Enterprise Server 3.21 は、現在リリース候補として使用できます。

REST API はバージョン化されました。 詳細については、「API のバージョン管理について」を参照してください。

Dependabot アラートの無視要求の REST API エンドポイント

REST API を使用して、リポジトリ Dependabot アラートの無視要求を管理します。

List dismissal requests for Dependabot alerts for an organization

Lists dismissal requests for Dependabot alerts in an organization.

Delegated alert dismissal must be enabled on repositories in the org and the user must be an org admin, security manager, or have the appropriate permission to access this endpoint. Personal access tokens (classic) need the security_events scope to use this endpoint.

Fine-grained access tokens for "List dismissal requests for Dependabot alerts for an organization"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Organization dismissal requests for Dependabot" organization permissions (read)

"List dismissal requests for Dependabot alerts for an organization" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パスパラメーター
org string 必須

The organization name. The name is not case sensitive.

クエリ パラメーター
repository_name string

The name of the repository to filter on.

reviewer string

Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.

requester string

Filter bypass requests by the handle of the GitHub user who requested the bypass.

time_period string

The time period to filter by.

For example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for rule suites that occurred in the past 7 days (168 hours).

デフォルト: day

次のいずれかにできます: hour, day, week, month

request_status string

The status of the dismissal request to filter on. When specified, only requests with this status will be returned.

デフォルト: all

次のいずれかにできます: completed, cancelled, approved, expired, denied, open, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

デフォルト: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

デフォルト: 1

HTTP response status codes for "List dismissal requests for Dependabot alerts for an organization"

Status code説明
200

A list of alert dismissal requests.

403

Forbidden

404

Resource not found

500

Internal Error

Code samples for "List dismissal requests for Dependabot alerts for an organization"

Request example

get/orgs/{org}/dismissal-requests/dependabot
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ http(s)://HOSTNAME/api/v3/orgs/ORG/dismissal-requests/dependabot

A list of alert dismissal requests.

Status: 200
[ { "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "dependabot_alert_dismissal", "data": [ { "reason": "no_bandwidth", "alert_number": "1", "alert_title": "lodash - GHSA-1234-abcd-5678" } ], "resource_identifier": "1", "status": "denied", "requester_comment": "No bandwidth to fix this right now", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/1", "html_url": "https://github.com/octo-org/smile/security/dependabot/1" }, { "id": 12, "number": 24, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "dependabot_alert_dismissal", "data": [ { "reason": "tolerable_risk", "alert_number": "2", "alert_title": "axios - GHSA-5678-efgh-9012" } ], "resource_identifier": "2", "status": "approved", "requester_comment": "Risk is acceptable for this internal tool", "expires_at": "2024-07-08T07:43:03Z", "created_at": "2024-07-01T07:43:03Z", "responses": [ { "id": 43, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "approved", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/2", "html_url": "https://github.com/octo-org/smile/security/dependabot/2" } ]

List dismissal requests for Dependabot alerts for a repository

Lists dismissal requests for Dependabot alerts for a repository.

Delegated alert dismissal must be enabled on the repository. Personal access tokens (classic) need the security_events scope to use this endpoint.

Fine-grained access tokens for "List dismissal requests for Dependabot alerts for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Dependabot alerts" repository permissions (read)

"List dismissal requests for Dependabot alerts for a repository" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パスパラメーター
owner string 必須

The account owner of the repository. The name is not case sensitive.

repo string 必須

The name of the repository without the .git extension. The name is not case sensitive.

クエリ パラメーター
reviewer string

Filter alert dismissal requests by the handle of the GitHub user who reviewed the dismissal request.

requester string

Filter alert dismissal requests by the handle of the GitHub user who requested the dismissal.

time_period string

The time period to filter by.

For example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for insights that occurred in the past 7 days (168 hours).

デフォルト: month

次のいずれかにできます: hour, day, week, month

request_status string

Filter alert dismissal requests by status. When specified, only requests with this status will be returned.

デフォルト: all

次のいずれかにできます: open, approved, expired, denied, all

per_page integer

The number of results per page (max 100). For more information, see "Using pagination in the REST API."

デフォルト: 30

page integer

The page number of the results to fetch. For more information, see "Using pagination in the REST API."

デフォルト: 1

HTTP response status codes for "List dismissal requests for Dependabot alerts for a repository"

Status code説明
200

A list of alert dismissal requests.

403

Forbidden

404

Resource not found

500

Internal Error

Code samples for "List dismissal requests for Dependabot alerts for a repository"

Request example

get/repos/{owner}/{repo}/dismissal-requests/dependabot
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot

A list of alert dismissal requests.

Status: 200
[ { "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "dependabot_alert_dismissal", "data": [ { "reason": "no_bandwidth", "alert_number": "1", "alert_title": "lodash - GHSA-1234-abcd-5678" } ], "resource_identifier": "1", "status": "denied", "requester_comment": "No bandwidth to fix this right now", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [ { "id": 42, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "denied", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/1", "html_url": "https://github.com/octo-org/smile/security/dependabot/1" }, { "id": 12, "number": 24, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "dependabot_alert_dismissal", "data": [ { "reason": "tolerable_risk", "alert_number": "2", "alert_title": "axios - GHSA-5678-efgh-9012" } ], "resource_identifier": "2", "status": "approved", "requester_comment": "Risk is acceptable for this internal tool", "expires_at": "2024-07-08T07:43:03Z", "created_at": "2024-07-01T07:43:03Z", "responses": [ { "id": 43, "reviewer": { "actor_id": 4, "actor_name": "octocat" }, "status": "approved", "created_at": "2024-07-02T08:43:04Z" } ], "url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/2", "html_url": "https://github.com/octo-org/smile/security/dependabot/2" } ]

Get a dismissal request for a Dependabot alert for a repository

Gets a dismissal request to dismiss a Dependabot alert in a repository.

Delegated alert dismissal must be enabled on the repository. Personal access tokens (classic) need the security_events scope to use this endpoint.

Fine-grained access tokens for "Get a dismissal request for a Dependabot alert for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Dependabot alerts" repository permissions (read)

"Get a dismissal request for a Dependabot alert for a repository" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パスパラメーター
owner string 必須

The account owner of the repository. The name is not case sensitive.

repo string 必須

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer 必須

The number that identifies the Dependabot alert.

HTTP response status codes for "Get a dismissal request for a Dependabot alert for a repository"

Status code説明
200

A single dismissal request.

403

Forbidden

404

Resource not found

500

Internal Error

Code samples for "Get a dismissal request for a Dependabot alert for a repository"

Request example

get/repos/{owner}/{repo}/dismissal-requests/dependabot/{alert_number}
curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot/ALERT_NUMBER

A single dismissal request.

Status: 200
{ "id": 21, "number": 42, "repository": { "id": 1, "name": "smile", "full_name": "octo-org/smile" }, "organization": { "id": 1, "name": "octo-org" }, "requester": { "actor_id": 12, "actor_name": "monalisa" }, "request_type": "dependabot_alert_dismissal", "data": [ { "reason": "no_bandwidth", "alert_number": "1", "alert_title": "lodash - GHSA-1234-abcd-5678" } ], "resource_identifier": "1", "status": "pending", "requester_comment": "No bandwidth to fix this right now", "expires_at": "2024-07-08T08:43:03Z", "created_at": "2024-07-01T08:43:03Z", "responses": [], "url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/1", "html_url": "https://github.com/octo-org/smile/security/dependabot/1" }

Create a dismissal request for a Dependabot alert for a repository

Creates a new dismissal request to dismiss a Dependabot alert in a repository.

Delegated alert dismissal must be enabled on the repository and the user must have permission to view Dependabot alerts to access this endpoint. OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.

Fine-grained access tokens for "Create a dismissal request for a Dependabot alert for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Dependabot alerts" repository permissions (read)

"Create a dismissal request for a Dependabot alert for a repository" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パスパラメーター
owner string 必須

The account owner of the repository. The name is not case sensitive.

repo string 必須

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer 必須

The number that identifies the Dependabot alert.

ボディパラメータ
dismissed_reason string 必須

The reason for dismissing the alert.

次のいずれかにできます: fix_started, no_bandwidth, tolerable_risk, inaccurate, not_used

dismissed_comment string

An optional comment explaining the dismissal.

HTTP response status codes for "Create a dismissal request for a Dependabot alert for a repository"

Status code説明
201

The created dismissal request.

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

500

Internal Error

Code samples for "Create a dismissal request for a Dependabot alert for a repository"

Request example

post/repos/{owner}/{repo}/dismissal-requests/dependabot/{alert_number}
curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot/ALERT_NUMBER \ -d '{"dismissed_reason":"tolerable_risk","dismissed_comment":"Risk is acceptable for this project."}'

The created dismissal request.

Status: 201
{ "id": 1, "number": 1, "repository": { "id": 1, "name": "hello-world", "full_name": "octocat/hello-world" }, "organization": { "id": 1, "name": "octocat" }, "requester": { "actor_id": 1, "actor_name": "octocat" }, "request_type": "dependabot_alert_closure", "data": [ { "reason": "tolerable_risk", "alert_number": "42", "alert_title": "lodash vulnerability" } ], "resource_identifier": "42", "status": "pending", "requester_comment": "Risk is acceptable for this project.", "expires_at": "2024-01-15T00:00:00Z", "created_at": "2024-01-08T00:00:00Z", "responses": null, "url": "https://github.com/octocat/hello-world/security/dependabot/42" }

Review a dismissal request for a Dependabot alert for a repository

Approve or deny a dismissal request to dismiss a Dependabot alert in a repository.

Delegated alert dismissal must be enabled on the repository and the user must be a dismissal reviewer to access this endpoint. OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.

Fine-grained access tokens for "Review a dismissal request for a Dependabot alert for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Organization dismissal requests for Dependabot" organization permissions (write) and "Dependabot alerts" repository permissions (read)

"Review a dismissal request for a Dependabot alert for a repository" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パスパラメーター
owner string 必須

The account owner of the repository. The name is not case sensitive.

repo string 必須

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer 必須

The number that identifies the Dependabot alert.

ボディパラメータ
status string 必須

The review action to perform on the dismissal request.

次のいずれかにできます: approve, deny

message string 必須

A message to include with the review. Has a maximum character length of 2048.

HTTP response status codes for "Review a dismissal request for a Dependabot alert for a repository"

Status code説明
200

The review of the dismissal request.

403

Forbidden

404

Resource not found

422

Validation failed, or the endpoint has been spammed.

500

Internal Error

Code samples for "Review a dismissal request for a Dependabot alert for a repository"

Request example

patch/repos/{owner}/{repo}/dismissal-requests/dependabot/{alert_number}
curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot/ALERT_NUMBER \ -d '{"status":"approve","message":"Used in tests."}'

The review of the dismissal request.

Status: 200
{ "dismissal_review_id": 1 }

Cancel a dismissal request for a Dependabot alert for a repository

Cancels a pending dismissal request for a Dependabot alert in a repository.

The authenticated user must be the requester of the dismissal request or have reviewer permissions (security manager or organization owner). Delegated alert dismissal must be enabled on the repository. OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.

Fine-grained access tokens for "Cancel a dismissal request for a Dependabot alert for a repository"

This endpoint works with the following fine-grained token types:

The fine-grained token must have the following permission set:

  • "Organization dismissal requests for Dependabot" organization permissions (write) and "Dependabot alerts" repository permissions (read)

"Cancel a dismissal request for a Dependabot alert for a repository" のパラメーター

ヘッダー
accept string

Setting to application/vnd.github+json is recommended.

パスパラメーター
owner string 必須

The account owner of the repository. The name is not case sensitive.

repo string 必須

The name of the repository without the .git extension. The name is not case sensitive.

alert_number integer 必須

The number that identifies the Dependabot alert.

HTTP response status codes for "Cancel a dismissal request for a Dependabot alert for a repository"

Status code説明
204

Dismissal request cancelled successfully.

403

Forbidden

404

Resource not found

500

Internal Error

Code samples for "Cancel a dismissal request for a Dependabot alert for a repository"

Request example

delete/repos/{owner}/{repo}/dismissal-requests/dependabot/{alert_number}
curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2026-03-10" \ http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot/ALERT_NUMBER

Dismissal request cancelled successfully.

Status: 204