Die REST-API verfügt jetzt über eine Versionskontrolle. Weitere Informationen findest du unter Informationen zur API-Versionsverwaltung.

Anforderungen zur Schließung von Warnungen

Verwende die REST-API, um Anforderungen zur Schließung von Warnungen für die Geheimnisüberprüfung zu verwalten.

List alert dismissal requests for secret scanning for an org

Lists requests to dismiss secret scanning alerts in an org.

Delegated alert dismissal must be enabled on repositories in the org and the user must be an org admin, security manager, or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint.

Differenzierte Zugriffstoken für "List alert dismissal requests for secret scanning for an org"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read)

Parameter für „List alert dismissal requests for secret scanning for an org“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
org string Erforderlich

The organization name. The name is not case sensitive.

Abfrageparameter
repository_name string

The name of the repository to filter on.

reviewer string

Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.

requester string

Filter bypass requests by the handle of the GitHub user who requested the bypass.

time_period string

The time period to filter by.

For example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for rule suites that occurred in the past 7 days (168 hours).

Standard: day

Kann eine der Folgenden sein: hour, day, week, month

request_status string

The status of the dismissal request to filter on. When specified, only requests with this status will be returned.

Standard: all

Kann eine der Folgenden sein: completed, cancelled, approved, expired, denied, open, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

HTTP-Antwortstatuscodes für „List alert dismissal requests for secret scanning for an org“

StatuscodeBESCHREIBUNG
200

A list of the alert dismissal requests.

403

Forbidden

404

Resource not found

500

Internal Error

Codebeispiele für „List alert dismissal requests for secret scanning for an org“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

get/orgs/{org}/dismissal-requests/secret-scanning
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/dismissal-requests/secret-scanning

A list of the alert dismissal requests.

Status: 200
[ { "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning_closure", "data": [ { "secret_type": "adafruit_io_key", "alert_number": 17, "reason": "false_positive" } ], "resource_identifier": 17, "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/21", "html_url": "https://github.com/octo-org/smile/security/secret-scanning/17" }, { "id": 22, "number": 43, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning_closure", "data": [ { "secret_type": "adafruit_io_key", "alert_number": 19 } ], "resource_identifier": 19, "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 46, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "approved", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/22", "html_url": "https://github.com/octo-org/smile/security/secret-scanning/19" } ]

List alert dismissal requests for secret scanning for a repository

Lists requests to dismiss secret scanning alerts in a repository.

Delegated alert dismissal must be enabled on the repository and the user must be an org admin, security manager, or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint.

Differenzierte Zugriffstoken für "List alert dismissal requests for secret scanning for a repository"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read) and "Contents" repository permissions (read)

Parameter für „List alert dismissal requests for secret scanning for a repository“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

Abfrageparameter
reviewer string

Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.

requester string

Filter bypass requests by the handle of the GitHub user who requested the bypass.

time_period string

The time period to filter by.

For example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for rule suites that occurred in the past 7 days (168 hours).

Standard: day

Kann eine der Folgenden sein: hour, day, week, month

request_status string

The status of the dismissal request to filter on. When specified, only requests with this status will be returned.

Standard: all

Kann eine der Folgenden sein: completed, cancelled, approved, expired, denied, open, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

Standard: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

Standard: 1

HTTP-Antwortstatuscodes für „List alert dismissal requests for secret scanning for a repository“

StatuscodeBESCHREIBUNG
200

A list of the alert dismissal requests.

403

Forbidden

404

Resource not found

500

Internal Error

Codebeispiele für „List alert dismissal requests for secret scanning for a repository“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

get/repos/{owner}/{repo}/dismissal-requests/secret-scanning
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/dismissal-requests/secret-scanning

A list of the alert dismissal requests.

Status: 200
[ { "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning_closure", "data": [ { "secret_type": "adafruit_io_key", "alert_number": 17, "reason": "false_positive" } ], "resource_identifier": 17, "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/21", "html_url": "https://github.com/octo-org/smile/security/secret-scanning/17" }, { "id": 22, "number": 43, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning_closure", "data": [ { "secret_type": "adafruit_io_key", "alert_number": 19 } ], "resource_identifier": 19, "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 46, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "approved", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/22", "html_url": "https://github.com/octo-org/smile/security/secret-scanning/19" } ]

Get an alert dismissal request for secret scanning

Gets a specific request to dismiss a secret scanning alert in a repository.

Delegated alert dismissal must be enabled on the repository and the user must be an org admin, security manager, or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Differenzierte Zugriffstoken für "Get an alert dismissal request for secret scanning"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read) and "Contents" repository permissions (read)

Parameter für „Get an alert dismissal request for secret scanning“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer Erforderlich

The number that identifies the secret scanning alert in a repository.

HTTP-Antwortstatuscodes für „Get an alert dismissal request for secret scanning“

StatuscodeBESCHREIBUNG
200

A single dismissal request.

403

Forbidden

404

Resource not found

500

Internal Error

Codebeispiele für „Get an alert dismissal request for secret scanning“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

get/repos/{owner}/{repo}/dismissal-requests/secret-scanning/{alert_number}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/dismissal-requests/secret-scanning/ALERT_NUMBER

A single dismissal request.

Status: 200
{ "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "secret_scanning_closure", "data": [ { "secret_type": "adafruit_io_key", "alert_number": 17, "reason": "false_positive" } ], "resource_identifier": 17, "status": "denied", "requester_comment": "Test token used in the readme as an example", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/21", "html_url": "https://github.com/octo-org/smile/security/secret-scanning/17" }

Review an alert dismissal request for secret scanning

Approve or deny a request to dismiss a secret scanning alert in a repository.

Delegated alert dismissal must be enabled on the repository and the user must be an org admin, security manager, or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Differenzierte Zugriffstoken für "Review an alert dismissal request for secret scanning"

Dieser Endpunkt funktioniert mit den folgenden differenzierten Tokentypen.:

Das differenzierte Token muss einen der folgenden Berechtigungssätze aufweisen.:

  • "Secret scanning alerts" repository permissions (read) and "Contents" repository permissions (read)

Parameter für „Review an alert dismissal request for secret scanning“

Header
accept string

Setting to application/vnd.github+json is recommended.

Pfadparameter
owner string Erforderlich

The account owner of the repository. The name is not case sensitive.

repo string Erforderlich

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer Erforderlich

The number that identifies the secret scanning alert in a repository.

Textparameter
status string Erforderlich

The review action to perform on the dismissal request.

Kann eine der Folgenden sein: approve, deny

message string Erforderlich

A message to include with the review. Has a maximum character length of 2048.

HTTP-Antwortstatuscodes für „Review an alert dismissal request for secret scanning“

StatuscodeBESCHREIBUNG
200

The review of the dismissal request.

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

500

Internal Error

Codebeispiele für „Review an alert dismissal request for secret scanning“

Wenn du unter GHE.com auf GitHub zugreifst, ersetze api.github.com unter api.SUBDOMAIN.ghe.com mit der dedizierten Unterdomäne deines Unternehmens.

Anforderungsbeispiel

patch/repos/{owner}/{repo}/dismissal-requests/secret-scanning/{alert_number}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/dismissal-requests/secret-scanning/ALERT_NUMBER \ -d '{"status":"deny","message":"This secret has not been revoked."}'

The review of the dismissal request.

Status: 200
{ "dismissal_review_id": 1 }