The account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
Response
", + "example": { + "status": "success", + "description": "This fixes an XSS vulnerability by escaping the user input.", + "started_at": "2024-02-14T12:29:18Z" + }, + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of an autofix.", + "enum": [ + "pending", + "error", + "success", + "outdated" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The description of an autofix." + }, + "started_at": { + "type": "string", + "description": "The start time of an autofix in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + } + }, + "required": [ + "status", + "description", + "started_at" + ] + } + } + } + ], + "previews": [], + "descriptionHTML": "Gets the status and description of an autofix for a code scanning alert.
\nOAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
OK
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Response if GitHub Advanced Security is not enabled for this repository
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "503", + "description": "Service unavailable
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix", + "title": "Create an autofix for a code scanning alert", + "category": "code-scanning", + "subcategory": "code-scanning", + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
OK
", + "example": { + "status": "success", + "description": "This fixes an XSS vulnerability by escaping the user input.", + "started_at": "2024-02-14T12:29:18Z" + }, + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of an autofix.", + "enum": [ + "pending", + "error", + "success", + "outdated" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The description of an autofix." + }, + "started_at": { + "type": "string", + "description": "The start time of an autofix in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + } + }, + "required": [ + "status", + "description", + "started_at" + ] + } + } + }, + { + "key": "default", + "request": { + "description": "Example 2: Status Code 202", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "alert_number": "ALERT_NUMBER" + } + }, + "response": { + "statusCode": "202", + "contentType": "application/json", + "description": "Accepted
", + "example": { + "status": "pending", + "description": null, + "started_at": "2024-02-14T12:29:18Z" + }, + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of an autofix.", + "enum": [ + "pending", + "error", + "success", + "outdated" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The description of an autofix." + }, + "started_at": { + "type": "string", + "description": "The start time of an autofix in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + } + }, + "required": [ + "status", + "description", + "started_at" + ] + } + } + } + ], + "previews": [], + "descriptionHTML": "Creates an autofix for a code scanning alert.
\nIf a new autofix is to be created as a result of this request or is currently being generated, then this endpoint will return a 202 Accepted response.
\nIf an autofix already exists for a given alert, then this endpoint will return a 200 OK response.
\nOAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
OK
" + }, + { + "httpStatusCode": "202", + "description": "Accepted
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Response if the repository is archived, if GitHub Advanced Security is not enabled for this repository or if rate limit is exceeded
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "422", + "description": "Unprocessable Entity
" + }, + { + "httpStatusCode": "503", + "description": "Service unavailable
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix/commits", + "title": "Commit an autofix for a code scanning alert", + "category": "code-scanning", + "subcategory": "code-scanning", + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
The Git reference of target branch for the commit. Branch needs to already exist. For more information, see \"Git References\" in the Git documentation.
" + }, + { + "type": "string", + "name": "message", + "in": "body", + "description": "Commit message to be used.
" + } + ], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "target_ref": "refs/heads/fix-bug", + "message": "Let's fix this 🪲!" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "alert_number": "ALERT_NUMBER" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "Created
", + "example": { + "target_ref": "refs/heads/main", + "sha": "178f4f6090b3fccad4a65b3e83d076a622d59652" + }, + "schema": { + "type": "object", + "properties": { + "target_ref": { + "type": "string", + "description": "The Git reference of target branch for the commit. For more information, see \"[Git References](https://git-scm.com/book/en/v2/Git-Internals-Git-References)\" in the Git documentation." + }, + "sha": { + "type": "string", + "description": "SHA of commit with autofix." + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Commits an autofix for a code scanning alert.
\nIf an autofix is commited as a result of this request, then this endpoint will return a 201 Created response.
\nOAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
Created
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Response if the repository is archived or if GitHub Advanced Security is not enabled for this repository
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "422", + "description": "Unprocessable Entity
" + }, + { + "httpStatusCode": "503", + "description": "Service unavailable
" + } + ] + }, { "serverUrl": "https://api.github.com", "verb": "get", @@ -159175,34 +159632,20 @@ { "serverUrl": "https://api.github.com", "verb": "get", - "requestPath": "/orgs/{org}/code-security/configurations", - "title": "Get code security configurations for an organization", + "requestPath": "/enterprises/{enterprise}/code-security/configurations", + "title": "Get code security configurations for an enterprise", "category": "code-security", "subcategory": "configurations", "parameters": [ { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { "type": "string" } }, - { - "name": "target_type", - "in": "query", - "description": "The target type of the code security configuration
", - "required": false, - "schema": { - "type": "string", - "enum": [ - "global", - "all" - ], - "default": "all" - } - }, { "name": "per_page", "in": "query", @@ -159234,14 +159677,10 @@ ], "bodyParameters": [], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -159250,7 +159689,7 @@ "description": "Example", "acceptHeader": "application/vnd.github.v3+json", "parameters": { - "org": "ORG" + "enterprise": "ENTERPRISE" } }, "response": { @@ -159272,32 +159711,26 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", - "secret_scanning_delegated_bypass": "enabled", - "secret_scanning_delegated_bypass_options": { - "reviewers": [ - { - "security_configuration_id": 17, - "reviewer_id": 5678, - "reviewer_type": "TEAM" - } - ] - }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/17", + "html_url": "https://github.com/organizations/octo-enterprise/settings/security_analysis/configurations/17/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, - "target_type": "organization", + "target_type": "enterprise", "name": "High risk settings", - "description": "This is a code security configuration for octo-org high risk repositories", + "description": "This is a code security configuration for octo-enterprise high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", @@ -159307,15 +159740,18 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", - "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1326", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1326/edit", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } @@ -159557,7 +159993,7 @@ } ], "previews": [], - "descriptionHTML": "Lists all code security configurations available in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Lists all code security configurations available in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { @@ -159596,7 +160032,7 @@ "type": "string", "name": "name", "in": "body", - "description": "The name of the code security configuration. Must be unique within the organization.
", + "description": "The name of the code security configuration. Must be unique within the enterprise.
", "isRequired": true }, { @@ -159738,49 +160174,6 @@ ], "default": "disabled" }, - { - "type": "string", - "name": "secret_scanning_delegated_bypass", - "in": "body", - "description": "The enablement status of secret scanning delegated bypass
", - "enum": [ - "enabled", - "disabled", - "not_set" - ], - "default": "disabled" - }, - { - "type": "object", - "name": "secret_scanning_delegated_bypass_options", - "in": "body", - "description": "Feature options for secret scanning delegated bypass
", - "childParamsGroups": [ - { - "type": "array of objects", - "name": "reviewers", - "description": "The bypass reviewers for secret scanning delegated bypass
", - "childParamsGroups": [ - { - "type": "integer", - "name": "reviewer_id", - "description": "The ID of the team or role selected as a bypass reviewer
", - "isRequired": true - }, - { - "type": "string", - "name": "reviewer_type", - "description": "The type of the bypass reviewer
", - "isRequired": true, - "enum": [ - "TEAM", - "ROLE" - ] - } - ] - } - ] - }, { "type": "string", "name": "secret_scanning_validity_checks", @@ -159830,14 +160223,10 @@ } ], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -159847,15 +160236,15 @@ "description": "Example for a code security configuration", "acceptHeader": "application/vnd.github.v3+json", "bodyParameters": { - "name": "octo-org recommended settings", - "description": "This is a code security configuration for octo-org", + "name": "High rish settings", + "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "secret_scanning": "enabled" }, "parameters": { - "org": "ORG" + "enterprise": "ENTERPRISE" } }, "response": { @@ -159864,9 +160253,9 @@ "description": "Successfully created code security configuration
", "example": { "id": 1325, - "target_type": "organization", - "name": "octo-org recommended settings", - "description": "This is a code security configuration for octo-org", + "target_type": "enterprise", + "name": "High risk settings", + "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", @@ -159876,10 +160265,6 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", - "code_scanning_default_setup_options": { - "runner_type": "not_set", - "runner_label": null - }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", @@ -159887,8 +160272,8 @@ "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }, @@ -160126,25 +160511,37 @@ } ], "previews": [], - "descriptionHTML": "Creates a code security configuration in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Creates a code security configuration in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Successfully created code security configuration
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" } ] }, { "serverUrl": "https://api.github.com", "verb": "get", - "requestPath": "/orgs/{org}/code-security/configurations/defaults", - "title": "Get default code security configurations", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/defaults", + "title": "Get default code security configurations for an enterprise", "category": "code-security", "subcategory": "configurations", "parameters": [ { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { @@ -160154,14 +160551,10 @@ ], "bodyParameters": [], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -160170,7 +160563,7 @@ "description": "Example", "acceptHeader": "application/vnd.github.v3+json", "parameters": { - "org": "ORG" + "enterprise": "ENTERPRISE" } }, "response": { @@ -160504,121 +160897,25 @@ } ], "previews": [], - "descriptionHTML": "Lists the default code security configurations for an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Lists the default code security configurations for an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
OK
" - }, - { - "httpStatusCode": "304", - "description": "Not modified
" - }, - { - "httpStatusCode": "403", - "description": "Forbidden
" - }, - { - "httpStatusCode": "404", - "description": "Resource not found
" - } - ] - }, - { - "serverUrl": "https://api.github.com", - "verb": "delete", - "requestPath": "/orgs/{org}/code-security/configurations/detach", - "title": "Detach configurations from repositories", - "category": "code-security", - "subcategory": "configurations", - "parameters": [ - { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", - "in": "path", - "required": true, - "schema": { - "type": "string" - } - } - ], - "bodyParameters": [ - { - "type": "array of integers", - "name": "selected_repository_ids", - "in": "body", - "description": "An array of repository IDs to detach from configurations.
" - } - ], - "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] - }, - "codeExamples": [ - { - "key": "default", - "request": { - "contentType": "application/json", - "description": "Example for detaching repositories from configurations.", - "acceptHeader": "application/vnd.github.v3+json", - "bodyParameters": { - "selected_repository_ids": [ - 32, - 91 - ] - }, - "parameters": { - "org": "ORG" - } - }, - "response": { - "statusCode": "204", - "description": "A header with no content is returned.
" - } - } - ], - "previews": [], - "descriptionHTML": "Detach code security configuration(s) from a set of repositories.\nRepositories will retain their settings but will no longer be associated with the configuration.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
A header with no content is returned.
" - }, - { - "httpStatusCode": "400", - "description": "Bad Request
" - }, - { - "httpStatusCode": "403", - "description": "Forbidden
" - }, - { - "httpStatusCode": "404", - "description": "Resource not found
" - }, - { - "httpStatusCode": "409", - "description": "Conflict
" } ] }, { "serverUrl": "https://api.github.com", "verb": "get", - "requestPath": "/orgs/{org}/code-security/configurations/{configuration_id}", - "title": "Get a code security configuration", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}", + "title": "Retrieve a code security configuration of an enterprise", "category": "code-security", "subcategory": "configurations", "parameters": [ { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { @@ -160637,14 +160934,10 @@ ], "bodyParameters": [], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -160653,7 +160946,7 @@ "description": "Example", "acceptHeader": "application/vnd.github.v3+json", "parameters": { - "org": "ORG", + "enterprise": "ENTERPRISE", "configuration_id": "CONFIGURATION_ID" } }, @@ -160663,9 +160956,9 @@ "description": "Response
", "example": { "id": 1325, - "target_type": "organization", - "name": "octo-org recommended settings", - "description": "This is a code security configuration for octo-org", + "target_type": "enterprise", + "name": "High risk settings", + "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", @@ -160675,10 +160968,6 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", - "code_scanning_default_setup_options": { - "runner_type": "not_set", - "runner_label": null - }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", @@ -160686,8 +160975,3591 @@ "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + }, + "schema": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Gets a code security configuration available in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "304", + "description": "Not modified
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}", + "title": "Update a custom code security configuration for an enterprise", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "in": "body", + "description": "The name of the code security configuration. Must be unique across the enterprise.
" + }, + { + "type": "string", + "name": "description", + "in": "body", + "description": "A description of the code security configuration
" + }, + { + "type": "string", + "name": "advanced_security", + "in": "body", + "description": "The enablement status of GitHub Advanced Security. Must be set to enabled if you want to enable any GHAS settings.
", + "enum": [ + "enabled", + "disabled" + ] + }, + { + "type": "string", + "name": "dependency_graph", + "in": "body", + "description": "The enablement status of Dependency Graph
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "dependency_graph_autosubmit_action", + "in": "body", + "description": "The enablement status of Automatic dependency submission
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "object", + "name": "dependency_graph_autosubmit_action_options", + "in": "body", + "description": "Feature options for Automatic dependency submission
", + "childParamsGroups": [ + { + "type": "boolean", + "name": "labeled_runners", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
" + } + ] + }, + { + "type": "string", + "name": "dependabot_alerts", + "in": "body", + "description": "The enablement status of Dependabot alerts
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "dependabot_security_updates", + "in": "body", + "description": "The enablement status of Dependabot security updates
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "code_scanning_default_setup", + "in": "body", + "description": "The enablement status of code scanning default setup
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "object or null", + "name": "code_scanning_default_setup_options", + "in": "body", + "description": "Feature options for code scanning default setup
", + "childParamsGroups": [ + { + "type": "string", + "name": "runner_type", + "description": "Whether to use labeled runners or standard GitHub runners.
", + "enum": [ + "standard", + "labeled", + "not_set" + ] + }, + { + "type": "string or null", + "name": "runner_label", + "description": "The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
" + } + ] + }, + { + "type": "string", + "name": "secret_scanning", + "in": "body", + "description": "The enablement status of secret scanning
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "secret_scanning_push_protection", + "in": "body", + "description": "The enablement status of secret scanning push protection
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "secret_scanning_validity_checks", + "in": "body", + "description": "The enablement status of secret scanning validity checks
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "secret_scanning_non_provider_patterns", + "in": "body", + "description": "The enablement status of secret scanning non-provider patterns
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "private_vulnerability_reporting", + "in": "body", + "description": "The enablement status of private vulnerability reporting
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "enforcement", + "in": "body", + "description": "The enforcement status for a security configuration
", + "enum": [ + "enforced", + "unenforced" + ] + } + ], + "progAccess": { + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example for updating a code security configuration", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "octo-enterprise recommended settings v2", + "secret_scanning": "disabled", + "code_scanning_default_setup": "enabled" + }, + "parameters": { + "enterprise": "ENTERPRISE", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": { + "id": 1325, + "target_type": "enterprise", + "name": "High risk settings", + "description": "This is a code security configuration for octo-enterprise", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + }, + "schema": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Updates a code security configuration in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "304", + "description": "Not modified
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}", + "title": "Delete a code security configuration for an enterprise", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "enterprise": "ENTERPRISE", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "204", + "description": "A header with no content is returned.
" + } + } + ], + "previews": [], + "descriptionHTML": "Deletes a code security configuration from an enterprise.\nRepositories attached to the configuration will retain their settings but will no longer be associated with\nthe configuration.
\nThe authenticated user must be an administrator for the enterprise to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
A header with no content is returned.
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}/attach", + "title": "Attach an enterprise configuration to repositories", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "scope", + "in": "body", + "description": "The type of repositories to attach the configuration to. selected means the configuration will be attached to only the repositories specified by selected_repository_ids
Accepted
", + "example": null, + "schema": { + "type": "object" + } + } + } + ], + "previews": [], + "descriptionHTML": "Attaches an enterprise code security configuration to repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.
\nIf insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.
\nThe authenticated user must be an administrator for the enterprise to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Accepted
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}/defaults", + "title": "Set a code security configuration as a default for an enterprise", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "default_for_new_repos", + "in": "body", + "description": "Specify which types of repository this security configuration should be applied to by default.
", + "enum": [ + "all", + "none", + "private_and_internal", + "public" + ] + } + ], + "progAccess": { + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Set this configuration to be enabled by default on all new repositories.", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "default_for_new_repos": "all" + }, + "parameters": { + "enterprise": "ENTERPRISE", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Default successfully changed.
", + "example": { + "default_for_new_repos": "all", + "configuration": { + "value": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + } + } + }, + "schema": { + "type": "object", + "properties": { + "default_for_new_repos": { + "type": "string", + "description": "Specifies which types of repository this security configuration is applied to by default.", + "enum": [ + "all", + "none", + "private_and_internal", + "public" + ] + }, + "configuration": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Sets a code security configuration as a default to be applied to new repositories in your enterprise.
\nThis configuration will be applied by default to the matching repository type when created, but only for organizations within the enterprise that do not already have a default code security configuration set.
\nThe authenticated user must be an administrator for the enterprise to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Default successfully changed.
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}/repositories", + "title": "Get repositories associated with an enterprise code security configuration", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + }, + { + "name": "per_page", + "description": "The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "before", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "after", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "status", + "description": "A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.
\nCan be: all, attached, attaching, removed, enforced, failed, updating, removed_by_enterprise
Example of code security configuration repositories
", + "example": [ + { + "status": "attached", + "repository": { + "value": { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + } + } + ], + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Repositories associated with a code security configuration and attachment status", + "properties": { + "status": { + "type": "string", + "description": "The attachment status of the code security configuration on the repository.", + "enum": [ + "attached", + "attaching", + "detached", + "removed", + "enforced", + "failed", + "updating", + "removed_by_enterprise" + ] + }, + "repository": { + "title": "Simple Repository", + "description": "A GitHub repository.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "description": "A unique identifier of the repository.", + "examples": [ + 1296269 + ] + }, + "node_id": { + "type": "string", + "description": "The GraphQL identifier of the repository.", + "examples": [ + "MDEwOlJlcG9zaXRvcnkxMjk2MjY5" + ] + }, + "name": { + "type": "string", + "description": "The name of the repository.", + "examples": [ + "Hello-World" + ] + }, + "full_name": { + "type": "string", + "description": "The full, globally unique, name of the repository.", + "examples": [ + "octocat/Hello-World" + ] + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string", + "examples": [ + "octocat" + ] + }, + "id": { + "type": "integer", + "format": "int64", + "examples": [ + 1 + ] + }, + "node_id": { + "type": "string", + "examples": [ + "MDQ6VXNlcjE=" + ] + }, + "avatar_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://github.com/images/error/octocat_happy.gif" + ] + }, + "gravatar_id": { + "type": [ + "string", + "null" + ], + "examples": [ + "41d064eb2195891e12d0413f63227ea7" + ] + }, + "url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat" + ] + }, + "html_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://github.com/octocat" + ] + }, + "followers_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/followers" + ] + }, + "following_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/following{/other_user}" + ] + }, + "gists_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/gists{/gist_id}" + ] + }, + "starred_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/starred{/owner}{/repo}" + ] + }, + "subscriptions_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/subscriptions" + ] + }, + "organizations_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/orgs" + ] + }, + "repos_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/repos" + ] + }, + "events_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/events{/privacy}" + ] + }, + "received_events_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/received_events" + ] + }, + "type": { + "type": "string", + "examples": [ + "User" + ] + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string", + "examples": [ + "\"2020-07-09T00:17:55Z\"" + ] + }, + "user_view_type": { + "type": "string", + "examples": [ + "public" + ] + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean", + "description": "Whether the repository is private." + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL to view the repository on GitHub.com.", + "examples": [ + "https://github.com/octocat/Hello-World" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The repository description.", + "examples": [ + "This your first repo!" + ] + }, + "fork": { + "type": "boolean", + "description": "Whether the repository is a fork." + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL to get more information about the repository from the GitHub API.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World" + ] + }, + "archive_url": { + "type": "string", + "description": "A template for the API URL to download the repository as an archive.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}" + ] + }, + "assignees_url": { + "type": "string", + "description": "A template for the API URL to list the available assignees for issues in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/assignees{/user}" + ] + }, + "blobs_url": { + "type": "string", + "description": "A template for the API URL to create or retrieve a raw Git blob in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}" + ] + }, + "branches_url": { + "type": "string", + "description": "A template for the API URL to get information about branches in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/branches{/branch}" + ] + }, + "collaborators_url": { + "type": "string", + "description": "A template for the API URL to get information about collaborators of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}" + ] + }, + "comments_url": { + "type": "string", + "description": "A template for the API URL to get information about comments on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/comments{/number}" + ] + }, + "commits_url": { + "type": "string", + "description": "A template for the API URL to get information about commits on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/commits{/sha}" + ] + }, + "compare_url": { + "type": "string", + "description": "A template for the API URL to compare two commits or refs.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}" + ] + }, + "contents_url": { + "type": "string", + "description": "A template for the API URL to get the contents of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/contents/{+path}" + ] + }, + "contributors_url": { + "type": "string", + "format": "uri", + "description": "A template for the API URL to list the contributors to the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/contributors" + ] + }, + "deployments_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the deployments of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/deployments" + ] + }, + "downloads_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the downloads on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/downloads" + ] + }, + "events_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the events of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/events" + ] + }, + "forks_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the forks of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/forks" + ] + }, + "git_commits_url": { + "type": "string", + "description": "A template for the API URL to get information about Git commits of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}" + ] + }, + "git_refs_url": { + "type": "string", + "description": "A template for the API URL to get information about Git refs of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}" + ] + }, + "git_tags_url": { + "type": "string", + "description": "A template for the API URL to get information about Git tags of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}" + ] + }, + "issue_comment_url": { + "type": "string", + "description": "A template for the API URL to get information about issue comments on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}" + ] + }, + "issue_events_url": { + "type": "string", + "description": "A template for the API URL to get information about issue events on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}" + ] + }, + "issues_url": { + "type": "string", + "description": "A template for the API URL to get information about issues on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/issues{/number}" + ] + }, + "keys_url": { + "type": "string", + "description": "A template for the API URL to get information about deploy keys on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}" + ] + }, + "labels_url": { + "type": "string", + "description": "A template for the API URL to get information about labels of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/labels{/name}" + ] + }, + "languages_url": { + "type": "string", + "format": "uri", + "description": "The API URL to get information about the languages of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/languages" + ] + }, + "merges_url": { + "type": "string", + "format": "uri", + "description": "The API URL to merge branches in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/merges" + ] + }, + "milestones_url": { + "type": "string", + "description": "A template for the API URL to get information about milestones of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/milestones{/number}" + ] + }, + "notifications_url": { + "type": "string", + "description": "A template for the API URL to get information about notifications on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}" + ] + }, + "pulls_url": { + "type": "string", + "description": "A template for the API URL to get information about pull requests on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/pulls{/number}" + ] + }, + "releases_url": { + "type": "string", + "description": "A template for the API URL to get information about releases on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/releases{/id}" + ] + }, + "stargazers_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the stargazers on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/stargazers" + ] + }, + "statuses_url": { + "type": "string", + "description": "A template for the API URL to get information about statuses of a commit.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}" + ] + }, + "subscribers_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the subscribers on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/subscribers" + ] + }, + "subscription_url": { + "type": "string", + "format": "uri", + "description": "The API URL to subscribe to notifications for this repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/subscription" + ] + }, + "tags_url": { + "type": "string", + "format": "uri", + "description": "The API URL to get information about tags on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/tags" + ] + }, + "teams_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the teams on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/teams" + ] + }, + "trees_url": { + "type": "string", + "description": "A template for the API URL to create or retrieve a raw Git tree of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the hooks on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/hooks" + ] + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists the repositories associated with an enterprise code security configuration in an organization.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/code-security/configurations", + "title": "Get code security configurations for an organization", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "target_type", + "in": "query", + "description": "The target type of the code security configuration
", + "required": false, + "schema": { + "type": "string", + "enum": [ + "global", + "all" + ], + "default": "all" + } + }, + { + "name": "per_page", + "in": "query", + "description": "The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"
", + "required": false, + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "before", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "after", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": [ + { + "id": 17, + "target_type": "global", + "name": "GitHub recommended", + "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "not_set", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "enabled", + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "enabled", + "secret_scanning_delegated_bypass_options": { + "reviewers": [ + { + "security_configuration_id": 17, + "reviewer_id": 5678, + "reviewer_type": "TEAM" + } + ] + }, + "secret_scanning_validity_checks": "enabled", + "secret_scanning_non_provider_patterns": "enabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", + "created_at": "2023-12-04T15:58:07Z", + "updated_at": "2023-12-04T15:58:07Z" + }, + { + "id": 1326, + "target_type": "organization", + "name": "High risk settings", + "description": "This is a code security configuration for octo-org high risk repositories", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "enabled", + "code_scanning_default_setup": "enabled", + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", + "created_at": "2024-05-10T00:00:00Z", + "updated_at": "2024-05-10T00:00:00Z" + } + ], + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists all code security configurations available in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/orgs/{org}/code-security/configurations", + "title": "Create a code security configuration", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "in": "body", + "description": "The name of the code security configuration. Must be unique within the organization.
", + "isRequired": true + }, + { + "type": "string", + "name": "description", + "in": "body", + "description": "A description of the code security configuration
", + "isRequired": true + }, + { + "type": "string", + "name": "advanced_security", + "in": "body", + "description": "The enablement status of GitHub Advanced Security
", + "enum": [ + "enabled", + "disabled" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "dependency_graph", + "in": "body", + "description": "The enablement status of Dependency Graph
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "enabled" + }, + { + "type": "string", + "name": "dependency_graph_autosubmit_action", + "in": "body", + "description": "The enablement status of Automatic dependency submission
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "object", + "name": "dependency_graph_autosubmit_action_options", + "in": "body", + "description": "Feature options for Automatic dependency submission
", + "childParamsGroups": [ + { + "type": "boolean", + "name": "labeled_runners", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
", + "default": false + } + ] + }, + { + "type": "string", + "name": "dependabot_alerts", + "in": "body", + "description": "The enablement status of Dependabot alerts
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "dependabot_security_updates", + "in": "body", + "description": "The enablement status of Dependabot security updates
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "code_scanning_default_setup", + "in": "body", + "description": "The enablement status of code scanning default setup
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "object or null", + "name": "code_scanning_default_setup_options", + "in": "body", + "description": "Feature options for code scanning default setup
", + "childParamsGroups": [ + { + "type": "string", + "name": "runner_type", + "description": "Whether to use labeled runners or standard GitHub runners.
", + "enum": [ + "standard", + "labeled", + "not_set" + ] + }, + { + "type": "string or null", + "name": "runner_label", + "description": "The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
" + } + ] + }, + { + "type": "string", + "name": "secret_scanning", + "in": "body", + "description": "The enablement status of secret scanning
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "secret_scanning_push_protection", + "in": "body", + "description": "The enablement status of secret scanning push protection
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "secret_scanning_delegated_bypass", + "in": "body", + "description": "The enablement status of secret scanning delegated bypass
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "object", + "name": "secret_scanning_delegated_bypass_options", + "in": "body", + "description": "Feature options for secret scanning delegated bypass
", + "childParamsGroups": [ + { + "type": "array of objects", + "name": "reviewers", + "description": "The bypass reviewers for secret scanning delegated bypass
", + "childParamsGroups": [ + { + "type": "integer", + "name": "reviewer_id", + "description": "The ID of the team or role selected as a bypass reviewer
", + "isRequired": true + }, + { + "type": "string", + "name": "reviewer_type", + "description": "The type of the bypass reviewer
", + "isRequired": true, + "enum": [ + "TEAM", + "ROLE" + ] + } + ] + } + ] + }, + { + "type": "string", + "name": "secret_scanning_validity_checks", + "in": "body", + "description": "The enablement status of secret scanning validity checks
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "secret_scanning_non_provider_patterns", + "in": "body", + "description": "The enablement status of secret scanning non provider patterns
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "private_vulnerability_reporting", + "in": "body", + "description": "The enablement status of private vulnerability reporting
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "enforcement", + "in": "body", + "description": "The enforcement status for a security configuration
", + "enum": [ + "enforced", + "unenforced" + ], + "default": "enforced" + } + ], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example for a code security configuration", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "secret_scanning": "enabled" + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "Successfully created code security configuration
", + "example": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + }, + "schema": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Creates a code security configuration in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Successfully created code security configuration
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/code-security/configurations/defaults", + "title": "Get default code security configurations", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": [ + { + "default_for_new_repos": "public", + "configuration": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "not_set", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "enabled", + "secret_scanning_delegated_bypass_options": { + "reviewers": [ + { + "security_configuration_id": 1325, + "reviewer_id": 5678, + "reviewer_type": "TEAM" + } + ] + }, + "secret_scanning_validity_checks": "enabled", + "secret_scanning_non_provider_patterns": "enabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + } + }, + { + "default_for_new_repos": "private_and_internal", + "configuration": { + "id": 17, + "target_type": "global", + "name": "GitHub recommended", + "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "not_set", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", + "created_at": "2023-12-04T15:58:07Z", + "updated_at": "2023-12-04T15:58:07Z" + } + } + ], + "schema": { + "type": "array", + "description": "A list of default code security configurations", + "items": { + "type": "object", + "properties": { + "default_for_new_repos": { + "enum": [ + "public", + "private_and_internal", + "all" + ], + "description": "The visibility of newly created repositories for which the code security configuration will be applied to by default" + }, + "configuration": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists the default code security configurations for an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "304", + "description": "Not modified
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/code-security/configurations/detach", + "title": "Detach configurations from repositories", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "in": "body", + "description": "An array of repository IDs to detach from configurations.
" + } + ], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example for detaching repositories from configurations.", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 32, + 91 + ] + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "204", + "description": "A header with no content is returned.
" + } + } + ], + "previews": [], + "descriptionHTML": "Detach code security configuration(s) from a set of repositories.\nRepositories will retain their settings but will no longer be associated with the configuration.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
A header with no content is returned.
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/code-security/configurations/{configuration_id}", + "title": "Get a code security configuration", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }, @@ -351037,6 +354909,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { @@ -392285,7 +396180,7 @@ } ], "previews": [], - "descriptionHTML": "Lists teams that are security managers for an organization. For more information, see \"Managing security managers in your organization.\"
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.
Warning
\n\nClosing down notice: This operation is closing down and will be removed starting January 1, 2026. Please use the \"Organization Roles\" endpoints instead.
\nAdds a team as a security manager for an organization. For more information, see \"Managing security for an organization for an organization.\"
\nThe authenticated user must be an administrator for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Warning
\n\nClosing down notice: This operation is closing down and will be removed starting January 1, 2026. Please use the \"Organization Roles\" endpoints instead.
\nRemoves the security manager role from a team for an organization. For more information, see \"Managing security managers in your organization team from an organization.\"
\nThe authenticated user must be an administrator for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Warning
\n\nClosing down notice: This operation is closing down and will be removed starting January 1, 2026. Please use the \"Organization Roles\" endpoints instead.
\nThe account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
Response
", + "example": { + "status": "success", + "description": "This fixes an XSS vulnerability by escaping the user input.", + "started_at": "2024-02-14T12:29:18Z" + }, + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of an autofix.", + "enum": [ + "pending", + "error", + "success", + "outdated" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The description of an autofix." + }, + "started_at": { + "type": "string", + "description": "The start time of an autofix in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + } + }, + "required": [ + "status", + "description", + "started_at" + ] + } + } + } + ], + "previews": [], + "descriptionHTML": "Gets the status and description of an autofix for a code scanning alert.
\nOAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
OK
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Response if GitHub Advanced Security is not enabled for this repository
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "503", + "description": "Service unavailable
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix", + "title": "Create an autofix for a code scanning alert", + "category": "code-scanning", + "subcategory": "code-scanning", + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
OK
", + "example": { + "status": "success", + "description": "This fixes an XSS vulnerability by escaping the user input.", + "started_at": "2024-02-14T12:29:18Z" + }, + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of an autofix.", + "enum": [ + "pending", + "error", + "success", + "outdated" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The description of an autofix." + }, + "started_at": { + "type": "string", + "description": "The start time of an autofix in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + } + }, + "required": [ + "status", + "description", + "started_at" + ] + } + } + }, + { + "key": "default", + "request": { + "description": "Example 2: Status Code 202", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "alert_number": "ALERT_NUMBER" + } + }, + "response": { + "statusCode": "202", + "contentType": "application/json", + "description": "Accepted
", + "example": { + "status": "pending", + "description": null, + "started_at": "2024-02-14T12:29:18Z" + }, + "schema": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of an autofix.", + "enum": [ + "pending", + "error", + "success", + "outdated" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The description of an autofix." + }, + "started_at": { + "type": "string", + "description": "The start time of an autofix in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + } + }, + "required": [ + "status", + "description", + "started_at" + ] + } + } + } + ], + "previews": [], + "descriptionHTML": "Creates an autofix for a code scanning alert.
\nIf a new autofix is to be created as a result of this request or is currently being generated, then this endpoint will return a 202 Accepted response.
\nIf an autofix already exists for a given alert, then this endpoint will return a 200 OK response.
\nOAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
OK
" + }, + { + "httpStatusCode": "202", + "description": "Accepted
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Response if the repository is archived, if GitHub Advanced Security is not enabled for this repository or if rate limit is exceeded
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "422", + "description": "Unprocessable Entity
" + }, + { + "httpStatusCode": "503", + "description": "Service unavailable
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix/commits", + "title": "Commit an autofix for a code scanning alert", + "category": "code-scanning", + "subcategory": "code-scanning", + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.
The Git reference of target branch for the commit. Branch needs to already exist. For more information, see \"Git References\" in the Git documentation.
" + }, + { + "type": "string", + "name": "message", + "in": "body", + "description": "Commit message to be used.
" + } + ], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "target_ref": "refs/heads/fix-bug", + "message": "Let's fix this 🪲!" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "alert_number": "ALERT_NUMBER" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "Created
", + "example": { + "target_ref": "refs/heads/main", + "sha": "178f4f6090b3fccad4a65b3e83d076a622d59652" + }, + "schema": { + "type": "object", + "properties": { + "target_ref": { + "type": "string", + "description": "The Git reference of target branch for the commit. For more information, see \"[Git References](https://git-scm.com/book/en/v2/Git-Internals-Git-References)\" in the Git documentation." + }, + "sha": { + "type": "string", + "description": "SHA of commit with autofix." + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Commits an autofix for a code scanning alert.
\nIf an autofix is commited as a result of this request, then this endpoint will return a 201 Created response.
\nOAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
Created
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Response if the repository is archived or if GitHub Advanced Security is not enabled for this repository
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "422", + "description": "Unprocessable Entity
" + }, + { + "httpStatusCode": "503", + "description": "Service unavailable
" + } + ] + }, { "serverUrl": "https://api.github.com", "verb": "get", @@ -167859,34 +168316,20 @@ { "serverUrl": "https://api.github.com", "verb": "get", - "requestPath": "/orgs/{org}/code-security/configurations", - "title": "Get code security configurations for an organization", + "requestPath": "/enterprises/{enterprise}/code-security/configurations", + "title": "Get code security configurations for an enterprise", "category": "code-security", "subcategory": "configurations", "parameters": [ { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { "type": "string" } }, - { - "name": "target_type", - "in": "query", - "description": "The target type of the code security configuration
", - "required": false, - "schema": { - "type": "string", - "enum": [ - "global", - "all" - ], - "default": "all" - } - }, { "name": "per_page", "in": "query", @@ -167918,14 +168361,10 @@ ], "bodyParameters": [], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -167934,7 +168373,7 @@ "description": "Example", "acceptHeader": "application/vnd.github.v3+json", "parameters": { - "org": "ORG" + "enterprise": "ENTERPRISE" } }, "response": { @@ -167956,32 +168395,26 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", - "secret_scanning_delegated_bypass": "enabled", - "secret_scanning_delegated_bypass_options": { - "reviewers": [ - { - "security_configuration_id": 17, - "reviewer_id": 5678, - "reviewer_type": "TEAM" - } - ] - }, "secret_scanning_validity_checks": "enabled", "secret_scanning_non_provider_patterns": "enabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/17", + "html_url": "https://github.com/organizations/octo-enterprise/settings/security_analysis/configurations/17/view", "created_at": "2023-12-04T15:58:07Z", "updated_at": "2023-12-04T15:58:07Z" }, { "id": 1326, - "target_type": "organization", + "target_type": "enterprise", "name": "High risk settings", - "description": "This is a code security configuration for octo-org high risk repositories", + "description": "This is a code security configuration for octo-enterprise high risk repositories", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", @@ -167991,15 +168424,18 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "enabled", "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, "secret_scanning": "enabled", "secret_scanning_push_protection": "enabled", - "secret_scanning_delegated_bypass": "disabled", "secret_scanning_validity_checks": "disabled", "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "enabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1326", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1326/edit", "created_at": "2024-05-10T00:00:00Z", "updated_at": "2024-05-10T00:00:00Z" } @@ -168241,7 +168677,7 @@ } ], "previews": [], - "descriptionHTML": "Lists all code security configurations available in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Lists all code security configurations available in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { @@ -168280,7 +168716,7 @@ "type": "string", "name": "name", "in": "body", - "description": "The name of the code security configuration. Must be unique within the organization.
", + "description": "The name of the code security configuration. Must be unique within the enterprise.
", "isRequired": true }, { @@ -168422,49 +168858,6 @@ ], "default": "disabled" }, - { - "type": "string", - "name": "secret_scanning_delegated_bypass", - "in": "body", - "description": "The enablement status of secret scanning delegated bypass
", - "enum": [ - "enabled", - "disabled", - "not_set" - ], - "default": "disabled" - }, - { - "type": "object", - "name": "secret_scanning_delegated_bypass_options", - "in": "body", - "description": "Feature options for secret scanning delegated bypass
", - "childParamsGroups": [ - { - "type": "array of objects", - "name": "reviewers", - "description": "The bypass reviewers for secret scanning delegated bypass
", - "childParamsGroups": [ - { - "type": "integer", - "name": "reviewer_id", - "description": "The ID of the team or role selected as a bypass reviewer
", - "isRequired": true - }, - { - "type": "string", - "name": "reviewer_type", - "description": "The type of the bypass reviewer
", - "isRequired": true, - "enum": [ - "TEAM", - "ROLE" - ] - } - ] - } - ] - }, { "type": "string", "name": "secret_scanning_validity_checks", @@ -168514,14 +168907,10 @@ } ], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -168531,15 +168920,15 @@ "description": "Example for a code security configuration", "acceptHeader": "application/vnd.github.v3+json", "bodyParameters": { - "name": "octo-org recommended settings", - "description": "This is a code security configuration for octo-org", + "name": "High rish settings", + "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "secret_scanning": "enabled" }, "parameters": { - "org": "ORG" + "enterprise": "ENTERPRISE" } }, "response": { @@ -168548,9 +168937,9 @@ "description": "Successfully created code security configuration
", "example": { "id": 1325, - "target_type": "organization", - "name": "octo-org recommended settings", - "description": "This is a code security configuration for octo-org", + "target_type": "enterprise", + "name": "High risk settings", + "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", @@ -168560,10 +168949,6 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", - "code_scanning_default_setup_options": { - "runner_type": "not_set", - "runner_label": null - }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", @@ -168571,8 +168956,8 @@ "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }, @@ -168810,25 +169195,37 @@ } ], "previews": [], - "descriptionHTML": "Creates a code security configuration in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Creates a code security configuration in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Successfully created code security configuration
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" } ] }, { "serverUrl": "https://api.github.com", "verb": "get", - "requestPath": "/orgs/{org}/code-security/configurations/defaults", - "title": "Get default code security configurations", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/defaults", + "title": "Get default code security configurations for an enterprise", "category": "code-security", "subcategory": "configurations", "parameters": [ { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { @@ -168838,14 +169235,10 @@ ], "bodyParameters": [], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -168854,7 +169247,7 @@ "description": "Example", "acceptHeader": "application/vnd.github.v3+json", "parameters": { - "org": "ORG" + "enterprise": "ENTERPRISE" } }, "response": { @@ -169188,121 +169581,25 @@ } ], "previews": [], - "descriptionHTML": "Lists the default code security configurations for an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Lists the default code security configurations for an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
OK
" - }, - { - "httpStatusCode": "304", - "description": "Not modified
" - }, - { - "httpStatusCode": "403", - "description": "Forbidden
" - }, - { - "httpStatusCode": "404", - "description": "Resource not found
" - } - ] - }, - { - "serverUrl": "https://api.github.com", - "verb": "delete", - "requestPath": "/orgs/{org}/code-security/configurations/detach", - "title": "Detach configurations from repositories", - "category": "code-security", - "subcategory": "configurations", - "parameters": [ - { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", - "in": "path", - "required": true, - "schema": { - "type": "string" - } - } - ], - "bodyParameters": [ - { - "type": "array of integers", - "name": "selected_repository_ids", - "in": "body", - "description": "An array of repository IDs to detach from configurations.
" - } - ], - "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] - }, - "codeExamples": [ - { - "key": "default", - "request": { - "contentType": "application/json", - "description": "Example for detaching repositories from configurations.", - "acceptHeader": "application/vnd.github.v3+json", - "bodyParameters": { - "selected_repository_ids": [ - 32, - 91 - ] - }, - "parameters": { - "org": "ORG" - } - }, - "response": { - "statusCode": "204", - "description": "A header with no content is returned.
" - } - } - ], - "previews": [], - "descriptionHTML": "Detach code security configuration(s) from a set of repositories.\nRepositories will retain their settings but will no longer be associated with the configuration.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
A header with no content is returned.
" - }, - { - "httpStatusCode": "400", - "description": "Bad Request
" - }, - { - "httpStatusCode": "403", - "description": "Forbidden
" - }, - { - "httpStatusCode": "404", - "description": "Resource not found
" - }, - { - "httpStatusCode": "409", - "description": "Conflict
" } ] }, { "serverUrl": "https://api.github.com", "verb": "get", - "requestPath": "/orgs/{org}/code-security/configurations/{configuration_id}", - "title": "Get a code security configuration", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}", + "title": "Retrieve a code security configuration of an enterprise", "category": "code-security", "subcategory": "configurations", "parameters": [ { - "name": "org", - "description": "The organization name. The name is not case sensitive.
", + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", "in": "path", "required": true, "schema": { @@ -169321,14 +169618,10 @@ ], "bodyParameters": [], "progAccess": { - "userToServerRest": true, - "serverToServer": true, - "fineGrainedPat": true, - "permissions": [ - { - "\"Administration\" organization permissions": "write" - } - ] + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] }, "codeExamples": [ { @@ -169337,7 +169630,7 @@ "description": "Example", "acceptHeader": "application/vnd.github.v3+json", "parameters": { - "org": "ORG", + "enterprise": "ENTERPRISE", "configuration_id": "CONFIGURATION_ID" } }, @@ -169347,9 +169640,9 @@ "description": "Response
", "example": { "id": 1325, - "target_type": "organization", - "name": "octo-org recommended settings", - "description": "This is a code security configuration for octo-org", + "target_type": "enterprise", + "name": "High risk settings", + "description": "This is a code security configuration for octo-enterprise", "advanced_security": "enabled", "dependency_graph": "enabled", "dependency_graph_autosubmit_action": "enabled", @@ -169359,10 +169652,6 @@ "dependabot_alerts": "enabled", "dependabot_security_updates": "not_set", "code_scanning_default_setup": "disabled", - "code_scanning_default_setup_options": { - "runner_type": "not_set", - "runner_label": null - }, "secret_scanning": "enabled", "secret_scanning_push_protection": "disabled", "secret_scanning_delegated_bypass": "disabled", @@ -169370,8 +169659,3591 @@ "secret_scanning_non_provider_patterns": "disabled", "private_vulnerability_reporting": "disabled", "enforcement": "enforced", - "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", - "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + }, + "schema": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Gets a code security configuration available in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "304", + "description": "Not modified
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}", + "title": "Update a custom code security configuration for an enterprise", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "in": "body", + "description": "The name of the code security configuration. Must be unique across the enterprise.
" + }, + { + "type": "string", + "name": "description", + "in": "body", + "description": "A description of the code security configuration
" + }, + { + "type": "string", + "name": "advanced_security", + "in": "body", + "description": "The enablement status of GitHub Advanced Security. Must be set to enabled if you want to enable any GHAS settings.
", + "enum": [ + "enabled", + "disabled" + ] + }, + { + "type": "string", + "name": "dependency_graph", + "in": "body", + "description": "The enablement status of Dependency Graph
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "dependency_graph_autosubmit_action", + "in": "body", + "description": "The enablement status of Automatic dependency submission
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "object", + "name": "dependency_graph_autosubmit_action_options", + "in": "body", + "description": "Feature options for Automatic dependency submission
", + "childParamsGroups": [ + { + "type": "boolean", + "name": "labeled_runners", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
" + } + ] + }, + { + "type": "string", + "name": "dependabot_alerts", + "in": "body", + "description": "The enablement status of Dependabot alerts
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "dependabot_security_updates", + "in": "body", + "description": "The enablement status of Dependabot security updates
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "code_scanning_default_setup", + "in": "body", + "description": "The enablement status of code scanning default setup
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "object or null", + "name": "code_scanning_default_setup_options", + "in": "body", + "description": "Feature options for code scanning default setup
", + "childParamsGroups": [ + { + "type": "string", + "name": "runner_type", + "description": "Whether to use labeled runners or standard GitHub runners.
", + "enum": [ + "standard", + "labeled", + "not_set" + ] + }, + { + "type": "string or null", + "name": "runner_label", + "description": "The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
" + } + ] + }, + { + "type": "string", + "name": "secret_scanning", + "in": "body", + "description": "The enablement status of secret scanning
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "secret_scanning_push_protection", + "in": "body", + "description": "The enablement status of secret scanning push protection
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "secret_scanning_validity_checks", + "in": "body", + "description": "The enablement status of secret scanning validity checks
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "secret_scanning_non_provider_patterns", + "in": "body", + "description": "The enablement status of secret scanning non-provider patterns
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "private_vulnerability_reporting", + "in": "body", + "description": "The enablement status of private vulnerability reporting
", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + { + "type": "string", + "name": "enforcement", + "in": "body", + "description": "The enforcement status for a security configuration
", + "enum": [ + "enforced", + "unenforced" + ] + } + ], + "progAccess": { + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example for updating a code security configuration", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "octo-enterprise recommended settings v2", + "secret_scanning": "disabled", + "code_scanning_default_setup": "enabled" + }, + "parameters": { + "enterprise": "ENTERPRISE", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": { + "id": 1325, + "target_type": "enterprise", + "name": "High risk settings", + "description": "This is a code security configuration for octo-enterprise", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/enterprises/octo-enterprise/code-security/configurations/1325", + "html_url": "https://github.com/enterprises/octo-enterprise/settings/security_analysis/configurations/1325/edit", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + }, + "schema": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Updates a code security configuration in an enterprise.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "304", + "description": "Not modified
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}", + "title": "Delete a code security configuration for an enterprise", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "enterprise": "ENTERPRISE", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "204", + "description": "A header with no content is returned.
" + } + } + ], + "previews": [], + "descriptionHTML": "Deletes a code security configuration from an enterprise.\nRepositories attached to the configuration will retain their settings but will no longer be associated with\nthe configuration.
\nThe authenticated user must be an administrator for the enterprise to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
A header with no content is returned.
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}/attach", + "title": "Attach an enterprise configuration to repositories", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "scope", + "in": "body", + "description": "The type of repositories to attach the configuration to. selected means the configuration will be attached to only the repositories specified by selected_repository_ids
Accepted
", + "example": null, + "schema": { + "type": "object" + } + } + } + ], + "previews": [], + "descriptionHTML": "Attaches an enterprise code security configuration to repositories. If the repositories specified are already attached to a configuration, they will be re-attached to the provided configuration.
\nIf insufficient GHAS licenses are available to attach the configuration to a repository, only free features will be enabled.
\nThe authenticated user must be an administrator for the enterprise to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Accepted
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}/defaults", + "title": "Set a code security configuration as a default for an enterprise", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "default_for_new_repos", + "in": "body", + "description": "Specify which types of repository this security configuration should be applied to by default.
", + "enum": [ + "all", + "none", + "private_and_internal", + "public" + ] + } + ], + "progAccess": { + "userToServerRest": false, + "serverToServer": false, + "fineGrainedPat": false, + "permissions": [] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Set this configuration to be enabled by default on all new repositories.", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "default_for_new_repos": "all" + }, + "parameters": { + "enterprise": "ENTERPRISE", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Default successfully changed.
", + "example": { + "default_for_new_repos": "all", + "configuration": { + "value": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + } + } + }, + "schema": { + "type": "object", + "properties": { + "default_for_new_repos": { + "type": "string", + "description": "Specifies which types of repository this security configuration is applied to by default.", + "enum": [ + "all", + "none", + "private_and_internal", + "public" + ] + }, + "configuration": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Sets a code security configuration as a default to be applied to new repositories in your enterprise.
\nThis configuration will be applied by default to the matching repository type when created, but only for organizations within the enterprise that do not already have a default code security configuration set.
\nThe authenticated user must be an administrator for the enterprise to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Default successfully changed.
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/enterprises/{enterprise}/code-security/configurations/{configuration_id}/repositories", + "title": "Get repositories associated with an enterprise code security configuration", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "enterprise", + "description": "The slug version of the enterprise name. You can also substitute this value with the enterprise id.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + }, + { + "name": "per_page", + "description": "The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "before", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "after", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "status", + "description": "A comma-separated list of statuses. If specified, only repositories with these attachment statuses will be returned.
\nCan be: all, attached, attaching, removed, enforced, failed, updating, removed_by_enterprise
Example of code security configuration repositories
", + "example": [ + { + "status": "attached", + "repository": { + "value": { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + } + } + ], + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "Repositories associated with a code security configuration and attachment status", + "properties": { + "status": { + "type": "string", + "description": "The attachment status of the code security configuration on the repository.", + "enum": [ + "attached", + "attaching", + "detached", + "removed", + "enforced", + "failed", + "updating", + "removed_by_enterprise" + ] + }, + "repository": { + "title": "Simple Repository", + "description": "A GitHub repository.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64", + "description": "A unique identifier of the repository.", + "examples": [ + 1296269 + ] + }, + "node_id": { + "type": "string", + "description": "The GraphQL identifier of the repository.", + "examples": [ + "MDEwOlJlcG9zaXRvcnkxMjk2MjY5" + ] + }, + "name": { + "type": "string", + "description": "The name of the repository.", + "examples": [ + "Hello-World" + ] + }, + "full_name": { + "type": "string", + "description": "The full, globally unique, name of the repository.", + "examples": [ + "octocat/Hello-World" + ] + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string", + "examples": [ + "octocat" + ] + }, + "id": { + "type": "integer", + "format": "int64", + "examples": [ + 1 + ] + }, + "node_id": { + "type": "string", + "examples": [ + "MDQ6VXNlcjE=" + ] + }, + "avatar_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://github.com/images/error/octocat_happy.gif" + ] + }, + "gravatar_id": { + "type": [ + "string", + "null" + ], + "examples": [ + "41d064eb2195891e12d0413f63227ea7" + ] + }, + "url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat" + ] + }, + "html_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://github.com/octocat" + ] + }, + "followers_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/followers" + ] + }, + "following_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/following{/other_user}" + ] + }, + "gists_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/gists{/gist_id}" + ] + }, + "starred_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/starred{/owner}{/repo}" + ] + }, + "subscriptions_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/subscriptions" + ] + }, + "organizations_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/orgs" + ] + }, + "repos_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/repos" + ] + }, + "events_url": { + "type": "string", + "examples": [ + "https://api.github.com/users/octocat/events{/privacy}" + ] + }, + "received_events_url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/users/octocat/received_events" + ] + }, + "type": { + "type": "string", + "examples": [ + "User" + ] + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string", + "examples": [ + "\"2020-07-09T00:17:55Z\"" + ] + }, + "user_view_type": { + "type": "string", + "examples": [ + "public" + ] + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean", + "description": "Whether the repository is private." + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL to view the repository on GitHub.com.", + "examples": [ + "https://github.com/octocat/Hello-World" + ] + }, + "description": { + "type": [ + "string", + "null" + ], + "description": "The repository description.", + "examples": [ + "This your first repo!" + ] + }, + "fork": { + "type": "boolean", + "description": "Whether the repository is a fork." + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL to get more information about the repository from the GitHub API.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World" + ] + }, + "archive_url": { + "type": "string", + "description": "A template for the API URL to download the repository as an archive.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}" + ] + }, + "assignees_url": { + "type": "string", + "description": "A template for the API URL to list the available assignees for issues in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/assignees{/user}" + ] + }, + "blobs_url": { + "type": "string", + "description": "A template for the API URL to create or retrieve a raw Git blob in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}" + ] + }, + "branches_url": { + "type": "string", + "description": "A template for the API URL to get information about branches in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/branches{/branch}" + ] + }, + "collaborators_url": { + "type": "string", + "description": "A template for the API URL to get information about collaborators of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}" + ] + }, + "comments_url": { + "type": "string", + "description": "A template for the API URL to get information about comments on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/comments{/number}" + ] + }, + "commits_url": { + "type": "string", + "description": "A template for the API URL to get information about commits on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/commits{/sha}" + ] + }, + "compare_url": { + "type": "string", + "description": "A template for the API URL to compare two commits or refs.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}" + ] + }, + "contents_url": { + "type": "string", + "description": "A template for the API URL to get the contents of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/contents/{+path}" + ] + }, + "contributors_url": { + "type": "string", + "format": "uri", + "description": "A template for the API URL to list the contributors to the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/contributors" + ] + }, + "deployments_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the deployments of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/deployments" + ] + }, + "downloads_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the downloads on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/downloads" + ] + }, + "events_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the events of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/events" + ] + }, + "forks_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the forks of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/forks" + ] + }, + "git_commits_url": { + "type": "string", + "description": "A template for the API URL to get information about Git commits of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}" + ] + }, + "git_refs_url": { + "type": "string", + "description": "A template for the API URL to get information about Git refs of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}" + ] + }, + "git_tags_url": { + "type": "string", + "description": "A template for the API URL to get information about Git tags of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}" + ] + }, + "issue_comment_url": { + "type": "string", + "description": "A template for the API URL to get information about issue comments on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}" + ] + }, + "issue_events_url": { + "type": "string", + "description": "A template for the API URL to get information about issue events on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}" + ] + }, + "issues_url": { + "type": "string", + "description": "A template for the API URL to get information about issues on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/issues{/number}" + ] + }, + "keys_url": { + "type": "string", + "description": "A template for the API URL to get information about deploy keys on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}" + ] + }, + "labels_url": { + "type": "string", + "description": "A template for the API URL to get information about labels of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/labels{/name}" + ] + }, + "languages_url": { + "type": "string", + "format": "uri", + "description": "The API URL to get information about the languages of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/languages" + ] + }, + "merges_url": { + "type": "string", + "format": "uri", + "description": "The API URL to merge branches in the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/merges" + ] + }, + "milestones_url": { + "type": "string", + "description": "A template for the API URL to get information about milestones of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/milestones{/number}" + ] + }, + "notifications_url": { + "type": "string", + "description": "A template for the API URL to get information about notifications on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}" + ] + }, + "pulls_url": { + "type": "string", + "description": "A template for the API URL to get information about pull requests on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/pulls{/number}" + ] + }, + "releases_url": { + "type": "string", + "description": "A template for the API URL to get information about releases on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/releases{/id}" + ] + }, + "stargazers_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the stargazers on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/stargazers" + ] + }, + "statuses_url": { + "type": "string", + "description": "A template for the API URL to get information about statuses of a commit.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}" + ] + }, + "subscribers_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the subscribers on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/subscribers" + ] + }, + "subscription_url": { + "type": "string", + "format": "uri", + "description": "The API URL to subscribe to notifications for this repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/subscription" + ] + }, + "tags_url": { + "type": "string", + "format": "uri", + "description": "The API URL to get information about tags on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/tags" + ] + }, + "teams_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the teams on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/teams" + ] + }, + "trees_url": { + "type": "string", + "description": "A template for the API URL to create or retrieve a raw Git tree of the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri", + "description": "The API URL to list the hooks on the repository.", + "examples": [ + "https://api.github.com/repos/octocat/Hello-World/hooks" + ] + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists the repositories associated with an enterprise code security configuration in an organization.
\nThe authenticated user must be an administrator of the enterprise in order to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/code-security/configurations", + "title": "Get code security configurations for an organization", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "target_type", + "in": "query", + "description": "The target type of the code security configuration
", + "required": false, + "schema": { + "type": "string", + "enum": [ + "global", + "all" + ], + "default": "all" + } + }, + { + "name": "per_page", + "in": "query", + "description": "The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"
", + "required": false, + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "before", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "after", + "description": "A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": [ + { + "id": 17, + "target_type": "global", + "name": "GitHub recommended", + "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "not_set", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "enabled", + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "enabled", + "secret_scanning_delegated_bypass_options": { + "reviewers": [ + { + "security_configuration_id": 17, + "reviewer_id": 5678, + "reviewer_type": "TEAM" + } + ] + }, + "secret_scanning_validity_checks": "enabled", + "secret_scanning_non_provider_patterns": "enabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", + "created_at": "2023-12-04T15:58:07Z", + "updated_at": "2023-12-04T15:58:07Z" + }, + { + "id": 1326, + "target_type": "organization", + "name": "High risk settings", + "description": "This is a code security configuration for octo-org high risk repositories", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "enabled", + "code_scanning_default_setup": "enabled", + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1326", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1326", + "created_at": "2024-05-10T00:00:00Z", + "updated_at": "2024-05-10T00:00:00Z" + } + ], + "schema": { + "type": "array", + "items": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists all code security configurations available in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/orgs/{org}/code-security/configurations", + "title": "Create a code security configuration", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "in": "body", + "description": "The name of the code security configuration. Must be unique within the organization.
", + "isRequired": true + }, + { + "type": "string", + "name": "description", + "in": "body", + "description": "A description of the code security configuration
", + "isRequired": true + }, + { + "type": "string", + "name": "advanced_security", + "in": "body", + "description": "The enablement status of GitHub Advanced Security
", + "enum": [ + "enabled", + "disabled" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "dependency_graph", + "in": "body", + "description": "The enablement status of Dependency Graph
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "enabled" + }, + { + "type": "string", + "name": "dependency_graph_autosubmit_action", + "in": "body", + "description": "The enablement status of Automatic dependency submission
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "object", + "name": "dependency_graph_autosubmit_action_options", + "in": "body", + "description": "Feature options for Automatic dependency submission
", + "childParamsGroups": [ + { + "type": "boolean", + "name": "labeled_runners", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners.
", + "default": false + } + ] + }, + { + "type": "string", + "name": "dependabot_alerts", + "in": "body", + "description": "The enablement status of Dependabot alerts
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "dependabot_security_updates", + "in": "body", + "description": "The enablement status of Dependabot security updates
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "code_scanning_default_setup", + "in": "body", + "description": "The enablement status of code scanning default setup
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "object or null", + "name": "code_scanning_default_setup_options", + "in": "body", + "description": "Feature options for code scanning default setup
", + "childParamsGroups": [ + { + "type": "string", + "name": "runner_type", + "description": "Whether to use labeled runners or standard GitHub runners.
", + "enum": [ + "standard", + "labeled", + "not_set" + ] + }, + { + "type": "string or null", + "name": "runner_label", + "description": "The label of the runner to use for code scanning default setup when runner_type is 'labeled'.
" + } + ] + }, + { + "type": "string", + "name": "secret_scanning", + "in": "body", + "description": "The enablement status of secret scanning
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "secret_scanning_push_protection", + "in": "body", + "description": "The enablement status of secret scanning push protection
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "secret_scanning_delegated_bypass", + "in": "body", + "description": "The enablement status of secret scanning delegated bypass
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "object", + "name": "secret_scanning_delegated_bypass_options", + "in": "body", + "description": "Feature options for secret scanning delegated bypass
", + "childParamsGroups": [ + { + "type": "array of objects", + "name": "reviewers", + "description": "The bypass reviewers for secret scanning delegated bypass
", + "childParamsGroups": [ + { + "type": "integer", + "name": "reviewer_id", + "description": "The ID of the team or role selected as a bypass reviewer
", + "isRequired": true + }, + { + "type": "string", + "name": "reviewer_type", + "description": "The type of the bypass reviewer
", + "isRequired": true, + "enum": [ + "TEAM", + "ROLE" + ] + } + ] + } + ] + }, + { + "type": "string", + "name": "secret_scanning_validity_checks", + "in": "body", + "description": "The enablement status of secret scanning validity checks
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "secret_scanning_non_provider_patterns", + "in": "body", + "description": "The enablement status of secret scanning non provider patterns
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "private_vulnerability_reporting", + "in": "body", + "description": "The enablement status of private vulnerability reporting
", + "enum": [ + "enabled", + "disabled", + "not_set" + ], + "default": "disabled" + }, + { + "type": "string", + "name": "enforcement", + "in": "body", + "description": "The enforcement status for a security configuration
", + "enum": [ + "enforced", + "unenforced" + ], + "default": "enforced" + } + ], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example for a code security configuration", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "secret_scanning": "enabled" + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "Successfully created code security configuration
", + "example": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + }, + "schema": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Creates a code security configuration in an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Successfully created code security configuration
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/code-security/configurations/defaults", + "title": "Get default code security configurations", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": [ + { + "default_for_new_repos": "public", + "configuration": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "not_set", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "enabled", + "secret_scanning_delegated_bypass_options": { + "reviewers": [ + { + "security_configuration_id": 1325, + "reviewer_id": 5678, + "reviewer_type": "TEAM" + } + ] + }, + "secret_scanning_validity_checks": "enabled", + "secret_scanning_non_provider_patterns": "enabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", + "created_at": "2024-05-01T00:00:00Z", + "updated_at": "2024-05-01T00:00:00Z" + } + }, + { + "default_for_new_repos": "private_and_internal", + "configuration": { + "id": 17, + "target_type": "global", + "name": "GitHub recommended", + "description": "Suggested settings for Dependabot, secret scanning, and code scanning.", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "not_set", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "enabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "enabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "private_vulnerability_reporting": "enabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/17", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/view", + "created_at": "2023-12-04T15:58:07Z", + "updated_at": "2023-12-04T15:58:07Z" + } + } + ], + "schema": { + "type": "array", + "description": "A list of default code security configurations", + "items": { + "type": "object", + "properties": { + "default_for_new_repos": { + "enum": [ + "public", + "private_and_internal", + "all" + ], + "description": "The visibility of newly created repositories for which the code security configuration will be applied to by default" + }, + "configuration": { + "type": "object", + "description": "A code security configuration", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the code security configuration" + }, + "name": { + "type": "string", + "description": "The name of the code security configuration. Must be unique within the organization." + }, + "target_type": { + "type": "string", + "description": "The type of the code security configuration.", + "enum": [ + "global", + "organization", + "enterprise" + ] + }, + "description": { + "type": "string", + "description": "A description of the code security configuration" + }, + "advanced_security": { + "type": "string", + "description": "The enablement status of GitHub Advanced Security", + "enum": [ + "enabled", + "disabled" + ] + }, + "dependency_graph": { + "type": "string", + "description": "The enablement status of Dependency Graph", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action": { + "type": "string", + "description": "The enablement status of Automatic dependency submission", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependency_graph_autosubmit_action_options": { + "type": "object", + "description": "Feature options for Automatic dependency submission", + "properties": { + "labeled_runners": { + "type": "boolean", + "description": "Whether to use runners labeled with 'dependency-submission' or standard GitHub runners." + } + } + }, + "dependabot_alerts": { + "type": "string", + "description": "The enablement status of Dependabot alerts", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "dependabot_security_updates": { + "type": "string", + "description": "The enablement status of Dependabot security updates", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup": { + "type": "string", + "description": "The enablement status of code scanning default setup", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "code_scanning_default_setup_options": { + "type": [ + "object", + "null" + ], + "description": "Feature options for code scanning default setup", + "properties": { + "runner_type": { + "type": [ + "string", + "null" + ], + "enum": [ + "standard", + "labeled", + "not_set", + null + ], + "description": "Whether to use labeled runners or standard GitHub runners." + }, + "runner_label": { + "type": [ + "string", + "null" + ], + "description": "The label of the runner to use for code scanning when runner_type is 'labeled'." + } + } + }, + "secret_scanning": { + "type": "string", + "description": "The enablement status of secret scanning", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_push_protection": { + "type": "string", + "description": "The enablement status of secret scanning push protection", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass": { + "type": "string", + "description": "The enablement status of secret scanning delegated bypass", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "description": "Feature options for secret scanning delegated bypass", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + } + } + } + } + } + }, + "secret_scanning_validity_checks": { + "type": "string", + "description": "The enablement status of secret scanning validity checks", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "secret_scanning_non_provider_patterns": { + "type": "string", + "description": "The enablement status of secret scanning non-provider patterns", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "private_vulnerability_reporting": { + "type": "string", + "description": "The enablement status of private vulnerability reporting", + "enum": [ + "enabled", + "disabled", + "not_set" + ] + }, + "enforcement": { + "type": "string", + "description": "The enforcement status for a security configuration", + "enum": [ + "enforced", + "unenforced" + ] + }, + "url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "html_url": { + "type": "string", + "format": "uri", + "description": "The URL of the configuration" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + } + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists the default code security configurations for an organization.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
OK
" + }, + { + "httpStatusCode": "304", + "description": "Not modified
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/code-security/configurations/detach", + "title": "Detach configurations from repositories", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "in": "body", + "description": "An array of repository IDs to detach from configurations.
" + } + ], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "contentType": "application/json", + "description": "Example for detaching repositories from configurations.", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 32, + 91 + ] + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "204", + "description": "A header with no content is returned.
" + } + } + ], + "previews": [], + "descriptionHTML": "Detach code security configuration(s) from a set of repositories.\nRepositories will retain their settings but will no longer be associated with the configuration.
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
A header with no content is returned.
" + }, + { + "httpStatusCode": "400", + "description": "Bad Request
" + }, + { + "httpStatusCode": "403", + "description": "Forbidden
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "409", + "description": "Conflict
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/code-security/configurations/{configuration_id}", + "title": "Get a code security configuration", + "category": "code-security", + "subcategory": "configurations", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "configuration_id", + "description": "The unique identifier of the code security configuration.
", + "in": "path", + "required": true, + "schema": { + "type": "integer" + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "configuration_id": "CONFIGURATION_ID" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": { + "id": 1325, + "target_type": "organization", + "name": "octo-org recommended settings", + "description": "This is a code security configuration for octo-org", + "advanced_security": "enabled", + "dependency_graph": "enabled", + "dependency_graph_autosubmit_action": "enabled", + "dependency_graph_autosubmit_action_options": { + "labeled_runners": false + }, + "dependabot_alerts": "enabled", + "dependabot_security_updates": "not_set", + "code_scanning_default_setup": "disabled", + "code_scanning_default_setup_options": { + "runner_type": "not_set", + "runner_label": null + }, + "secret_scanning": "enabled", + "secret_scanning_push_protection": "disabled", + "secret_scanning_delegated_bypass": "disabled", + "secret_scanning_validity_checks": "disabled", + "secret_scanning_non_provider_patterns": "disabled", + "private_vulnerability_reporting": "disabled", + "enforcement": "enforced", + "url": "https://api.github.com/orgs/octo-org/code-security/configurations/1325", + "html_url": "https://github.com/organizations/octo-org/settings/security_products/configurations/edit/1325", "created_at": "2024-05-01T00:00:00Z", "updated_at": "2024-05-01T00:00:00Z" }, @@ -379553,6 +383425,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { @@ -400913,6 +404808,433 @@ ] } ], + "bypass-requests": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/bypass-requests/push-rules", + "title": "List push rule bypass requests within an organization", + "category": "orgs", + "subcategory": "bypass-requests", + "parameters": [ + { + "name": "org", + "description": "The organization name. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_name", + "description": "The name of the repository to filter on.
", + "in": "query", + "schema": { + "type": "string" + } + }, + { + "name": "reviewer", + "description": "Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "requester", + "description": "Filter bypass requests by the handle of the GitHub user who requested the bypass.
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "time_period", + "description": "The time period to filter by.
\nFor example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for insights that occurred in the past 7 days (168 hours).
The status of the bypass request to filter on. When specified, only requests with this status will be returned.
", + "in": "query", + "required": false, + "schema": { + "type": "string", + "enum": [ + "completed", + "cancelled", + "expired", + "denied", + "open", + "all" + ], + "default": "all" + } + }, + { + "name": "per_page", + "description": "The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Administration\" organization permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": [ + { + "id": 21, + "number": 42, + "repository": { + "id": 1, + "name": "smile", + "full_name": "octo-org/smile" + }, + "organization": { + "id": 1, + "name": "octo-org" + }, + "requester": { + "actor_id": 12, + "actor_name": "monalisa" + }, + "request_type": "push_ruleset_bypass", + "data": [ + { + "ruleset_id": 410, + "ruleset_name": "Exclude image files", + "total_violations": 1, + "rule_type": "file_extension_restriction" + } + ], + "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132", + "status": "denied", + "requester_comment": "Updating site images to follow changes in marketing. Part 1", + "expires_at": "2024-07-08T08:43:03Z", + "created_at": "2024-07-01T08:43:03Z", + "responses": [ + { + "id": 42, + "reviewer": { + "actor_id": 4, + "actor_name": "octocat" + }, + "status": "denied", + "created_at": "2024-07-02T08:43:04Z" + } + ], + "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/1", + "html_url": "https://github.com/octo-org/smile/exemptions/1" + }, + { + "id": 12, + "number": 24, + "repository": { + "id": 1, + "name": "smile", + "full_name": "octo-org/smile" + }, + "organization": { + "id": 1, + "name": "octo-org" + }, + "requester": { + "actor_id": 12, + "actor_name": "monalisa" + }, + "request_type": "push_ruleset_bypass", + "data": [ + { + "ruleset_id": 410, + "ruleset_name": "Exclude image files", + "total_violations": 1, + "rule_type": "file_extension_restriction" + } + ], + "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555", + "status": "denied", + "requester_comment": "Updating site images to follow changes in marketing. Part 2", + "expires_at": "2024-07-08T07:43:03Z", + "created_at": "2024-07-01T07:43:03Z", + "responses": [ + { + "id": 42, + "reviewer": { + "actor_id": 4, + "actor_name": "octocat" + }, + "status": "denied", + "created_at": "2024-07-02T08:43:04Z" + } + ], + "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/2", + "html_url": "https://github.com/octo-org/smile/exemptions/2" + } + ], + "schema": { + "type": "array", + "items": { + "title": "Push rule bypass request", + "description": "A bypass request made by a user asking to be exempted from a push rule in this repository.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "description": "The unique identifier of the bypass request." + }, + "number": { + "type": "integer", + "description": "The number uniquely identifying the bypass request within its repository." + }, + "repository": { + "type": "object", + "description": "The repository the bypass request is for.", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the repository the bypass request is for." + }, + "name": { + "type": "string", + "description": "The name of the repository the bypass request is for." + }, + "full_name": { + "type": "string", + "description": "The full name of the repository the bypass request is for." + } + } + }, + "organization": { + "type": "object", + "description": "The organization associated with the repository the bypass request is for.", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the organization." + }, + "name": { + "type": "string", + "description": "The name of the organization." + } + } + }, + "requester": { + "type": "object", + "description": "The user who requested the bypass.", + "properties": { + "actor_id": { + "type": "integer", + "description": "The ID of the GitHub user who requested the bypass." + }, + "actor_name": { + "type": "string", + "description": "The name of the GitHub user who requested the bypass." + } + } + }, + "request_type": { + "type": "string", + "description": "The type of request." + }, + "data": { + "type": [ + "array", + "null" + ], + "description": "Data describing the push rules that are being requested to be bypassed.", + "items": { + "type": "object", + "properties": { + "ruleset_id": { + "type": "integer", + "description": "The ID of the ruleset for the rules that were violated." + }, + "ruleset_name": { + "type": "string", + "description": "The name of the ruleset for the rules that were violated." + }, + "total_violations": { + "type": "integer", + "description": "The number of rule violations generated from the push associated with this request." + }, + "rule_type": { + "type": "string", + "description": "The type of rule that was violated." + } + } + } + }, + "resource_identifier": { + "type": "string", + "description": "The unique identifier for the request type of the bypass request. For example, a commit SHA.", + "examples": [ + "827efc6d56897b048c772eb4087f854f46256132" + ] + }, + "status": { + "type": "string", + "description": "The status of the bypass request.", + "enum": [ + "pending", + "denied", + "approved", + "cancelled", + "completed", + "expired", + "open" + ] + }, + "requester_comment": { + "type": [ + "string", + "null" + ], + "description": "The comment the requester provided when creating the bypass request." + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the bypass request will expire." + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the bypass request was created." + }, + "responses": { + "type": [ + "array", + "null" + ], + "description": "The responses to the bypass request.", + "items": { + "title": "Bypass response", + "description": "A response made by a delegated bypasser to a bypass request.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the response to the bypass request." + }, + "reviewer": { + "type": "object", + "description": "The user who reviewed the bypass request.", + "properties": { + "actor_id": { + "type": "integer", + "description": "The ID of the GitHub user who reviewed the bypass request." + }, + "actor_name": { + "type": "string", + "description": "The name of the GitHub user who reviewed the bypass request." + } + } + }, + "status": { + "type": "string", + "description": "The response status to the bypass request until dismissed.", + "enum": [ + "approved", + "denied", + "dismissed" + ] + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the response to the bypass request was created." + } + } + } + }, + "url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/1" + ] + }, + "html_url": { + "type": "string", + "description": "The URL to view the bypass request in a browser.", + "format": "uri", + "examples": [ + "https://github.com/octo-org/smile/exemptions/1" + ] + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists the requests made by users of a repository to bypass push protection rules within an organization.
", + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "OK
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "500", + "description": "Internal Error
" + } + ] + } + ], "custom-properties": [ { "serverUrl": "https://api.github.com", @@ -425515,7 +429837,7 @@ } ], "previews": [], - "descriptionHTML": "Lists teams that are security managers for an organization. For more information, see \"Managing security managers in your organization.\"
\nThe authenticated user must be an administrator or security manager for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the read:org scope to use this endpoint.
Warning
\n\nClosing down notice: This operation is closing down and will be removed starting January 1, 2026. Please use the \"Organization Roles\" endpoints instead.
\nAdds a team as a security manager for an organization. For more information, see \"Managing security for an organization for an organization.\"
\nThe authenticated user must be an administrator for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.
Warning
\n\nClosing down notice: This operation is closing down and will be removed starting January 1, 2026. Please use the \"Organization Roles\" endpoints instead.
\nRemoves the security manager role from a team for an organization. For more information, see \"Managing security managers in your organization team from an organization.\"
\nThe authenticated user must be an administrator for the organization to use this endpoint.
\nOAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.
Warning
\n\nClosing down notice: This operation is closing down and will be removed starting January 1, 2026. Please use the \"Organization Roles\" endpoints instead.
\nThe account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
Filter bypass requests by the handle of the GitHub user who reviewed the bypass request.
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "requester", + "description": "Filter bypass requests by the handle of the GitHub user who requested the bypass.
", + "in": "query", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "time_period", + "description": "The time period to filter by.
\nFor example, day will filter for rule suites that occurred in the past 24 hours, and week will filter for insights that occurred in the past 7 days (168 hours).
The status of the bypass request to filter on. When specified, only requests with this status will be returned.
", + "in": "query", + "required": false, + "schema": { + "type": "string", + "enum": [ + "completed", + "cancelled", + "expired", + "denied", + "open", + "all" + ], + "default": "all" + } + }, + { + "name": "per_page", + "description": "The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"
", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": [ + { + "id": 21, + "number": 42, + "repository": { + "id": 1, + "name": "smile", + "full_name": "octo-org/smile" + }, + "organization": { + "id": 1, + "name": "octo-org" + }, + "requester": { + "actor_id": 12, + "actor_name": "monalisa" + }, + "request_type": "push_ruleset_bypass", + "data": [ + { + "ruleset_id": 410, + "ruleset_name": "Exclude image files", + "total_violations": 1, + "rule_type": "file_extension_restriction" + } + ], + "resource_identifier": "827efc6d56897b048c772eb4087f854f46256132", + "status": "denied", + "requester_comment": "Updating site images to follow changes in marketing. Part 1", + "expires_at": "2024-07-08T08:43:03Z", + "created_at": "2024-07-01T08:43:03Z", + "responses": [ + { + "id": 42, + "reviewer": { + "actor_id": 4, + "actor_name": "octocat" + }, + "status": "denied", + "created_at": "2024-07-02T08:43:04Z" + } + ], + "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/1", + "html_url": "https://github.com/octo-org/smile/exemptions/1" + }, + { + "id": 12, + "number": 24, + "repository": { + "id": 1, + "name": "smile", + "full_name": "octo-org/smile" + }, + "organization": { + "id": 1, + "name": "octo-org" + }, + "requester": { + "actor_id": 12, + "actor_name": "monalisa" + }, + "request_type": "push_ruleset_bypass", + "data": [ + { + "ruleset_id": 410, + "ruleset_name": "Exclude image files", + "total_violations": 1, + "rule_type": "file_extension_restriction" + } + ], + "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555", + "status": "denied", + "requester_comment": "Updating site images to follow changes in marketing. Part 2", + "expires_at": "2024-07-08T07:43:03Z", + "created_at": "2024-07-01T07:43:03Z", + "responses": [ + { + "id": 42, + "reviewer": { + "actor_id": 4, + "actor_name": "octocat" + }, + "status": "denied", + "created_at": "2024-07-02T08:43:04Z" + } + ], + "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/2", + "html_url": "https://github.com/octo-org/smile/exemptions/2" + } + ], + "schema": { + "type": "array", + "items": { + "title": "Push rule bypass request", + "description": "A bypass request made by a user asking to be exempted from a push rule in this repository.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "description": "The unique identifier of the bypass request." + }, + "number": { + "type": "integer", + "description": "The number uniquely identifying the bypass request within its repository." + }, + "repository": { + "type": "object", + "description": "The repository the bypass request is for.", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the repository the bypass request is for." + }, + "name": { + "type": "string", + "description": "The name of the repository the bypass request is for." + }, + "full_name": { + "type": "string", + "description": "The full name of the repository the bypass request is for." + } + } + }, + "organization": { + "type": "object", + "description": "The organization associated with the repository the bypass request is for.", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the organization." + }, + "name": { + "type": "string", + "description": "The name of the organization." + } + } + }, + "requester": { + "type": "object", + "description": "The user who requested the bypass.", + "properties": { + "actor_id": { + "type": "integer", + "description": "The ID of the GitHub user who requested the bypass." + }, + "actor_name": { + "type": "string", + "description": "The name of the GitHub user who requested the bypass." + } + } + }, + "request_type": { + "type": "string", + "description": "The type of request." + }, + "data": { + "type": [ + "array", + "null" + ], + "description": "Data describing the push rules that are being requested to be bypassed.", + "items": { + "type": "object", + "properties": { + "ruleset_id": { + "type": "integer", + "description": "The ID of the ruleset for the rules that were violated." + }, + "ruleset_name": { + "type": "string", + "description": "The name of the ruleset for the rules that were violated." + }, + "total_violations": { + "type": "integer", + "description": "The number of rule violations generated from the push associated with this request." + }, + "rule_type": { + "type": "string", + "description": "The type of rule that was violated." + } + } + } + }, + "resource_identifier": { + "type": "string", + "description": "The unique identifier for the request type of the bypass request. For example, a commit SHA.", + "examples": [ + "827efc6d56897b048c772eb4087f854f46256132" + ] + }, + "status": { + "type": "string", + "description": "The status of the bypass request.", + "enum": [ + "pending", + "denied", + "approved", + "cancelled", + "completed", + "expired", + "open" + ] + }, + "requester_comment": { + "type": [ + "string", + "null" + ], + "description": "The comment the requester provided when creating the bypass request." + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the bypass request will expire." + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the bypass request was created." + }, + "responses": { + "type": [ + "array", + "null" + ], + "description": "The responses to the bypass request.", + "items": { + "title": "Bypass response", + "description": "A response made by a delegated bypasser to a bypass request.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the response to the bypass request." + }, + "reviewer": { + "type": "object", + "description": "The user who reviewed the bypass request.", + "properties": { + "actor_id": { + "type": "integer", + "description": "The ID of the GitHub user who reviewed the bypass request." + }, + "actor_name": { + "type": "string", + "description": "The name of the GitHub user who reviewed the bypass request." + } + } + }, + "status": { + "type": "string", + "description": "The response status to the bypass request until dismissed.", + "enum": [ + "approved", + "denied", + "dismissed" + ] + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the response to the bypass request was created." + } + } + } + }, + "url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/1" + ] + }, + "html_url": { + "type": "string", + "description": "The URL to view the bypass request in a browser.", + "format": "uri", + "examples": [ + "https://github.com/octo-org/smile/exemptions/1" + ] + } + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Lists the requests made by users of a repository to bypass push protection rules
", + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "OK
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "500", + "description": "Internal Error
" + } + ] + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/bypass-requests/push-rules/{bypass_request_number}", + "title": "Get a repository push bypass request", + "category": "repos", + "subcategory": "bypass-requests", + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.
", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository without the .git extension. The name is not case sensitive.
The number that identifies the bypass request within the context of the given repository.
", + "example": 1 + } + ], + "bodyParameters": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "write" + } + ] + }, + "codeExamples": [ + { + "key": "default", + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "bypass_request_number": "BYPASS_REQUEST_NUMBER" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "Response
", + "example": { + "id": 12, + "number": 24, + "repository": { + "id": 1, + "name": "smile", + "full_name": "octo-org/smile" + }, + "organization": { + "id": 1, + "name": "octo-org" + }, + "requester": { + "actor_id": 12, + "actor_name": "monalisa" + }, + "request_type": "push_ruleset_bypass", + "data": [ + { + "ruleset_id": 410, + "ruleset_name": "Exclude image files", + "total_violations": 1, + "rule_type": "file_extension_restriction" + } + ], + "resource_identifier": "827efc6d56897b048c772eb4087f854f46255555", + "status": "denied", + "requester_comment": "Updating site images to follow changes in marketing. Part 2", + "expires_at": "2024-07-08T07:43:03Z", + "created_at": "2024-07-01T07:43:03Z", + "responses": [ + { + "id": 42, + "reviewer": { + "actor_id": 4, + "actor_name": "octocat" + }, + "status": "denied", + "created_at": "2024-07-02T08:43:04Z" + } + ], + "url": "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/2", + "html_url": "https://github.com/octo-org/smile/exemptions/2" + }, + "schema": { + "title": "Push rule bypass request", + "description": "A bypass request made by a user asking to be exempted from a push rule in this repository.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "description": "The unique identifier of the bypass request." + }, + "number": { + "type": "integer", + "description": "The number uniquely identifying the bypass request within its repository." + }, + "repository": { + "type": "object", + "description": "The repository the bypass request is for.", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the repository the bypass request is for." + }, + "name": { + "type": "string", + "description": "The name of the repository the bypass request is for." + }, + "full_name": { + "type": "string", + "description": "The full name of the repository the bypass request is for." + } + } + }, + "organization": { + "type": "object", + "description": "The organization associated with the repository the bypass request is for.", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the organization." + }, + "name": { + "type": "string", + "description": "The name of the organization." + } + } + }, + "requester": { + "type": "object", + "description": "The user who requested the bypass.", + "properties": { + "actor_id": { + "type": "integer", + "description": "The ID of the GitHub user who requested the bypass." + }, + "actor_name": { + "type": "string", + "description": "The name of the GitHub user who requested the bypass." + } + } + }, + "request_type": { + "type": "string", + "description": "The type of request." + }, + "data": { + "type": [ + "array", + "null" + ], + "description": "Data describing the push rules that are being requested to be bypassed.", + "items": { + "type": "object", + "properties": { + "ruleset_id": { + "type": "integer", + "description": "The ID of the ruleset for the rules that were violated." + }, + "ruleset_name": { + "type": "string", + "description": "The name of the ruleset for the rules that were violated." + }, + "total_violations": { + "type": "integer", + "description": "The number of rule violations generated from the push associated with this request." + }, + "rule_type": { + "type": "string", + "description": "The type of rule that was violated." + } + } + } + }, + "resource_identifier": { + "type": "string", + "description": "The unique identifier for the request type of the bypass request. For example, a commit SHA.", + "examples": [ + "827efc6d56897b048c772eb4087f854f46256132" + ] + }, + "status": { + "type": "string", + "description": "The status of the bypass request.", + "enum": [ + "pending", + "denied", + "approved", + "cancelled", + "completed", + "expired", + "open" + ] + }, + "requester_comment": { + "type": [ + "string", + "null" + ], + "description": "The comment the requester provided when creating the bypass request." + }, + "expires_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the bypass request will expire." + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the bypass request was created." + }, + "responses": { + "type": [ + "array", + "null" + ], + "description": "The responses to the bypass request.", + "items": { + "title": "Bypass response", + "description": "A response made by a delegated bypasser to a bypass request.", + "type": "object", + "properties": { + "id": { + "type": "integer", + "description": "The ID of the response to the bypass request." + }, + "reviewer": { + "type": "object", + "description": "The user who reviewed the bypass request.", + "properties": { + "actor_id": { + "type": "integer", + "description": "The ID of the GitHub user who reviewed the bypass request." + }, + "actor_name": { + "type": "string", + "description": "The name of the GitHub user who reviewed the bypass request." + } + } + }, + "status": { + "type": "string", + "description": "The response status to the bypass request until dismissed.", + "enum": [ + "approved", + "denied", + "dismissed" + ] + }, + "created_at": { + "type": "string", + "format": "date-time", + "description": "The date and time the response to the bypass request was created." + } + } + } + }, + "url": { + "type": "string", + "format": "uri", + "examples": [ + "https://api.github.com/repos/octo-org/smile/bypass-requests/push-rules/1" + ] + }, + "html_url": { + "type": "string", + "description": "The URL to view the bypass request in a browser.", + "format": "uri", + "examples": [ + "https://github.com/octo-org/smile/exemptions/1" + ] + } + } + } + } + } + ], + "previews": [], + "descriptionHTML": "Get information about a request to bypass push protection rules for a repository.
", + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "OK
" + }, + { + "httpStatusCode": "404", + "description": "Resource not found
" + }, + { + "httpStatusCode": "500", + "description": "Internal Error
" + } + ] + } + ], "contents": [ { "serverUrl": "https://api.github.com", diff --git a/src/rest/data/ghes-3.10-2022-11-28/schema.json b/src/rest/data/ghes-3.10-2022-11-28/schema.json index 568f80900526..eff9e6192e08 100644 --- a/src/rest/data/ghes-3.10-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.10-2022-11-28/schema.json @@ -300537,6 +300537,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { diff --git a/src/rest/data/ghes-3.11-2022-11-28/schema.json b/src/rest/data/ghes-3.11-2022-11-28/schema.json index 29c9a1ee5ee5..fd42bc789e7a 100644 --- a/src/rest/data/ghes-3.11-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.11-2022-11-28/schema.json @@ -300780,6 +300780,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { diff --git a/src/rest/data/ghes-3.12-2022-11-28/schema.json b/src/rest/data/ghes-3.12-2022-11-28/schema.json index 403a083b4994..fc11368c9f55 100644 --- a/src/rest/data/ghes-3.12-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.12-2022-11-28/schema.json @@ -303017,6 +303017,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { diff --git a/src/rest/data/ghes-3.13-2022-11-28/schema.json b/src/rest/data/ghes-3.13-2022-11-28/schema.json index 9a5ebdb86bb2..a66359286f80 100644 --- a/src/rest/data/ghes-3.13-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.13-2022-11-28/schema.json @@ -303227,6 +303227,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { diff --git a/src/rest/data/ghes-3.14-2022-11-28/schema.json b/src/rest/data/ghes-3.14-2022-11-28/schema.json index b5637afd1541..2b64dd1def74 100644 --- a/src/rest/data/ghes-3.14-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.14-2022-11-28/schema.json @@ -303227,6 +303227,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { diff --git a/src/rest/data/ghes-3.15-2022-11-28/schema.json b/src/rest/data/ghes-3.15-2022-11-28/schema.json index 413761d4988c..2ec158dacb4c 100644 --- a/src/rest/data/ghes-3.15-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.15-2022-11-28/schema.json @@ -306454,6 +306454,29 @@ ] } }, + "actions_inbound": { + "type": "object", + "properties": { + "full_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + }, + "wildcard_domains": { + "type": "array", + "items": { + "type": "string", + "examples": [ + "example.com" + ] + } + } + } + }, "artifact_attestations": { "type": "object", "properties": { diff --git a/src/rest/lib/config.json b/src/rest/lib/config.json index 57cafd0fc975..f1dc9bdc309e 100644 --- a/src/rest/lib/config.json +++ b/src/rest/lib/config.json @@ -50,5 +50,5 @@ ] } }, - "sha": "66e3c92c8c0bea63edecb95d115a6a40b150726e" + "sha": "99b100d4af04d83bdb08024aa6af991edd2ea02f" } \ No newline at end of file diff --git a/src/webhooks/lib/config.json b/src/webhooks/lib/config.json index b0ec461fe7af..7327892fa0f2 100644 --- a/src/webhooks/lib/config.json +++ b/src/webhooks/lib/config.json @@ -1,3 +1,3 @@ { - "sha": "66e3c92c8c0bea63edecb95d115a6a40b150726e" + "sha": "99b100d4af04d83bdb08024aa6af991edd2ea02f" } \ No newline at end of file