target_type": "organization", "name": "octo-org recommended settings v2", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", "secret_scanning": "disabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }

Delete a code security configuration

Deletes the desired code security configuration from an organization. Repositories attached to the configuration will retain their settings but will no longer be associated with the configuration.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Подробные маркеры доступа для "Delete a code security configuration

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Delete a code security configuration"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

configuration_id integer Обязательное поле

The unique identifier of the code security configuration.

Коды состояния http-ответа для "Delete a code security configuration"

Код состоянияОписание
204

A header with no content is returned.

400

Bad Request

403

Forbidden

404

Resource not found

409

Conflict

Примеры кода для "Delete a code security configuration"

Пример запроса

delete/orgs/{org}/code-security/configurations/{configuration_id}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/CONFIGURATION_ID

A header with no content is returned.

Status: 204

Attach a configuration to repositories

Attach a code security configuration to a set of repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.

If insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Подробные маркеры доступа для "Attach a configuration to repositories

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Attach a configuration to repositories"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

configuration_id integer Обязательное поле

The unique identifier of the code security configuration.

Параметры запроса
Имя., Тип, Description
scope string Обязательное поле

The type of repositories to attach the configuration to. selected means the configuration will be attached to only the repositories specified by selected_repository_ids

Возможные значения: all, all_without_configurations, public, private_or_internal, selected

selected_repository_ids array of integers

An array of repository IDs to attach the configuration to. You can only provide a list of repository ids when the scope is set to selected.

Коды состояния http-ответа для "Attach a configuration to repositories"

Код состоянияОписание
202

Accepted

Примеры кода для "Attach a configuration to repositories"

Пример запроса

post/orgs/{org}/code-security/configurations/{configuration_id}/attach
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/CONFIGURATION_ID/attach \ -d '{"scope":"selected","selected_repository_ids":[32,91]}'

Accepted

Set a code security configuration as a default for an organization

Sets a code security configuration as a default to be applied to new repositories in your organization.

This configuration will be applied to the matching repository type (all, none, public, private and internal) by default when they are created.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Note

The enablement status will only be returned for installed security products.

Подробные маркеры доступа для "Set a code security configuration as a default for an organization

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Set a code security configuration as a default for an organization"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

configuration_id integer Обязательное поле

The unique identifier of the code security configuration.

Параметры запроса
Имя., Тип, Description
default_for_new_repos string

Specify which types of repository this security configuration should be applied to by default.

Возможные значения: all, none, private_and_internal, public

Коды состояния http-ответа для "Set a code security configuration as a default for an organization"

Код состоянияОписание
200

Default successfully changed.

403

Forbidden

404

Resource not found

Примеры кода для "Set a code security configuration as a default for an organization"

Пример запроса

put/orgs/{org}/code-security/configurations/{configuration_id}/defaults
curl -L \ -X PUT \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/CONFIGURATION_ID/defaults \ -d '{"default_for_new_repos":"all"}'

Default successfully changed.

Status: 200
{ "default_for_new_repos": "all", "configuration": { "value": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z", "value": {} } } }

Get repositories associated with a code security configuration

Lists the repositories associated with a code security configuration in an organization.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

Подробные маркеры доступа для "Get repositories associated with a code security configuration

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" organization permissions (write)

Параметры для "Get repositories associated with a code security configuration"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
org string Обязательное поле

The organization name. The name is not case sensitive.

configuration_id integer Обязательное поле

The unique identifier of the code security configuration.

Параметры запроса
Имя., Тип, Description
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

По умолчанию.: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

status string

A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.

Can be: all, attached, attaching, detached, removed, enforced, failed, updating, removed_by_enterprise

По умолчанию.: all

Коды состояния http-ответа для "Get repositories associated with a code security configuration"

Код состоянияОписание
200

OK

403

Forbidden

404

Resource not found

Примеры кода для "Get repositories associated with a code security configuration"

Пример запроса

get/orgs/{org}/code-security/configurations/{configuration_id}/repositories
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/orgs/ORG/code-security/configurations/CONFIGURATION_ID/repositories

Example of code security configuration repositories

Status: 200
[ { "status": "attached", "repository": { "value": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://HOSTNAME/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://HOSTNAME/users/octocat/followers", "following_url": "https://HOSTNAME/users/octocat/following{/other_user}", "gists_url": "https://HOSTNAME/users/octocat/gists{/gist_id}", "starred_url": "https://HOSTNAME/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://HOSTNAME/users/octocat/subscriptions", "organizations_url": "https://HOSTNAME/users/octocat/orgs", "repos_url": "https://HOSTNAME/users/octocat/repos", "events_url": "https://HOSTNAME/users/octocat/events{/privacy}", "received_events_url": "https://HOSTNAME/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://HOSTNAME/repos/octocat/Hello-World", "archive_url": "https://HOSTNAME/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://HOSTNAME/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://HOSTNAME/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://HOSTNAME/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://HOSTNAME/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://HOSTNAME/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://HOSTNAME/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://HOSTNAME/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://HOSTNAME/repos/octocat/Hello-World/contributors", "deployments_url": "https://HOSTNAME/repos/octocat/Hello-World/deployments", "downloads_url": "https://HOSTNAME/repos/octocat/Hello-World/downloads", "events_url": "https://HOSTNAME/repos/octocat/Hello-World/events", "forks_url": "https://HOSTNAME/repos/octocat/Hello-World/forks", "git_commits_url": "https://HOSTNAME/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://HOSTNAME/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://HOSTNAME/repos/octocat/Hello-World/git/tags{/sha}", "git_url": "git:github.com/octocat/Hello-World.git", "issue_comment_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://HOSTNAME/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://HOSTNAME/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://HOSTNAME/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://HOSTNAME/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://HOSTNAME/repos/octocat/Hello-World/languages", "merges_url": "https://HOSTNAME/repos/octocat/Hello-World/merges", "milestones_url": "https://HOSTNAME/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://HOSTNAME/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://HOSTNAME/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://HOSTNAME/repos/octocat/Hello-World/releases{/id}", "ssh_url": "git@github.com:octocat/Hello-World.git", "stargazers_url": "https://HOSTNAME/repos/octocat/Hello-World/stargazers", "statuses_url": "https://HOSTNAME/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://HOSTNAME/repos/octocat/Hello-World/subscribers", "subscription_url": "https://HOSTNAME/repos/octocat/Hello-World/subscription", "tags_url": "https://HOSTNAME/repos/octocat/Hello-World/tags", "teams_url": "https://HOSTNAME/repos/octocat/Hello-World/teams", "trees_url": "https://HOSTNAME/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "http://HOSTNAME/repos/octocat/Hello-World/hooks" } } } ]

Get the code security configuration associated with a repository

Get the code security configuration that manages a repository's code security settings.

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

Подробные маркеры доступа для "Get the code security configuration associated with a repository

Эта конечная точка работает со следующими точными типами маркеров:

Маркер с точной детализацией должен иметь следующий набор разрешений.:

  • "Administration" repository permissions (read)

Параметры для "Get the code security configuration associated with a repository"

Заголовки
Имя., Тип, Description
accept string

Setting to application/vnd.github+json is recommended.

Параметры пути
Имя., Тип, Description
owner string Обязательное поле

The account owner of the repository. The name is not case sensitive.

repo string Обязательное поле

The name of the repository without the .git extension. The name is not case sensitive.

Коды состояния http-ответа для "Get the code security configuration associated with a repository"

Код состоянияОписание
200

OK

204

A header with no content is returned.

304

Not modified

403

Forbidden

404

Resource not found

Примеры кода для "Get the code security configuration associated with a repository"

Пример запроса

get/repos/{owner}/{repo}/code-security-configuration
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/code-security-configuration

Response

Status: 200
{ "status": "attached", "configuration": { "id": 1325, "target_type": "organization", "name": "octo-org recommended settings", "description": "This is a code security configuration for octo-org", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", "dependency_graph_autosubmit_action_options": { "labeled_runners": false }, "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", "url": "https://HOSTNAME/orgs/octo-org/code-security/configurations/1325", "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }, "value": { "configuration": { "dependency_graph_autosubmit_action": null, "dependency_graph_autosubmit_action_options": null, "private_vulnerability_reporting": null } } }