Solicitudes de descarte de alertas
Usa la API REST para administrar solicitudes de descarte de alertas para el análisis de secretos.
List alert dismissal requests for secret scanning for an org
Lists requests to dismiss secret scanning alerts in an org.
Delegated alert dismissal must be enabled on repositories in the org and the user must be an org admin, security manager, or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint.
Tokens de acceso específicos para "List alert dismissal requests for secret scanning for an org"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- Tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (read)
Parámetros para "List alert dismissal requests for secret scanning for an org"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
org string RequeridoThe organization name. The name is not case sensitive. |
| Nombre, Tipo, Descripción |
|---|
repository_name string The name of the repository to filter on. |
reviewer string Filter bypass requests by the handle of the GitHub user who reviewed the bypass request. |
requester string Filter bypass requests by the handle of the GitHub user who requested the bypass. |
time_period string The time period to filter by. For example, Valor predeterminado: Puede ser uno de los siguientes: |
request_status string The status of the dismissal request to filter on. When specified, only requests with this status will be returned. Valor predeterminado: Puede ser uno de los siguientes: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List alert dismissal requests for secret scanning for an org"
| status code | Descripción |
|---|---|
200 | A list of the alert dismissal requests. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Ejemplos de código para "List alert dismissal requests for secret scanning for an org"
Si accedes a GitHub en GHE.com, reemplaza api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/dismissal-requests/secret-scanningA list of the alert dismissal requests.
Status: 200[
{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning_closure",
"data": [
{
"secret_type": "adafruit_io_key",
"alert_number": 17,
"reason": "false_positive"
}
],
"resource_identifier": 17,
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/21",
"html_url": "https://github.com/octo-org/smile/security/secret-scanning/17"
},
{
"id": 22,
"number": 43,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning_closure",
"data": [
{
"secret_type": "adafruit_io_key",
"alert_number": 19
}
],
"resource_identifier": 19,
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 46,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "approved",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/22",
"html_url": "https://github.com/octo-org/smile/security/secret-scanning/19"
}
]List alert dismissal requests for secret scanning for a repository
Lists requests to dismiss secret scanning alerts in a repository.
Delegated alert dismissal must be enabled on the repository and the user must be an org admin, security manager, or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint.
Tokens de acceso específicos para "List alert dismissal requests for secret scanning for a repository"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- Tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (read) and "Contents" repository permissions (read)
Parámetros para "List alert dismissal requests for secret scanning for a repository"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository without the |
| Nombre, Tipo, Descripción |
|---|
reviewer string Filter bypass requests by the handle of the GitHub user who reviewed the bypass request. |
requester string Filter bypass requests by the handle of the GitHub user who requested the bypass. |
time_period string The time period to filter by. For example, Valor predeterminado: Puede ser uno de los siguientes: |
request_status string The status of the dismissal request to filter on. When specified, only requests with this status will be returned. Valor predeterminado: Puede ser uno de los siguientes: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Valor predeterminado: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Valor predeterminado: |
Códigos de estado de respuesta HTTP para "List alert dismissal requests for secret scanning for a repository"
| status code | Descripción |
|---|---|
200 | A list of the alert dismissal requests. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Ejemplos de código para "List alert dismissal requests for secret scanning for a repository"
Si accedes a GitHub en GHE.com, reemplaza api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/dismissal-requests/secret-scanningA list of the alert dismissal requests.
Status: 200[
{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning_closure",
"data": [
{
"secret_type": "adafruit_io_key",
"alert_number": 17,
"reason": "false_positive"
}
],
"resource_identifier": 17,
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/21",
"html_url": "https://github.com/octo-org/smile/security/secret-scanning/17"
},
{
"id": 22,
"number": 43,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning_closure",
"data": [
{
"secret_type": "adafruit_io_key",
"alert_number": 19
}
],
"resource_identifier": 19,
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 46,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "approved",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/22",
"html_url": "https://github.com/octo-org/smile/security/secret-scanning/19"
}
]Get an alert dismissal request for secret scanning
Gets a specific request to dismiss a secret scanning alert in a repository.
Delegated alert dismissal must be enabled on the repository and the user must be an org admin, security manager,
or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint.
Personal access tokens (classic) need the security_events scope to use this endpoint.
Tokens de acceso específicos para "Get an alert dismissal request for secret scanning"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- Tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (read) and "Contents" repository permissions (read)
Parámetros para "Get an alert dismissal request for secret scanning"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository without the |
alert_number integer RequeridoThe number that identifies the secret scanning alert in a repository. |
Códigos de estado de respuesta HTTP para "Get an alert dismissal request for secret scanning"
| status code | Descripción |
|---|---|
200 | A single dismissal request. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Ejemplos de código para "Get an alert dismissal request for secret scanning"
Si accedes a GitHub en GHE.com, reemplaza api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/dismissal-requests/secret-scanning/ALERT_NUMBERA single dismissal request.
Status: 200{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "secret_scanning_closure",
"data": [
{
"secret_type": "adafruit_io_key",
"alert_number": 17,
"reason": "false_positive"
}
],
"resource_identifier": 17,
"status": "denied",
"requester_comment": "Test token used in the readme as an example",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://api.github.com/repos/octo-org/smile/dismissal-requests/secret-scanning/21",
"html_url": "https://github.com/octo-org/smile/security/secret-scanning/17"
}Review an alert dismissal request for secret scanning
Approve or deny a request to dismiss a secret scanning alert in a repository.
Delegated alert dismissal must be enabled on the repository and the user must be an org admin, security manager,
or have the "Review and manage secret scanning alert dismissal requests" permission to access this endpoint.
Personal access tokens (classic) need the security_events scope to use this endpoint.
Tokens de acceso específicos para "Review an alert dismissal request for secret scanning"
Este punto de conexión funciona con los siguientes tipos de token pormenorizados:
- Tokens de acceso de usuario de la aplicación de GitHub
- Token de acceso a la instalación de la aplicación de GitHub
- Tokens de acceso personal específico
El token pormenorizado debe tener el siguiente conjunto de permisos:
- "Secret scanning alerts" repository permissions (read) and "Contents" repository permissions (read)
Parámetros para "Review an alert dismissal request for secret scanning"
| Nombre, Tipo, Descripción |
|---|
accept string Setting to |
| Nombre, Tipo, Descripción |
|---|
owner string RequeridoThe account owner of the repository. The name is not case sensitive. |
repo string RequeridoThe name of the repository without the |
alert_number integer RequeridoThe number that identifies the secret scanning alert in a repository. |
| Nombre, Tipo, Descripción |
|---|
status string RequeridoThe review action to perform on the dismissal request. Puede ser uno de los siguientes: |
message string RequeridoA message to include with the review. Has a maximum character length of 2048. |
Códigos de estado de respuesta HTTP para "Review an alert dismissal request for secret scanning"
| status code | Descripción |
|---|---|
200 | The review of the dismissal request. |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
500 | Internal Error |
Ejemplos de código para "Review an alert dismissal request for secret scanning"
Si accedes a GitHub en GHE.com, reemplaza api.github.com por el subdominio dedicado de la empresa en api.SUBDOMAIN.ghe.com.
Ejemplo de solicitud
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/OWNER/REPO/dismissal-requests/secret-scanning/ALERT_NUMBER \
-d '{"status":"deny","message":"This secret has not been revoked."}'The review of the dismissal request.
Status: 200{
"dismissal_review_id": 1
}