provider security-advisories POST /repos/{owner}/{repo}/security-advisories/reports
@utdk/github /repos/{owner}/{repo}/security-advisories/reports
Privately report a security vulnerability
Report a security vulnerability to the maintainers of the repository. See "[Privately reporting a security vulnerability](https://docs.github.com/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability)" for more information about private vulnerability reporting.
owner path required
The account owner of the repository. The name is not case sensitive.
string
repo path required
The name of the repository without the `.git` extension. The name is not case sensitive.
string

Try it

Authentication
Configure credentials for GitHub v3 REST API
Gateway
The gateway proxies requests and injects credentials server-side. Configure credentials above, then enter your gateway URL.

Saved automatically to browser storage.

securityAdvisories.createPrivateVulnerabilityReport
POST/repos/{owner}/{repo}/security-advisories/reports
Report a security vulnerability to the maintainers of the repository. See "[Privately reporting a security vulnerability](https://docs.github.com/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability)" for more information about private vulnerability reporting.

Parameters

required

The account owner of the repository. The name is not case sensitive.

required

The name of the repository without the `.git` extension. The name is not case sensitive.

Input

required

A short summary of the advisory.

required

A detailed description of what the advisory impacts.

An array of products affected by the vulnerability detailed in a repository security advisory.

A list of Common Weakness Enumeration (CWE) IDs.

The severity of the advisory. You must choose between setting this field or `cvss_vector_string`.

The CVSS vector that calculates the severity of the advisory. You must choose between setting this field or `severity`.

Whether to create a temporary private fork of the repository to collaborate on a fix.

Enter a gateway URL above to enable sending.

Code snippet
Updates live as you fill in the form above.

TypeScript

import github from '@utdk/github';

await github.securityAdvisories.createPrivateVulnerabilityReport({
  "start_private_fork": false
})