alerts
Overview
| Name | alerts |
| Type | Resource |
| Id | github.secret_scanning.alerts |
Fields
| Name | Datatype | Description |
|---|---|---|
locations_url | string | The REST API URL of the code locations for this alert. |
number | integer | The security alert number. |
url | string | The REST API URL of the alert resource. |
state | string | Sets the state of the secret scanning alert. You must provide resolution when you set the state to resolved. |
html_url | string | The GitHub URL of the alert resource. |
resolution | string | Required when the state is resolved. The reason for resolving the alert. |
updated_at | string | The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
secret | string | The secret that was detected. |
created_at | string | The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
push_protection_bypassed | boolean | Whether push protection was bypassed for the detected secret. |
push_protection_bypassed_at | string | The time that push protection was bypassed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
secret_type | string | The type of secret that secret scanning detected. |
resolved_by | object | A GitHub user. |
resolved_at | string | The time that the alert was resolved in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
push_protection_bypassed_by | object | A GitHub user. |
resolution_comment | string | An optional comment to resolve an alert. |
secret_type_display_name | string | User-friendly name for the detected secret, matching the secret_type.For a list of built-in patterns, see "Secret scanning patterns." |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get_alert | SELECT | alert_number, owner, repo | Gets a single secret scanning alert detected in an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope.For public repositories, you may instead use the public_repo scope.GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint. |
list_alerts_for_enterprise | SELECT | enterprise | Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest. To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. |
list_alerts_for_org | SELECT | org | Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest. To use this endpoint, you must be an administrator or security manager for the organization, and you must use an access token with the repo scope or security_events scope.For public repositories, you may instead use the public_repo scope.GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint. |
list_alerts_for_repo | SELECT | owner, repo | Lists secret scanning alerts for an eligible repository, from newest to oldest. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope.For public repositories, you may instead use the public_repo scope.GitHub Apps must have the secret_scanning_alerts read permission to use this endpoint. |
update_alert | EXEC | alert_number, owner, repo, data__state | Updates the status of a secret scanning alert in an eligible repository. To use this endpoint, you must be an administrator for the repository or for the organization that owns the repository, and you must use a personal access token with the repo scope or security_events scope.For public repositories, you may instead use the public_repo scope.GitHub Apps must have the secret_scanning_alerts write permission to use this endpoint. |