List secret scanning alerts for a repository · GitHub v3 REST API

provider secret-scanning GET /repos/{owner}/{repo}/secret-scanning/alerts

@utdk/github /repos/{owner}/{repo}/secret-scanning/alerts

List secret scanning alerts for a repository

Lists secret scanning alerts for an eligible repository, from newest to oldest. The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the `repo` or `security_events` scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the `public_repo` scope instead.

owner path required: The account owner of the repository. The name is not case sensitive.; string
repo path required: The name of the repository without the `.git` extension. The name is not case sensitive.; string
state query: Set to `open` or `resolved` to only list secret scanning alerts in a specific state.; enum: open, resolved
secret_type query: A comma-separated list of secret types to return. All default secret patterns are returned. To return generic patterns, pass the token name(s) in the parameter. See "[Supported secret scanning patterns](https://docs.github.com/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)" for a complete list of secret types.; string
exclude_secret_types query: A comma-separated list of secret types to exclude from the results. All default secret patterns are returned except those matching the specified types. Cannot be combined with the `secret_type` parameter. See "[Supported secret scanning patterns](https://docs.github.com/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)" for a complete list of secret types.; string
resolution query: A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are `false_positive`, `wont_fix`, `revoked`, `pattern_edited`, `pattern_deleted` or `used_in_tests`.; string
assignee query: Filters alerts by assignee. Use `*` to get all assigned alerts, `none` to get all unassigned alerts, or a GitHub username to get alerts assigned to a specific user.; string
sort query: The property to sort the results by. `created` means when the alert was created. `updated` means when the alert was updated or resolved.; enum: created, updated
direction query: The direction to sort the results by.; enum: asc, desc
page query: The page number of the results to fetch. For more information, see "[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api)."; integer
per_page query: The number of results per page (max 100). For more information, see "[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api)."; integer
before query: A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string.; string
after query: A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string.; string
validity query: A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are `active`, `inactive`, and `unknown`.; string
is_publicly_leaked query: A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present.; boolean
is_multi_repo query: A boolean value representing whether or not to filter alerts by the multi-repo tag being present.; boolean
hide_secret query: A boolean value representing whether or not to hide literal secrets in the results.; boolean

Try it

Authentication

Configure credentials for GitHub v3 REST API

Gateway

The gateway proxies requests and injects credentials server-side. Configure credentials above, then enter your gateway URL.

Execution Mode

Gateway URL

Saved automatically to browser storage.

secretScanning.listAlertsForRepo

GET/repos/{owner}/{repo}/secret-scanning/alerts

Parameters

ownerrequired

The account owner of the repository. The name is not case sensitive.

reporequired

The name of the repository without the `.git` extension. The name is not case sensitive.

state

Set to `open` or `resolved` to only list secret scanning alerts in a specific state.

secret_type

A comma-separated list of secret types to return. All default secret patterns are returned. To return generic patterns, pass the token name(s) in the parameter. See "[Supported secret scanning patterns](https://docs.github.com/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)" for a complete list of secret types.

exclude_secret_types

A comma-separated list of secret types to exclude from the results. All default secret patterns are returned except those matching the specified types. Cannot be combined with the `secret_type` parameter. See "[Supported secret scanning patterns](https://docs.github.com/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)" for a complete list of secret types.

resolution

A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed. Valid resolutions are `false_positive`, `wont_fix`, `revoked`, `pattern_edited`, `pattern_deleted` or `used_in_tests`.

assignee

Filters alerts by assignee. Use `*` to get all assigned alerts, `none` to get all unassigned alerts, or a GitHub username to get alerts assigned to a specific user.

sort

The property to sort the results by. `created` means when the alert was created. `updated` means when the alert was updated or resolved.

direction

The direction to sort the results by.

page

The page number of the results to fetch. For more information, see "[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api)."

per_page

The number of results per page (max 100). For more information, see "[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api)."

before

A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for events before this cursor. To receive an initial cursor on your first request, include an empty "before" query string.

after

A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for events after this cursor. To receive an initial cursor on your first request, include an empty "after" query string.

validity

A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are `active`, `inactive`, and `unknown`.

is_publicly_leaked

A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present.

false

is_multi_repo

A boolean value representing whether or not to filter alerts by the multi-repo tag being present.

false

hide_secret

A boolean value representing whether or not to hide literal secrets in the results.

false

Enter a gateway URL above to enable sending.

Code snippet

Updates live as you fill in the form above.

TypeScript

import github from '@utdk/github';

await github.secretScanning.listAlertsForRepo({
  "sort": "created",
  "direction": "desc",
  "page": 1,
  "per_page": 30,
  "is_publicly_leaked": false,
  "is_multi_repo": false,
  "hide_secret": false
})