项目证明的 REST API 终结点
使用 REST API 来管理项目证明。
List attestations
List a collection of artifact attestations with a given subject digest that are associated with repositories owned by a user.
The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the attestations:read
permission is required.
Please note: in order to offer meaningful security benefits, an attestation's signature and timestamps must be cryptographically verified, and the identity of the attestation signer must be validated. Attestations can be verified using the GitHub CLI attestation verify
command. For more information, see our guide on how to use artifact attestations to establish a build's provenance.
“List attestations”的细粒度访问令牌
此端点支持以下精细令牌类型:
精细令牌不需要任何权限。
如果仅请求公共资源,则无需身份验证即可使用此终结点。
“List attestations”的参数
名称, 类型, 说明 |
---|
accept string Setting to |
名称, 类型, 说明 |
---|
username string 必须The handle for the GitHub user account. |
subject_digest string 必须Subject Digest |
名称, 类型, 说明 |
---|
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." 默认: |
before string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API." |
after string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API." |
“List attestations”的 HTTP 响应状态代码
状态代码 | 说明 |
---|---|
200 | OK |
201 | Created |
204 | No Content |
404 | Resource not found |
“List attestations”的示例代码
如果你通过 GHE.com 访问 GitHub,请将 api.github.com
替换为你的企业在 api.SUBDOMAIN.ghe.com
上的专用子域。
请求示例
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/users/USERNAME/attestations/SUBJECT_DIGEST
Response