-
Notifications
You must be signed in to change notification settings - Fork 56
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat:
octokit.codeScanning.listRecentAnalyses
, `octokit.codeScannin…
…g.updateAlert`, `octokit.codeScanning.uploadSarif`. Deprecation: `alert_id` parameter has been deprecated. Use `alert_number` instead (#217)
- Loading branch information
1 parent
5b97302
commit 5819d6a
Showing
21 changed files
with
832 additions
and
255 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
--- | ||
name: List recent code scanning analyses for a repository | ||
example: octokit.codeScanning.listRecentAnalyses({ owner, repo }) | ||
route: GET /repos/{owner}/{repo}/code-scanning/analyses | ||
scope: codeScanning | ||
type: API method | ||
--- | ||
|
||
# List recent code scanning analyses for a repository | ||
|
||
List the details of recent code scanning analyses for a repository. For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` read permission to use this endpoint. | ||
|
||
```js | ||
octokit.codeScanning.listRecentAnalyses({ | ||
owner, | ||
repo, | ||
}); | ||
``` | ||
|
||
## Parameters | ||
|
||
<table> | ||
<thead> | ||
<tr> | ||
<th>name</th> | ||
<th>required</th> | ||
<th>description</th> | ||
</tr> | ||
</thead> | ||
<tbody> | ||
<tr><td>owner</td><td>yes</td><td> | ||
|
||
</td></tr> | ||
<tr><td>repo</td><td>yes</td><td> | ||
|
||
</td></tr> | ||
<tr><td>ref</td><td>no</td><td> | ||
|
||
Set a full Git reference to list alerts for a specific branch. The `ref` must be formatted as `refs/heads/<branch name>`. | ||
|
||
</td></tr> | ||
<tr><td>tool_name</td><td>no</td><td> | ||
|
||
Set a single code scanning tool name to filter alerts by tool. | ||
|
||
</td></tr> | ||
</tbody> | ||
</table> | ||
|
||
See also: [GitHub Developer Guide documentation](https://developer.github.com/v3/code-scanning/#list-recent-analyses). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
--- | ||
name: Update a code scanning alert | ||
example: octokit.codeScanning.updateAlert({ owner, repo, state }) | ||
route: PATCH /repos/{owner}/{repo}/code-scanning/alerts/{alert_number} | ||
scope: codeScanning | ||
type: API method | ||
--- | ||
|
||
# Update a code scanning alert | ||
|
||
Updates the status of a single code scanning alert. For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. | ||
GitHub Apps must have the `security_events` write permission to use this endpoint. | ||
|
||
```js | ||
octokit.codeScanning.updateAlert({ | ||
owner, | ||
repo, | ||
state, | ||
}); | ||
``` | ||
|
||
## Parameters | ||
|
||
<table> | ||
<thead> | ||
<tr> | ||
<th>name</th> | ||
<th>required</th> | ||
<th>description</th> | ||
</tr> | ||
</thead> | ||
<tbody> | ||
<tr><td>owner</td><td>yes</td><td> | ||
|
||
</td></tr> | ||
<tr><td>repo</td><td>yes</td><td> | ||
|
||
</td></tr> | ||
<tr><td>alert_number</td><td>no</td><td> | ||
|
||
The code scanning alert number. | ||
|
||
</td></tr> | ||
<tr><td>state</td><td>yes</td><td> | ||
|
||
Sets the state of the code scanning alert. Can be one of `open` or `dismissed`. You must provide `dismissed_reason` when you set the state to `dismissed`. | ||
|
||
</td></tr> | ||
<tr><td>dismissed_reason</td><td>no</td><td> | ||
|
||
**Required when the state is dismissed.** The reason for dismissing or closing the alert. Can be one of: `false positive`, `won't fix`, and `used in tests`. | ||
|
||
</td></tr> | ||
</tbody> | ||
</table> | ||
|
||
See also: [GitHub Developer Guide documentation](https://developer.github.com/v3/code-scanning/#upload-a-code-scanning-alert). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
--- | ||
name: Upload a SARIF file | ||
example: octokit.codeScanning.uploadSarif({ owner, repo, commit_sha, ref, sarif, tool_name }) | ||
route: POST /repos/{owner}/{repo}/code-scanning/sarifs | ||
scope: codeScanning | ||
type: API method | ||
--- | ||
|
||
# Upload a SARIF file | ||
|
||
Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository. | ||
For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` write permission to use this endpoint. | ||
|
||
```js | ||
octokit.codeScanning.uploadSarif({ | ||
owner, | ||
repo, | ||
commit_sha, | ||
ref, | ||
sarif, | ||
tool_name, | ||
}); | ||
``` | ||
|
||
## Parameters | ||
|
||
<table> | ||
<thead> | ||
<tr> | ||
<th>name</th> | ||
<th>required</th> | ||
<th>description</th> | ||
</tr> | ||
</thead> | ||
<tbody> | ||
<tr><td>owner</td><td>yes</td><td> | ||
|
||
</td></tr> | ||
<tr><td>repo</td><td>yes</td><td> | ||
|
||
</td></tr> | ||
<tr><td>commit_sha</td><td>yes</td><td> | ||
|
||
The commit SHA of the code scanning analysis file. | ||
|
||
</td></tr> | ||
<tr><td>ref</td><td>yes</td><td> | ||
|
||
The full Git reference of the code scanning analysis file, formatted as `refs/heads/<branch name>`. | ||
|
||
</td></tr> | ||
<tr><td>sarif</td><td>yes</td><td> | ||
|
||
A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. | ||
|
||
</td></tr> | ||
<tr><td>checkout_uri</td><td>no</td><td> | ||
|
||
The base directory used in the analysis, as it appears in the SARIF file. | ||
This property is used to convert file paths from absolute to relative, so that alerts can be mapped to their correct location in the repository. | ||
|
||
</td></tr> | ||
<tr><td>started_at</td><td>no</td><td> | ||
|
||
The time that the analysis run began. This is a timestamp in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format: `YYYY-MM-DDTHH:MM:SSZ`. | ||
|
||
</td></tr> | ||
<tr><td>tool_name</td><td>yes</td><td> | ||
|
||
The name of the tool used to generate the code scanning analysis alert. | ||
|
||
</td></tr> | ||
</tbody> | ||
</table> | ||
|
||
See also: [GitHub Developer Guide documentation](https://developer.github.com/v3/code-scanning/#upload-a-sarif-analysis). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.