alert_items
Creates, updates, deletes, gets or lists an alert_items resource.
Overview
| Name | alert_items |
| Type | Resource |
| Id | github.code_scanning.alert_items |
Fields
The following fields are returned by SELECT queries:
- list_alerts_for_repo
- list_alerts_for_org
Response
| Name | Datatype | Description |
|---|---|---|
assignees | array | |
created_at | string (date-time) | The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
dismissal_approved_by | object | A GitHub user. (title: Simple User) |
dismissed_at | string (date-time) | The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
dismissed_by | object | A GitHub user. (title: Simple User) |
dismissed_comment | string | The dismissal comment associated with the dismissal of the alert. |
dismissed_reason | string | Required when the state is dismissed. The reason for dismissing or closing the alert. (false positive, won't fix, used in tests) |
fixed_at | string (date-time) | The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
html_url | string (uri) | The GitHub URL of the alert resource. |
instances_url | string (uri) | The REST API URL for fetching the list of instances for an alert. |
most_recent_instance | object | |
number | integer | The security alert number. |
rule | object | |
state | string | State of a code scanning alert. (open, dismissed, fixed) |
tool | object | |
updated_at | string (date-time) | The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
url | string (uri) | The REST API URL of the alert resource. |
Response
| Name | Datatype | Description |
|---|---|---|
assignees | array | |
created_at | string (date-time) | The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
dismissal_approved_by | object | A GitHub user. (title: Simple User) |
dismissed_at | string (date-time) | The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
dismissed_by | object | A GitHub user. (title: Simple User) |
dismissed_comment | string | The dismissal comment associated with the dismissal of the alert. |
dismissed_reason | string | Required when the state is dismissed. The reason for dismissing or closing the alert. (false positive, won't fix, used in tests) |
fixed_at | string (date-time) | The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
html_url | string (uri) | The GitHub URL of the alert resource. |
instances_url | string (uri) | The REST API URL for fetching the list of instances for an alert. |
most_recent_instance | object | |
number | integer | The security alert number. |
repository | object | A GitHub repository. (title: Simple Repository) |
rule | object | |
state | string | State of a code scanning alert. (open, dismissed, fixed) |
tool | object | |
updated_at | string (date-time) | The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ. |
url | string (uri) | The REST API URL of the alert resource. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_alerts_for_repo | select | owner, repo | tool_name, tool_guid, page, per_page, ref, pr, direction, before, after, sort, state, severity, assignees | Lists code scanning alerts. The response includes a most_recent_instance object.This provides details of the most recent instance of this alert for the default branch (or for the specified Git reference if you used ref in the request).OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories. |
list_alerts_for_org | select | org | tool_name, tool_guid, before, after, page, per_page, direction, state, sort, severity, assignees | Lists code scanning alerts for the default branch for all eligible repositories in an organization. Eligible repositories are repositories that are owned by organizations that you own or for which you are a security manager. For more information, see "Managing security managers in your organization." The authenticated user must be an owner or security manager for the organization to use this endpoint. OAuth app tokens and personal access tokens (classic) need the security_events or repos cope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
org | string | The organization name. The name is not case sensitive. |
owner | string | The account owner of the repository. The name is not case sensitive. |
repo | string | The name of the repository without the .git extension. The name is not case sensitive. |
after | string | A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API." |
assignees | string | Filter alerts by assignees. Provide a comma-separated list of user handles (e.g., octocat or octocat,hubot). Use * to list alerts with at least one assignee or none to list alerts with no assignees. |
before | string | A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API." |
direction | string | The direction to sort the results by. |
page | integer | The page number of the results to fetch. For more information, see "Using pagination in the REST API." |
per_page | integer | The number of results per page (max 100). For more information, see "Using pagination in the REST API." |
pr | integer | The number of the pull request for the results you want to list. |
ref | string | The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge. |
severity | string | If specified, only code scanning alerts with this severity will be returned. |
sort | string | The property by which to sort the results. |
state | string | If specified, only code scanning alerts with this state will be returned. |
tool_guid | string | The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both. |
tool_name | string | The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both. |
SELECT examples
- list_alerts_for_repo
- list_alerts_for_org
Lists code scanning alerts.
The response includes a most_recent_instance object.
This provides details of the most recent instance of this alert
for the default branch (or for the specified Git reference if you used ref in the request).
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
SELECT
assignees,
created_at,
dismissal_approved_by,
dismissed_at,
dismissed_by,
dismissed_comment,
dismissed_reason,
fixed_at,
html_url,
instances_url,
most_recent_instance,
number,
rule,
state,
tool,
updated_at,
url
FROM github.code_scanning.alert_items
WHERE owner = '{{ owner }}' -- required
AND repo = '{{ repo }}' -- required
AND tool_name = '{{ tool_name }}'
AND tool_guid = '{{ tool_guid }}'
AND page = '{{ page }}'
AND per_page = '{{ per_page }}'
AND ref = '{{ ref }}'
AND pr = '{{ pr }}'
AND direction = '{{ direction }}'
AND before = '{{ before }}'
AND after = '{{ after }}'
AND sort = '{{ sort }}'
AND state = '{{ state }}'
AND severity = '{{ severity }}'
AND assignees = '{{ assignees }}'
;
Lists code scanning alerts for the default branch for all eligible repositories in an organization. Eligible repositories are repositories that are owned by organizations that you own or for which you are a security manager. For more information, see "Managing security managers in your organization."
The authenticated user must be an owner or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events or repos cope to use this endpoint with private or public repositories, or the public_repo scope to use this endpoint with only public repositories.
SELECT
assignees,
created_at,
dismissal_approved_by,
dismissed_at,
dismissed_by,
dismissed_comment,
dismissed_reason,
fixed_at,
html_url,
instances_url,
most_recent_instance,
number,
repository,
rule,
state,
tool,
updated_at,
url
FROM github.code_scanning.alert_items
WHERE org = '{{ org }}' -- required
AND tool_name = '{{ tool_name }}'
AND tool_guid = '{{ tool_guid }}'
AND before = '{{ before }}'
AND after = '{{ after }}'
AND page = '{{ page }}'
AND per_page = '{{ per_page }}'
AND direction = '{{ direction }}'
AND state = '{{ state }}'
AND sort = '{{ sort }}'
AND severity = '{{ severity }}'
AND assignees = '{{ assignees }}'
;