Skip to main content
REST API 现已经过版本控制。 有关详细信息,请参阅“关于 API 版本控制”。

项目证明的 REST API 终结点

使用 REST API 来管理项目证明。

List attestations

List a collection of artifact attestations with a given subject digest that are associated with repositories owned by a user.

The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the attestations:read permission is required.

Please note: in order to offer meaningful security benefits, an attestation's signature and timestamps must be cryptographically verified, and the identity of the attestation signer must be validated. Attestations can be verified using the GitHub CLI attestation verify command. For more information, see our guide on how to use artifact attestations to establish a build's provenance.

“List attestations”的细粒度访问令牌

此端点支持以下精细令牌类型:

精细令牌不需要任何权限。

如果仅请求公共资源,则无需身份验证即可使用此终结点。

“List attestations”的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
username string 必须

The handle for the GitHub user account.

subject_digest string 必须

Subject Digest

查询参数
名称, 类型, 说明
per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

默认: 30

before string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."

after string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

“List attestations”的 HTTP 响应状态代码

状态代码说明
200

OK

201

Created

204

No Content

404

Resource not found

“List attestations”的示例代码

如果你通过 GHE.com 访问 GitHub,请将 api.github.com 替换为你的企业在 api.SUBDOMAIN.ghe.com 上的专用子域。

请求示例

get/users/{username}/attestations/{subject_digest}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/users/USERNAME/attestations/SUBJECT_DIGEST

Response