Skip to main content
REST API 现已经过版本控制。 有关详细信息,请参阅“关于 API 版本控制”。

适用于企业代码安全性和分析的 REST API 终结点

使用 REST API 管理企业的代码安全性和分析功能。

Note

这些终结点仅支持使用 personal access token (classic) 进行身份验证。 有关详细信息,请参阅“管理个人访问令牌”。

Get code security and analysis features for an enterprise

Gets code security and analysis settings for the specified enterprise.

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

“Get code security and analysis features for an enterprise”的细粒度访问令牌

此终结点不适用于 GitHub 应用程序用户访问令牌、GitHub 应用程序安装访问令牌或细粒度个人访问令牌。

“Get code security and analysis features for an enterprise”的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
enterprise string 必须

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

“Get code security and analysis features for an enterprise”的 HTTP 响应状态代码

状态代码说明
200

OK

404

Resource not found

“Get code security and analysis features for an enterprise”的示例代码

请求示例

get/enterprises/{enterprise}/code_security_and_analysis
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/code_security_and_analysis

Response

Status: 200
{ "advanced_security_enabled_for_new_repositories": true, "dependabot_alerts_enabled_for_new_repositories": true, "secret_scanning_enabled_for_new_repositories": true, "secret_scanning_push_protection_enabled_for_new_repositories": true, "secret_scanning_push_protection_custom_link": "https://github.com/test-org/test-repo/blob/main/README.md", "secret_scanning_non_provider_patterns_enabled_for_new_repositories": true }

Update code security and analysis features for an enterprise

Updates the settings for advanced security, Dependabot alerts, secret scanning, and push protection for new repositories in an enterprise.

The authenticated user must be an administrator of the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

“Update code security and analysis features for an enterprise”的细粒度访问令牌

此终结点不适用于 GitHub 应用程序用户访问令牌、GitHub 应用程序安装访问令牌或细粒度个人访问令牌。

“Update code security and analysis features for an enterprise”的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
enterprise string 必须

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

正文参数
名称, 类型, 说明
advanced_security_enabled_for_new_repositories boolean

Whether GitHub Advanced Security is automatically enabled for new repositories. For more information, see "About GitHub Advanced Security."

advanced_security_enabled_new_user_namespace_repos boolean

Whether GitHub Advanced Security is automatically enabled for new user namespace repositories. For more information, see "About GitHub Advanced Security."

dependabot_alerts_enabled_for_new_repositories boolean

Whether Dependabot alerts are automatically enabled for new repositories. For more information, see "About Dependabot alerts."

secret_scanning_enabled_for_new_repositories boolean

Whether secret scanning is automatically enabled for new repositories. For more information, see "About secret scanning."

secret_scanning_push_protection_enabled_for_new_repositories boolean

Whether secret scanning push protection is automatically enabled for new repositories. For more information, see "Protecting pushes with secret scanning."

secret_scanning_push_protection_custom_link string or null

The URL that will be displayed to contributors who are blocked from pushing a secret. For more information, see "Protecting pushes with secret scanning." To disable this functionality, set this field to null.

secret_scanning_non_provider_patterns_enabled_for_new_repositories boolean or null

Whether secret scanning of non-provider patterns is enabled for new repositories under this enterprise.

“Update code security and analysis features for an enterprise”的 HTTP 响应状态代码

状态代码说明
204

Action started

404

Resource not found

422

The action could not be taken due to an in progress enablement, or a policy is preventing enablement

“Update code security and analysis features for an enterprise”的示例代码

请求示例

patch/enterprises/{enterprise}/code_security_and_analysis
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/code_security_and_analysis \ -d '{"advanced_security_enabled_for_new_repositories":true,"advanced_security_enabled_new_user_namespace_repos":true,"dependabot_alerts_enabled_for_new_repositories":true,"secret_scanning_enabled_for_new_repositories":true,"secret_scanning_push_protection_enabled_for_new_repositories":true,"secret_scanning_push_protection_custom_link":"https://github.com/test-org/test-repo/blob/main/README.md","secret_scanning_non_provider_patterns_enabled_for_new_repositories":true}'

Action started

Status: 204

Enable or disable a security feature

Enables or disables the specified security feature for all repositories in an enterprise.

The authenticated user must be an administrator of the enterprise to use this endpoint.

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

“Enable or disable a security feature”的细粒度访问令牌

此终结点不适用于 GitHub 应用程序用户访问令牌、GitHub 应用程序安装访问令牌或细粒度个人访问令牌。

“Enable or disable a security feature”的参数

标头
名称, 类型, 说明
accept string

Setting to application/vnd.github+json is recommended.

路径参数
名称, 类型, 说明
enterprise string 必须

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

security_product string 必须

The security feature to enable or disable.

可以是以下选项之一: advanced_security, advanced_security_user_namespace, dependabot_alerts, secret_scanning, secret_scanning_push_protection, secret_scanning_non_provider_patterns

enablement string 必须

The action to take.

enable_all means to enable the specified security feature for all repositories in the enterprise. disable_all means to disable the specified security feature for all repositories in the enterprise.

可以是以下选项之一: enable_all, disable_all

“Enable or disable a security feature”的 HTTP 响应状态代码

状态代码说明
204

Action started

404

Resource not found

422

The action could not be taken due to an in progress enablement, or a policy is preventing enablement

“Enable or disable a security feature”的示例代码

请求示例

post/enterprises/{enterprise}/{security_product}/{enablement}
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ http(s)://HOSTNAME/api/v3/enterprises/ENTERPRISE/SECURITY_PRODUCT/ENABLEMENT

Action started

Status: 204