代码扫描的 REST API 端点 - GitHub 文档

列出组织的代码扫描警报

列出组织中所有符合条件的代码仓库的默认分支的代码扫描警报。符合条件的代码仓库是指您拥有的组织或您担任安全管理员的组织拥有的代码仓库。更多信息，请参见“管理组织中的安全管理员”。

经过身份验证的用户必须是组织的所有者或安全管理员才能使用此端点。

OAuth 应用令牌和个人访问令牌（经典版）需要 `security_events` 或 `repos` 作用域才能使用此端点处理私有或公共代码仓库，或需要 `public_repo` 作用域才能仅使用此端点处理公共代码仓库。

“列出组织的代码扫描警报”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“列出组织的代码扫描警报”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`org` 字符串必需组织名称。名称不区分大小写。

查询参数
名称、类型、说明
`tool_name` 字符串代码扫描工具的名称。只会列出此工具的结果。您可以使用 `tool_name` 或 `tool_guid` 指定工具，但不能同时使用两者。
`tool_guid` 字符串或 null 代码扫描工具的 GUID。只会列出此工具的结果。请注意，某些代码扫描工具的分析数据中可能不包含 GUID。您可以使用 `tool_guid` 或 `tool_name` 指定工具，但不能同时使用两者。
`before` 字符串游标，如链接标头中所示。如果指定，则查询只会搜索此游标之前的结果。更多信息，请参见“在 REST API 中使用分页”。
`after` 字符串游标，如链接标头中所示。如果指定，则查询只会搜索此游标之后的结果。更多信息，请参见“在 REST API 中使用分页”。
`page` 整数要获取的结果的页码。更多信息，请参见“在 REST API 中使用分页”。默认值： `1`
`per_page` 整数每页的结果数（最大 100）。更多信息，请参见“在 REST API 中使用分页”。默认值： `30`
`direction` 字符串按其排序结果的方向。默认值： `desc` 可以是以下之一： `asc`, `desc`
`state` 字符串如果指定，则只会返回具有此状态的代码扫描警报。可以是以下之一： `open`, `closed`, `dismissed`, `fixed`
`sort` 字符串用于排序结果的属性。默认值： `created` 可以是以下之一： `created`, `updated`
`severity` 字符串如果指定，则只会返回具有此严重级别的代码扫描警报。可以是以下之一： `critical`, `high`, `medium`, `low`, `warning`, `note`, `error`

“列出组织的代码扫描警报”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`404`	资源未找到
`503`	服务不可用

“列出组织的代码扫描警报”的代码示例

请求示例

get/orgs/{org}/code-scanning/alerts

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/orgs/ORG/code-scanning/alerts

响应

状态：200

[ { "number": 4, "created_at": "2020-02-13T12:29:18Z", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4", "html_url": "https://github.com/octocat/hello-world/code-scanning/4", "state": "open", "dismissed_by": null, "dismissed_at": null, "dismissed_reason": null, "dismissed_comment": null, "rule": { "id": "js/zipslip", "severity": "error", "tags": [ "security", "external/cwe/cwe-022" ], "description": "压缩文件解压期间的任意文件写入", "name": "js/zipslip" }, "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "most_recent_instance": { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "{}", "state": "open", "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "spec-main/api-session-spec.ts", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [ "test" ] }, "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4/instances", "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "这是你的第一个仓库！", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" } }, { "number": 3, "created_at": "2020-02-13T12:29:18Z", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3", "html_url": "https://github.com/octocat/hello-world/code-scanning/3", "state": "dismissed", "dismissed_by": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "dismissed_at": "2020-02-14T12:29:18Z", "dismissed_reason": "误报", "dismissed_comment": "此警报实际上不正确，因为库中包含一个消毒程序。", "rule": { "id": "js/zipslip", "severity": "error", "tags": [ "security", "external/cwe/cwe-022" ], "description": "压缩文件解压期间的任意文件写入", "name": "js/zipslip" }, "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "most_recent_instance": { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "{}", "state": "open", "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "lib/ab12-gen.js", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [] }, "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3/instances", "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "这是你的第一个仓库！", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" } } ]

列出仓库的代码扫描警报

列出代码扫描警报。

响应包含一个most_recent_instance对象。这提供了此警报在默认分支（或如果您在请求中使用了ref，则为指定的 Git 引用）的最近实例的详细信息。

OAuth 应用令牌和个人访问令牌（经典）需要security_events作用域才能将此端点与私有或公共仓库一起使用，或者需要public_repo作用域才能仅将此端点与公共仓库一起使用。

用于“列出仓库的代码扫描警报”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“列出仓库的代码扫描警报”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

查询参数
名称、类型、说明
`tool_name` 字符串代码扫描工具的名称。只会列出此工具的结果。您可以使用 `tool_name` 或 `tool_guid` 指定工具，但不能同时使用两者。
`tool_guid` 字符串或 null 代码扫描工具的 GUID。只会列出此工具的结果。请注意，某些代码扫描工具的分析数据中可能不包含 GUID。您可以使用 `tool_guid` 或 `tool_name` 指定工具，但不能同时使用两者。
`page` 整数要获取的结果的页码。更多信息，请参见“在 REST API 中使用分页”。默认值： `1`
`per_page` 整数每页的结果数（最大 100）。更多信息，请参见“在 REST API 中使用分页”。默认值： `30`
`ref` 字符串要列出的结果的 Git 引用。分支的`ref`可以格式化为`refs/heads/<分支名称>`或简单的`<分支名称>`。要引用拉取请求，请使用`refs/pull/<编号>/merge`。
`pr` 整数要列出的结果的拉取请求编号。
`direction` 字符串按其排序结果的方向。默认值： `desc` 可以是以下之一： `asc`, `desc`
`before` 字符串游标，如链接标头中所示。如果指定，则查询只会搜索此游标之前的结果。更多信息，请参见“在 REST API 中使用分页”。
`after` 字符串游标，如链接标头中所示。如果指定，则查询只会搜索此游标之后的结果。更多信息，请参见“在 REST API 中使用分页”。
`sort` 字符串用于排序结果的属性。默认值： `created` 可以是以下之一： `created`, `updated`
`state` 字符串如果指定，则只会返回具有此状态的代码扫描警报。可以是以下之一： `open`, `closed`, `dismissed`, `fixed`
`severity` 字符串如果指定，则只会返回具有此严重级别的代码扫描警报。可以是以下之一： `critical`, `high`, `medium`, `low`, `warning`, `note`, `error`

“列出仓库的代码扫描警报”的HTTP响应状态码

状态代码	说明
`200`	OK
`304`	未修改
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“列出仓库的代码扫描警报”的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/alerts

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/alerts

响应

状态：200

[ { "number": 4, "created_at": "2020-02-13T12:29:18Z", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4", "html_url": "https://github.com/octocat/hello-world/code-scanning/4", "state": "open", "fixed_at": null, "dismissed_by": null, "dismissed_at": null, "dismissed_reason": null, "dismissed_comment": null, "rule": { "id": "js/zipslip", "severity": "error", "tags": [ "security", "external/cwe/cwe-022" ], "description": "解压 zip 文件期间出现任意文件写入", "name": "js/zipslip" }, "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "most_recent_instance": { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "{}", "state": "open", "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "spec-main/api-session-spec.ts", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [ "test" ] }, "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4/instances" }, { "number": 3, "created_at": "2020-02-13T12:29:18Z", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3", "html_url": "https://github.com/octocat/hello-world/code-scanning/3", "state": "dismissed", "fixed_at": null, "dismissed_by": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "dismissed_at": "2020-02-14T12:29:18Z", "dismissed_reason": "误报", "dismissed_comment": "此警告实际上并不正确，因为库中包含一个消毒程序。", "rule": { "id": "js/zipslip", "severity": "error", "tags": [ "security", "external/cwe/cwe-022" ], "description": "解压 zip 文件期间出现任意文件写入", "name": "js/zipslip" }, "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "most_recent_instance": { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "{}", "state": "open", "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "lib/ab12-gen.js", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [] }, "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3/instances" } ]

获取代码扫描警报

获取单个代码扫描警报。

“获取代码扫描警报”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“获取代码扫描警报”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`alert_number` 整数必填标识警报的编号。您可以在 GitHub 中代码扫描警报的 URL 末尾找到它，也可以在 `GET /repos/{owner}/{repo}/code-scanning/alerts` 操作的响应中的 `number` 字段中找到它。

“获取代码扫描警报”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`304`	未修改
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“获取代码扫描警报”的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/alerts/ALERT_NUMBER

响应

状态：200

{ "number": 42, "created_at": "2020-06-19T11:21:34Z", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/42", "html_url": "https://github.com/octocat/hello-world/code-scanning/42", "state": "dismissed", "fixed_at": null, "dismissed_by": { "login": "octocat", "id": 54933897, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "dismissed_at": "2020-02-14T12:29:18Z", "dismissed_reason": "误报", "dismissed_comment": "此警告实际上并不正确，因为库中包含一个消毒程序。", "rule": { "id": "js/zipslip", "severity": "error", "security_severity_level": "high", "description": "解压 zip 文件期间出现任意文件写入（\"Zip Slip\"）", "name": "js/zipslip", "full_description": "如果在提取恶意 zip 存档中的文件时未验证目标文件路径是否在目标目录内，则可能会覆盖目标目录外的文件。", "tags": [ "security", "external/cwe/cwe-022" ], "help": "# 解压 zip 文件期间出现任意文件写入（\"Zip Slip\"）\\n如果在提取恶意 zip 存档中的文件时未验证目标文件路径是否在目标目录内，则可能会覆盖目标目录外的文件 ...", "help_uri": "https://codeql.github.com/" }, "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "most_recent_instance": { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "{}", "state": "dismissed", "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "spec-main/api-session-spec.ts", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [ "test" ] }, "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/42/instances" }

更新代码扫描警报

更新单个代码扫描警报的状态。OAuth 应用令牌和个人访问令牌（经典版）需要 security_events 作用域才能将此端点用于私有或公共存储库，或者需要 public_repo 作用域才能仅将此端点用于公共存储库。

“更新代码扫描警报”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”存储库权限（写入）

“更新代码扫描警报”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`alert_number` 整数必填标识警报的编号。您可以在 GitHub 中代码扫描警报的 URL 末尾找到它，也可以在 `GET /repos/{owner}/{repo}/code-scanning/alerts` 操作的响应中的 `number` 字段中找到它。

主体参数
名称、类型、说明
`state` 字符串必填设置代码扫描警报的状态。将状态设置为 `dismissed` 时，必须提供 `dismissed_reason`。可以是以下之一： `open`, `dismissed`
`dismissed_reason` 字符串或 null 如果状态为 dismissed，则为必填项。驳回或关闭警报的原因。可以是以下之一： `误报`, `不会修复`, `用于测试`, `null`
`dismissed_comment` 字符串或 null 与警报驳回相关的驳回评论。

“更新代码扫描警报”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`403`	如果存储库已存档或 GitHub 高级安全功能未为此存储库启用，则会返回此响应
`404`	资源未找到
`503`	服务不可用

“更新代码扫描警报”的代码示例

请求示例

patch/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}

curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/alerts/ALERT_NUMBER \ -d '{"state":"dismissed","dismissed_reason":"误报","dismissed_comment":"此警告实际上并不正确，因为库中包含一个消毒程序。"}'

响应

状态：200

{ "number": 42, "created_at": "2020-08-25T21:28:36Z", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/42", "html_url": "https://github.com/octocat/hello-world/code-scanning/42", "state": "dismissed", "fixed_at": null, "dismissed_by": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "dismissed_at": "2020-09-02T22:34:56Z", "dismissed_reason": "误报", "dismissed_comment": "此警告实际上并不正确，因为库中包含一个消毒程序。", "rule": { "id": "js/zipslip", "severity": "error", "security_severity_level": "high", "description": "解压 zip 文件期间出现任意文件写入（\"Zip Slip\"）", "name": "js/zipslip", "full_description": "如果在提取恶意 zip 存档中的文件时未验证目标文件路径是否在目标目录内，则可能会覆盖目标目录外的文件。", "tags": [ "security", "external/cwe/cwe-022" ], "help": "# 解压 zip 文件期间出现任意文件写入（\"Zip Slip\"）\\n如果在提取恶意 zip 存档中的文件时未验证目标文件路径是否在目标目录内，则可能会覆盖目标目录外的文件 ...", "help_uri": "https://codeql.github.com/" }, "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "most_recent_instance": { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "{}", "state": "dismissed", "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "spec-main/api-session-spec.ts", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [ "test" ] }, "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/42/instances" }

列出代码扫描警报的实例

列出指定代码扫描警报的所有实例。

“列出代码扫描警报的实例”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“列出代码扫描警报的实例”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`alert_number` 整数必填标识警报的编号。您可以在 GitHub 中代码扫描警报的 URL 末尾找到它，也可以在 `GET /repos/{owner}/{repo}/code-scanning/alerts` 操作的响应中的 `number` 字段中找到它。

查询参数
名称、类型、说明
`page` 整数要获取的结果的页码。更多信息，请参见“在 REST API 中使用分页”。默认值： `1`
`per_page` 整数每页的结果数（最大 100）。更多信息，请参见“在 REST API 中使用分页”。默认值： `30`
`ref` 字符串要列出的结果的 Git 引用。分支的`ref`可以格式化为`refs/heads/<分支名称>`或简单的`<分支名称>`。要引用拉取请求，请使用`refs/pull/<编号>/merge`。
`pr` 整数要列出的结果的拉取请求编号。

“列出代码扫描警报的实例”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“列出代码扫描警报的实例”的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/alerts/ALERT_NUMBER/instances

响应

状态：200

[ { "ref": "refs/heads/main", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "state": "open", "fixed_at": null, "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930", "message": { "text": "此路径依赖于用户提供的值。" }, "location": { "path": "lib/ab12-gen.js", "start_line": 917, "end_line": 917, "start_column": 7, "end_column": 18 }, "classifications": [ "library" ] }, { "ref": "refs/pull/3740/merge", "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "environment": "", "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build", "state": "fixed", "fixed_at": "2020-02-14T12:29:18Z", "commit_sha": "b09da05606e27f463a2b49287684b4ae777092f2", "message": { "text": "此后缀检查缺少长度比较，无法正确处理 lastIndexOf 返回 -1 的情况。" }, "location": { "path": "app/script.js", "start_line": 2, "end_line": 2, "start_column": 10, "end_column": 50 }, "classifications": [ "source" ] } ]

列出存储库的代码扫描分析

列出存储库的所有代码扫描分析的详细信息，从最新的开始。响应是分页的，您可以使用 page 和 per_page 参数列出您感兴趣的分析。默认情况下，每页列出 30 个分析。

响应中的 rules_count 字段给出了在分析中运行的规则数量。对于非常旧的分析，此数据不可用，此字段中将返回 0。

警告

停用通知：tool_name 字段即将停用，未来将不再包含在此端点的响应中。示例响应已反映此更改。工具名称现在可以在tool字段中找到。

“列出代码扫描分析结果” 的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“列出代码扫描分析结果” 的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

查询参数
名称、类型、说明
`tool_name` 字符串代码扫描工具的名称。只会列出此工具的结果。您可以使用 `tool_name` 或 `tool_guid` 指定工具，但不能同时使用两者。
`tool_guid` 字符串或 null 代码扫描工具的 GUID。只会列出此工具的结果。请注意，某些代码扫描工具的分析数据中可能不包含 GUID。您可以使用 `tool_guid` 或 `tool_name` 指定工具，但不能同时使用两者。
`page` 整数要获取的结果的页码。更多信息，请参见“在 REST API 中使用分页”。默认值： `1`
`per_page` 整数每页的结果数（最大 100）。更多信息，请参见“在 REST API 中使用分页”。默认值： `30`
`pr` 整数要列出的结果的拉取请求编号。
`ref` 字符串您要列出的分析结果的 Git 引用。分支的`ref`可以格式化为`refs/heads/<分支名称>`或简化为`<分支名称>`。要引用拉取请求，请使用`refs/pull/<编号>/merge`。
`sarif_id` 字符串筛选属于同一 SARIF 上传的分析结果。
`direction` 字符串按其排序结果的方向。默认值： `desc` 可以是以下之一： `asc`, `desc`
`sort` 字符串用于排序结果的属性。默认值： `created` 值：`created`

“列出代码扫描分析结果” 的 HTTP 响应状态码

状态代码	说明
`200`	OK
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“列出代码扫描分析结果” 的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/analyses

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/analyses

响应

状态：200

[ { "ref": "refs/heads/main", "commit_sha": "d99612c3e1f2970085cfbaeadf8f010ef69bad83", "analysis_key": ".github/workflows/codeql-analysis.yml:analyze", "environment": "{\"language\":\"python\"}", "error": "", "category": ".github/workflows/codeql-analysis.yml:analyze/language:python", "created_at": "2020-08-27T15:05:21Z", "results_count": 17, "rules_count": 49, "id": 201, "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201", "sarif_id": "6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53", "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "deletable": true, "warning": "" }, { "ref": "refs/heads/my-branch", "commit_sha": "c8cff6510d4d084fb1b4aa13b64b97ca12b07321", "analysis_key": ".github/workflows/shiftleft.yml:build", "environment": "{}", "error": "", "category": ".github/workflows/shiftleft.yml:build/", "created_at": "2020-08-31T22:46:44Z", "results_count": 17, "rules_count": 32, "id": 200, "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200", "sarif_id": "8981cd8e-b078-4ac3-a3be-1dad7dbd0b582", "tool": { "name": "Python Security Analysis", "guid": null, "version": "1.2.0" }, "deletable": true, "warning": "" } ]

获取代码扫描分析结果

获取仓库中指定的代码扫描分析结果。

默认 JSON 响应包含描述分析结果的字段。这包括与分析相关的 Git 引用和提交 SHA、分析日期时间、代码扫描工具的名称以及警报数量。

默认响应中的rules_count字段提供了分析中运行的规则数量。对于非常旧的分析，此数据不可用，此字段将返回0。

此端点支持以下自定义媒体类型。有关更多信息，请参阅“媒体类型”。

application/sarif+json：此端点不会返回分析摘要，而是返回已上传的分析数据的子集。数据格式为SARIF 2.1.0 版本。它还返回其他数据，例如github/alertNumber和github/alertUrl属性。

“获取代码扫描分析结果” 的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“获取代码扫描分析结果” 的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`analysis_id` 整数必填分析的 ID，来自`GET /repos/{owner}/{repo}/code-scanning/analyses`操作的返回值。

“获取代码扫描分析结果” 的 HTTP 响应状态码

状态代码	说明
`200`	OK
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“获取代码扫描分析结果” 的代码示例

请求示例

选择示例类型

get/repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/analyses/ANALYSIS_ID

application/json 响应

状态：200

{ "ref": "refs/heads/main", "commit_sha": "c18c69115654ff0166991962832dc2bd7756e655", "analysis_key": ".github/workflows/codeql-analysis.yml:analyze", "environment": "{\"language\":\"javascript\"}", "error": "", "category": ".github/workflows/codeql-analysis.yml:analyze/language:javascript", "created_at": "2021-01-13T11:55:49Z", "results_count": 3, "rules_count": 67, "id": 3602840, "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201", "sarif_id": "47177e22-5596-11eb-80a1-c1e54ef945c6", "tool": { "name": "CodeQL", "guid": null, "version": "2.4.0" }, "deletable": true, "warning": "" }

从仓库中删除代码扫描分析结果

从仓库中删除指定的代码扫描分析结果。

一次只能删除一个分析结果。要删除一系列分析结果，请从最新的分析结果开始，然后向后删除。从概念上讲，此过程类似于文本编辑器中的撤消功能。

列出仓库的分析结果时，响应中会标识一个或多个可删除的分析结果。

"deletable": true

当分析结果是一组分析结果中最新结果时，该分析结果即可删除。通常，仓库中为每个启用的代码扫描工具都包含多组分析结果，其中一组由分析值的唯一组合确定。

ref
tool
category

如果您尝试删除一组中不是最新的分析结果，则会收到带有消息的 400 响应。

Analysis specified is not deletable.

成功的DELETE操作的响应为您提供了两个用于删除集合中下一个分析的备选 URL：next_analysis_url和confirm_delete_url。如果您想避免意外删除集合中的最终分析，请使用next_analysis_url URL。如果您只想保留仓库中指定工具的至少一个分析，这是一个有用的选项。如果您愿意删除工具的所有分析，请使用confirm_delete_url URL。当您删除集合中的最后一个分析时，200 响应中next_analysis_url和confirm_delete_url的值为null。

例如，假设您添加了一个工作流，该工作流配置了特定的代码扫描工具来分析仓库中的代码。此工具已添加了 15 个分析：默认分支上 10 个，主题分支上另 5 个。因此，您为此工具有两组不同的分析结果。您现在决定要删除该工具的所有分析结果。为此，您必须发出 15 个单独的删除请求。首先，您必须找到一个被标识为可删除的分析结果。每组分析结果总有一个被标识为可删除的分析结果。找到两组之一的可删除分析结果后，删除此分析结果，然后继续删除集合中的下一个分析结果，直到全部删除。然后对第二组重复此过程。因此，该过程包含一个嵌套循环。

外循环:

列出仓库的分析结果，按工具进行筛选。
解析此列表以查找可删除的分析结果。如果找到

内循环:
- 删除已识别的分析结果。
- 解析响应以获取confirm_delete_url的值，如果找到，则在下一次迭代中使用此值。

上述过程假设您要从 GitHub 用户界面中删除指定仓库中该工具的所有痕迹，因此它使用confirm_delete_url值。或者，您可以使用next_analysis_url值，这将保留每组中的最后一个未删除的分析，以避免完全删除工具的分析。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能在此端点上使用私有或公共仓库，或者需要public_repo范围才能在此端点上仅使用公共仓库。

“从仓库中删除代码扫描分析结果” 的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”存储库权限（写入）

“从仓库中删除代码扫描分析结果” 的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`analysis_id` 整数必填分析的 ID，来自`GET /repos/{owner}/{repo}/code-scanning/analyses`操作的返回值。

查询参数
名称、类型、说明
`confirm_delete` 字符串或 null 如果指定的分析结果是集合中的最后一个，则允许删除。如果您尝试删除集合中的最终分析结果而未将此参数设置为`true`，则会收到带有消息的 400 响应：`分析结果是其类型的最后一个，删除可能会导致历史警报数据丢失。请指定 confirm_delete。`

“从仓库中删除代码扫描分析结果” 的 HTTP 响应状态码

状态代码	说明
`200`	OK
`400`	错误请求
`403`	如果存储库已存档或 GitHub 高级安全功能未为此存储库启用，则会返回此响应
`404`	资源未找到
`503`	服务不可用

“从仓库中删除代码扫描分析结果” 的代码示例

请求示例

delete/repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}

curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/analyses/ANALYSIS_ID

默认响应

状态：200

{ "next_analysis_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/41", "confirm_delete_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/41?confirm_delete" }

列出仓库的 CodeQL 数据库

列出仓库中可用的 CodeQL 数据库。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能在此端点上使用私有或公共仓库，或者需要public_repo范围才能在此端点上仅使用公共仓库。

“列出仓库的 CodeQL 数据库” 的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“内容” 仓库权限（读取）

如果仅请求公共资源，则无需身份验证或上述权限即可使用此端点。

“列出仓库的 CodeQL 数据库” 的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

“列出仓库的 CodeQL 数据库” 的 HTTP 响应状态码

状态代码	说明
`200`	OK
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“列出仓库的 CodeQL 数据库” 的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/codeql/databases

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/codeql/databases

响应

状态：200

[( { "id": 1, "name": "database.zip", "language": "java", "uploader": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "content_type": "application/zip", "size": 1024, "created_at": "2022-09-12T12:14:32Z", "updated_at": "2022-09-12T12:14:32Z", "url": "https://api.github.com/repos/octocat/Hello-World/code-scanning/codeql/databases/java", "commit_oid": "1927de39fefa25a9d0e64e3f540ff824a72f538c" }, { "id": 2, "name": "database.zip", "language": "ruby", "uploader": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "content_type": "application/zip", "size": 1024, "created_at": "2022-09-12T12:14:32Z", "updated_at": "2022-09-12T12:14:32Z", "url": "https://api.github.com/repos/octocat/Hello-World/code-scanning/codeql/databases/ruby", "commit_oid": "1927de39fefa25a9d0e64e3f540ff824a72f538c" } ]

获取仓库的 CodeQL 数据库

获取仓库中某种编程语言的 CodeQL 数据库。

默认情况下，此端点返回有关 CodeQL 数据库的 JSON 元数据。要下载 CodeQL 数据库二进制内容，请将请求的Accept标头设置为application/zip，并确保您的 HTTP 客户端已配置为遵循重定向或使用Location标头发出第二个请求以获取重定向 URL。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能在此端点上使用私有或公共仓库，或者需要public_repo范围才能在此端点上仅使用公共仓库。

“获取仓库的 CodeQL 数据库”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“内容” 仓库权限（读取）

如果仅请求公共资源，则无需身份验证或上述权限即可使用此端点。

“获取仓库的 CodeQL 数据库”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`language` 字符串必需 CodeQL 数据库的编程语言。

“获取仓库的 CodeQL 数据库”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`302`	已找到
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“获取仓库的 CodeQL 数据库”的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/codeql/databases/{language}

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/codeql/databases/LANGUAGE

响应

状态：200

{ "id": 1, "name": "database.zip", "language": "java", "uploader": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "content_type": "application/zip", "size": 1024, "created_at": "2022-09-12T12:14:32Z", "updated_at": "2022-09-12T12:14:32Z", "url": "https://api.github.com/repos/octocat/Hello-World/code-scanning/codeql/databases/java", "commit_oid": "1927de39fefa25a9d0e64e3f540ff824a72f538c" }

删除 CodeQL 数据库

删除仓库中某种编程语言的 CodeQL 数据库。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能在此端点上使用私有或公共仓库，或者需要public_repo范围才能在此端点上仅使用公共仓库。

“删除 CodeQL 数据库”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“内容”仓库权限（写入）

“删除 CodeQL 数据库”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`language` 字符串必需 CodeQL 数据库的编程语言。

“删除 CodeQL 数据库”的 HTTP 响应状态代码

状态代码	说明
`204`	无内容
`403`	如果存储库已存档或 GitHub 高级安全功能未为此存储库启用，则会返回此响应
`404`	资源未找到
`503`	服务不可用

“删除 CodeQL 数据库”的代码示例

请求示例

delete/repos/{owner}/{repo}/code-scanning/codeql/databases/{language}

curl -L \ -X DELETE \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/codeql/databases/LANGUAGE

响应

状态：204

创建 CodeQL 变体分析

创建一个新的 CodeQL 变体分析，它将针对一个或多个仓库运行 CodeQL 查询。

开始学习更多关于使用多仓库变体分析大规模运行 CodeQL 查询。

使用 URL 中的owner和repo参数指定将用于运行 GitHub Actions 工作流和存储 CodeQL 变体分析结果的控制器仓库。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能使用此端点。

“创建 CodeQL 变体分析”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“内容”仓库权限（写入）

“创建 CodeQL 变体分析”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

“创建 CodeQL 变体分析”的 HTTP 响应状态代码

状态代码	说明
`201`	已提交变体分析以进行处理
`404`	资源未找到
`422`	无法处理变体分析提交
`503`	服务不可用

“创建 CodeQL 变体分析”的代码示例

请求示例

选择示例类型

post/repos/{owner}/{repo}/code-scanning/codeql/variant-analyses

curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/codeql/variant-analyses \ -d '{"language":"csharp","query_pack":"aGVsbG8=","repositories":["octocat/Hello-World","octocat/example"]}'

成功提交变体分析的响应

状态：201

{ "summary": "默认响应", "value": { "id": 1, "controller_repo": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "这是你的第一个仓库！", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "actor": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "query_language": "python", "query_pack_url": "https://www.example.com", "created_at": "2022-09-12T12:14:32Z", "updated_at": "2022-09-12T12:14:32Z", "completed_at": "2022-09-12T13:15:33Z", "status": "completed", "actions_workflow_run_id": 3453588, "scanned_repositories": [ { "repository": { "id": 1296269, "name": "Hello-World", "full_name": "octocat/Hello-World", "private": false }, "analysis_status": "succeeded", "result_count": 532, "artifact_size_in_bytes": 12345 } ], "skipped_repositories": { "access_mismatch_repos": { "repository_count": 2, "repositories": [ { "id": 1, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo1", "full_name": "octo-org/octo-repo1", "private": false }, { "id": 2, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo2", "full_name": "octo-org/octo-repo2", "private": false } ] }, "not_found_repos": { "repository_count": 3, "repository_full_names": [ "octo-org/octo-repo4", "octo-org/octo-repo5", "octo-org/octo-repo6" ] }, "no_codeql_db_repos": { "repository_count": 2, "repositories": [ { "id": 7, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo7", "full_name": "octo-org/octo-repo7", "private": false }, { "id": 8, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo8", "full_name": "octo-org/octo-repo8", "private": false } ] }, "over_limit_repos": { "repository_count": 2, "repositories": [ { "id": 9, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo9", "full_name": "octo-org/octo-repo9", "private": false }, { "id": 10, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo10", "full_name": "octo-org/octo-repo10", "private": false } ] } } } }

获取 CodeQL 变体分析摘要

获取 CodeQL 变体分析的摘要。

“获取 CodeQL 变体分析摘要”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“内容” 仓库权限（读取）

如果仅请求公共资源，则无需身份验证或上述权限即可使用此端点。

“获取 CodeQL 变体分析摘要”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`codeql_variant_analysis_id` 整数必填变体分析的唯一标识符。

“获取 CodeQL 变体分析摘要”的 HTTP 响应状态码

状态代码	说明
`200`	OK
`404`	资源未找到
`503`	服务不可用

“获取 CodeQL 变体分析摘要”的代码示例

请求示例

获取/repos/{owner}/{repo}/code-scanning/codeql/variant-analyses/{codeql_variant_analysis_id}

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/codeql/variant-analyses/CODEQL_VARIANT_ANALYSIS_ID

默认响应

状态：200

{ "id": 1, "controller_repo": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "actor": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "query_language": "python", "query_pack_url": "https://www.example.com", "created_at": "2022-09-12T12:14:32Z", "updated_at": "2022-09-12T12:14:32Z", "completed_at": "2022-09-12T13:15:33Z", "status": "completed", "actions_workflow_run_id": 3453588, "scanned_repositories": [ { "repository": { "id": 1296269, "name": "Hello-World", "full_name": "octocat/Hello-World", "private": false }, "analysis_status": "succeeded", "result_count": 532, "artifact_size_in_bytes": 12345 } ], "skipped_repositories": { "access_mismatch_repos": { "repository_count": 2, "repositories": [ { "id": 1, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo1", "full_name": "octo-org/octo-repo1", "private": false }, { "id": 2, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo2", "full_name": "octo-org/octo-repo2", "private": false } ] }, "not_found_repos": { "repository_count": 3, "repository_full_names": [ "octo-org/octo-repo4", "octo-org/octo-repo5", "octo-org/octo-repo6" ] }, "no_codeql_db_repos": { "repository_count": 2, "repositories": [ { "id": 7, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo7", "full_name": "octo-org/octo-repo7", "private": false }, { "id": 8, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo8", "full_name": "octo-org/octo-repo8", "private": false } ] }, "over_limit_repos": { "repository_count": 2, "repositories": [ { "id": 9, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo9", "full_name": "octo-org/octo-repo9", "private": false }, { "id": 10, "node_id": "MDQ6VXNlcjE=", "name": "octo-repo10", "full_name": "octo-org/octo-repo10", "private": false } ] } } }

获取 CodeQL 变体分析中某个仓库的分析状态

获取 CodeQL 变体分析中某个仓库的分析状态。

“获取 CodeQL 变体分析中某个仓库的分析状态”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“内容” 仓库权限（读取）

“获取 CodeQL 变体分析中某个仓库的分析状态”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需控制仓库的名称。
`codeql_variant_analysis_id` 整数必填变体分析的 ID。
`repo_owner` 字符串必填变体分析仓库的账户所有者。名称不区分大小写。
`repo_name` 字符串必填变体分析仓库的名称。

“获取 CodeQL 变体分析中某个仓库的分析状态”的 HTTP 响应状态码

状态代码	说明
`200`	OK
`404`	资源未找到
`503`	服务不可用

“获取 CodeQL 变体分析中某个仓库的分析状态”的代码示例

请求示例

获取/repos/{owner}/{repo}/code-scanning/codeql/variant-analyses/{codeql_variant_analysis_id}/repos/{repo_owner}/{repo_name}

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/codeql/variant-analyses/CODEQL_VARIANT_ANALYSIS_ID/repos/REPO_OWNER/REPO_NAME

默认响应

状态：200

{ "repository": { "id": 1296269, "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", "name": "Hello-World", "full_name": "octocat/Hello-World", "owner": { "login": "octocat", "id": 1, "node_id": "MDQ6VXNlcjE=", "avatar_url": "https://github.com/images/error/octocat_happy.gif", "gravatar_id": "", "url": "https://api.github.com/users/octocat", "html_url": "https://github.com/octocat", "followers_url": "https://api.github.com/users/octocat/followers", "following_url": "https://api.github.com/users/octocat/following{/other_user}", "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", "organizations_url": "https://api.github.com/users/octocat/orgs", "repos_url": "https://api.github.com/users/octocat/repos", "events_url": "https://api.github.com/users/octocat/events{/privacy}", "received_events_url": "https://api.github.com/users/octocat/received_events", "type": "User", "site_admin": false }, "private": false, "html_url": "https://github.com/octocat/Hello-World", "description": "This your first repo!", "fork": false, "url": "https://api.github.com/repos/octocat/Hello-World", "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", "events_url": "https://api.github.com/repos/octocat/Hello-World/events", "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks" }, "analysis_status": "succeeded", "artifact_size_in_bytes": 12345, "result_count": 532, "database_commit_sha": "2d870c2a717a524627af38fa2da382188a096f90", "source_location_prefix": "/", "artifact_url": "https://example.com" }

获取代码扫描默认设置配置

获取代码扫描默认设置配置。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能在此端点上使用私有或公共仓库，或者需要public_repo范围才能在此端点上仅使用公共仓库。

“获取代码扫描默认设置配置”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“管理”仓库权限（读取）

“获取代码扫描默认设置配置”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

“获取代码扫描默认设置配置”的 HTTP 响应状态码

状态代码	说明
`200`	OK
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	资源未找到
`503`	服务不可用

“获取代码扫描默认设置配置”的代码示例

请求示例

获取/repos/{owner}/{repo}/code-scanning/default-setup

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/default-setup

响应

状态：200

{ "state": "configured", "languages": [ "ruby", "python" ], "query_suite": "default", "updated_at": "2023-01-19T11:21:34Z", "schedule": "weekly" }

更新代码扫描默认设置配置

更新代码扫描默认设置配置。

OAuth 应用令牌和个人访问令牌（经典）需要repo范围才能在此端点上使用私有或公共仓库，或者需要public_repo范围才能在此端点上仅使用公共仓库。

“更新代码扫描默认设置配置”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“管理”存储库权限（写入）

“更新代码扫描默认设置配置”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

主体参数
名称、类型、说明
`state` 字符串代码扫描默认设置的所需状态。可以是以下之一： `已配置`, `未配置`
`query_suite` 字符串要使用的 CodeQL 查询套件。可以是以下之一： `default`, `extended`
`languages` 字符串数组要分析的 CodeQL 语言。支持的值为：`c-cpp`、`csharp`、`go`、`java-kotlin`、`javascript-typescript`、`python`、`ruby`、`swift`

“更新代码扫描默认设置配置”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`202`	已接受
`403`	如果存储库已存档或 GitHub 高级安全功能未为此存储库启用，则会返回此响应
`404`	资源未找到
`409`	如果已存在使用不同默认设置配置的验证运行，则返回的响应
`503`	服务不可用

“更新代码扫描默认设置配置”的代码示例

请求示例

补丁/repos/{owner}/{repo}/code-scanning/default-setup

curl -L \ -X PATCH \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/default-setup \ -d '{"state":"configured"}'

响应

状态：202

{ "run_id": 42, "run_url": "https://api.github.com/repos/octoorg/octocat/actions/runs/42" }

上传分析结果为 SARIF 数据

上传包含代码扫描分析结果的 SARIF 数据，以便在存储库中查看结果。有关故障排除信息，请参阅“SARIF 上传故障排除”。

您可以上传代码扫描结果到两个位置。

如果您上传到拉取请求（例如 --ref refs/pull/42/merge 或 --ref refs/pull/42/head），则结果会显示为拉取请求检查中的警报。有关更多信息，请参阅“处理拉取请求中的代码扫描警报”。
如果您上传到分支（例如 --ref refs/heads/my-branch），则结果会显示在您的存储库的“**安全**”选项卡中。有关更多信息，请参阅“管理您的存储库的代码扫描警报”。

您必须使用 gzip 压缩要上传的 SARIF 格式分析数据，然后将其编码为 Base64 格式字符串。例如

gzip -c analysis-data.sarif | base64 -w0

SARIF 上传对以下数据对象的每个条目数量有最大限制，如果任何对象的条目数超过最大值，则分析将被拒绝。对于某些对象，存在附加值，超过这些值的条目将被忽略，同时保留最重要（如有适用）的条目。为了在分析包含超过支持限制的数据时充分利用分析结果，请尝试优化分析配置。例如，对于 CodeQL 工具，请识别并移除最嘈杂的查询。有关更多信息，请参阅“SARIF 结果超过一个或多个限制”。

SARIF 数据	最大值	其他限制
每个文件的运行次数	20
每次运行的结果数	25,000	仅包含前 5000 个结果，按严重性排序。
每次运行的规则数	25,000
每次运行的工具扩展数	100
每个结果的线程流位置数	10,000	仅包含前 1000 个线程流位置，使用优先级排序。
每个结果的位置数	1,000	仅包含 100 个位置。
每个规则的标签数	20	仅包含 10 个标签。

202 已接受 响应包含一个 id 值。您可以使用此 ID 在 /sarifs/{sarif_id} 端点中检查上传的状态。有关更多信息，请参阅“获取有关 SARIF 上传的信息”。

此端点每个用户或调用它的应用程序安装每小时限制为 1000 个请求。

“上传分析结果为 SARIF 数据”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”存储库权限（写入）

“上传分析结果为 SARIF 数据”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。

主体参数
名称、类型、说明
`commit_sha` 字符串必需与您要上传的分析相关的提交的 SHA。
`ref` 字符串必需完整的 Git 引用，格式为 `refs/heads/<分支名称>`、`refs/tags/<标签>`、`refs/pull/<编号>/merge` 或 `refs/pull/<编号>/head`。
`sarif` 字符串必需表示要上传的 SARIF 文件的 Base64 字符串。您必须首先使用 `gzip` 压缩 SARIF 文件，然后将文件内容转换为 Base64 编码字符串。有关更多信息，请参阅“代码扫描的 SARIF 支持”。
`checkout_uri` 字符串分析中使用的基目录，如 SARIF 文件中所示。此属性用于将文件路径从绝对路径转换为相对路径，以便可以将警报映射到存储库中的正确位置。
`started_at` 字符串分析运行开始的时间。这是一个 ISO 8601 格式的时间戳：`YYYY-MM-DDTHH:MM:SSZ`。
`tool_name` 字符串用于生成代码扫描分析的工具的名称。如果不使用此参数，则工具名称默认为“API”。如果上传的 SARIF 包含工具 GUID，则可以使用 `GET /repos/{owner}/{repo}/code-scanning/alerts` 等操作的 `tool_guid` 参数对其进行过滤。
`validate` 布尔值是否根据代码扫描规范验证 SARIF 文件。此参数旨在帮助集成商确保上传的 SARIF 文件能够被代码扫描正确呈现。

“上传分析结果为 SARIF 数据”的 HTTP 响应状态代码

状态代码	说明
`202`	已接受
`400`	如果 sarif 字段无效，则返回错误请求
`403`	如果存储库已存档或 GitHub 高级安全功能未为此存储库启用，则会返回此响应
`404`	资源未找到
`413`	如果 sarif 字段过大，则返回有效负载过大
`503`	服务不可用

“上传分析结果为 SARIF 数据”的代码示例

请求示例

post/repos/{owner}/{repo}/code-scanning/sarifs

curl -L \ -X POST \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/sarifs \ -d '{"commit_sha":"4b6472266afd7b471e86085a6659e8c7f2b119da","ref":"refs/heads/master","sarif":"H4sICMLGdF4AA2V4YW1wbGUuc2FyaWYAvVjdbts2FL7PUxDCijaA/CM7iRNfLkPXYgHSNstumlzQ0pHFVCI1korjFgH2ONtr7Ul2KFmy/mOn6QIkjsjDw0/nfN85NL8dEGL9pNwAImqRObECrWM1H40kXQ2XTAfJIlEgXcE1cD10RTQSVDE10K4aKSqZP1AxuKOIKg1ydJU60jSfSh8Hk6EzHA/vlOCWbfa7B6kYPpj90rlsWCZcmbHP5Bs+4oAWIjQD2SMOeJLh2vIQDnIaQerqXHjw8YIgxohybxAyDsS4cAPKsp03K4RcUs6+Up2D+JXpd8mibKIQN9fM/aMCdbyBujGSSQgVxJtx5qX2d2qUcIweQhEuDQf3GBO6CKHkogx/N3MVCKl/AeVKFuf4y5ubsMGDTj1ep+5I7sgmLIpxtU38hLtmMRGSuCFVyip5eKzs5ydh+LztVL6f2m6oih1BkYiuyQIIJWodxVpERPj4sEiWBNNH8EWT0DMG8EAjzKVHXCrB4FkPu/F64NMk1OeC+2yZSNoBOoR7CC0EzYWGbm+xFDFIzbI011+cLjfZtyJkmMZfumAh02uL3NpV2y+MZ6RAjxibyKrNxxJcVjANSb4eBGwZ1M0KsuyR2poLr5rMl8vaDSeVn6eTWEO2j2xIEcmhwlTKNOi4GMOI8gfuZYkvJ7b4v5Tiumyz7RnHeodFzpS8ASIZCH/AYdWi2z3sG8JtFxJ6fF9yR9CdifBr9Pd6d5V2+zbJKjjCFGGmsHuYFy2ytJq9tUxcLSRSQecppOGKrpUxYfxefMEFK+wOGa4hudQByBVT0L+EKtyACxnRsABhEx1QjVDs1KNI9MbpnhqfE45B6FJvu3hRu5VRU9MhZLmK7fqkKyQSTHNoyMqUFMqXCV3CwAeqEwmVokraK8IuBaGvHjQ0gMYrKjnjyw7uk9uD8tgmsBbFMPnU1bV2ZhkJNkuolUiWys3UPWzs5aaIUz9TBe8zMb+6+nT+6fLy91dlE3xzeDDT4zYszb0bW6NjJd0Rvn2EnLvWLFSdKPpBzInzfRgu8ETyMcH8nIfMnJCeC2PyfTA+UKngcnGH7Hw2hGkVQs5YlIRCtdWZYQ4/73es2JlxkfViOEIhoWJq5Oo6UBBfiKIqFBWhiE3jJGbFwVoxBHTRSuIS67sMeplei24X20shLjG+8gqbKC/bESiNMC+wd5q5id0yeS7CJEqXzmrTWNq3k05l84P6f4/bEmXFJjI0fIt1BGQssUnUDkBYeVhE5TqPnMH3jqogDcP0zKcTgLPTMSzOjhbjuVOmW23l1fYNStulfo6sXlFsGLhbDy5RECPRYGCTgOj2bd4nUQEivEd0H7KKYxqnEhFohuur3a3UPskbH/+Yg0+M5P2MHRJu3ziHh3Z2NCrWt3XF1rWTw8Ne/pfbWYXnDSE0SNZQQt1i18q7te2vOhu7ehWuvVyeu0wbLZi24mhoo6aOOTltzG/lgdVvVoXQq5V+pewkFIzL8fjEcadT55jOjpzFzHuOTtDNrMkJPMVQDd7F09RID72O/UPZ0tmctqZ7kWX6EmSZnDpP8GU67SXM8XE3YSrxbKsx6UReZ4y6n/FVZfJjs9Z7stma75W5yQtkzjk5eSJxk1lv4o7+j8TlhaJ2lsKWZO6lruDPBLib3x5ZN/KGWzZ+pn///evv7OOf4iIBv3oY9L/l1wiJ9p0Tc+F1zZnOE9NxXWEus6IQhr5pMfoqxi8WPsuu0azsns4UC6WzNzHIzbeEx4P/AJ3SefgcFAAA"}'

默认响应

状态：202

{ "id": "47177e22-5596-11eb-80a1-c1e54ef945c6", "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/sarifs/47177e22-5596-11eb-80a1-c1e54ef945c6" }

获取有关 SARIF 上传的信息

获取有关 SARIF 上传的信息，包括状态和已上传分析的 URL，以便您可以检索分析的详细信息。有关更多信息，请参阅“获取存储库的代码扫描分析”。OAuth 应用程序令牌和个人访问令牌（经典）需要 security_events 范围才能将此端点与私有或公共存储库一起使用，或者需要 public_repo 范围才能仅将此端点与公共存储库一起使用。

“获取有关 SARIF 上传的信息”的细粒度访问令牌

此端点适用于以下细粒度令牌类型:

细粒度令牌必须具有以下权限集

“代码扫描警报”代码仓库权限（读取）

“获取有关 SARIF 上传的信息”的参数

标头
名称、类型、说明
`accept` 字符串建议设置为 `application/vnd.github+json`。

路径参数
名称、类型、说明
`owner` 字符串必需仓库的帐户所有者。名称不区分大小写。
`repo` 字符串必需不带`.git`扩展名的仓库名称。名称不区分大小写。
`sarif_id` 字符串必需上传后获得的 SARIF ID。

“获取有关 SARIF 上传的信息”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`403`	如果未为此仓库启用GitHub高级安全功能，则会返回响应
`404`	如果 sarif id 与任何上传都不匹配，则返回未找到
`503`	服务不可用

“获取有关 SARIF 上传的信息”的代码示例

请求示例

get/repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id}

curl -L \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>" \ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/code-scanning/sarifs/SARIF_ID

默认响应

状态：200

{ "processing_status": "complete", "analyses_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/analyses?sarif_id=47177e22-5596-11eb-80a1-c1e54ef945c6" }