Skip to main content

alerts

Overview

Namealerts
TypeResource
Idgithub.secret_scanning.alerts

Fields

NameDatatypeDescription
created_atstringThe time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
html_urlstringThe GitHub URL of the alert resource.
locations_urlstringThe REST API URL of the code locations for this alert.
numberintegerThe security alert number.
push_protection_bypassedbooleanWhether push protection was bypassed for the detected secret.
push_protection_bypassed_atstringThe time that push protection was bypassed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
push_protection_bypassed_byobjectA GitHub user.
resolutionstringRequired when the state is resolved. The reason for resolving the alert.
resolution_commentstringAn optional comment to resolve an alert.
resolved_atstringThe time that the alert was resolved in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
resolved_byobjectA GitHub user.
secretstringThe secret that was detected.
secret_typestringThe type of secret that secret scanning detected.
secret_type_display_namestringUser-friendly name for the detected secret, matching the secret_type.
For a list of built-in patterns, see "Secret scanning patterns."
statestringSets the state of the secret scanning alert. You must provide resolution when you set the state to resolved.
updated_atstringThe time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
urlstringThe REST API URL of the alert resource.

Methods

NameAccessible byRequired ParamsDescription
get_alertSELECTalert_number, owner, repoGets a single secret scanning alert detected in an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope.
For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.
list_alerts_for_enterpriseSELECTenterpriseLists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.
list_alerts_for_orgSELECTorgLists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo scope or security_events scope.
For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.
list_alerts_for_repoSELECTowner, repoLists secret scanning alerts for an eligible repository, from newest to oldest.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope.
For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint.
update_alertEXECalert_number, owner, repo, data__stateUpdates the status of a secret scanning alert in an eligible repository.
To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope.
For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint.