locations
Creates, updates, deletes, gets or lists a locations resource.
Overview
| Name | locations |
| Type | Resource |
| Id | github.secret_scanning.locations |
Fields
The following fields are returned by SELECT queries:
- list_locations_for_alert
Response
| Name | Datatype | Description |
|---|---|---|
details | object | Represents a 'commit' secret scanning location type. This location type shows that a secret was detected inside a commit to a repository. |
type | string | The location type. Because secrets may be found in different types of resources (ie. code, comments, issues, pull requests, discussions), this field identifies the type of resource where the secret was found. (commit, wiki_commit, issue_title, issue_body, issue_comment, discussion_title, discussion_body, discussion_comment, pull_request_title, pull_request_body, pull_request_comment, pull_request_review, pull_request_review_comment) (example: commit) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_locations_for_alert | select | owner, repo, alert_number | page, per_page | Lists all locations for a given secret scanning alert for an eligible repository. The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint. OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
alert_number | integer | The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation. |
owner | string | The account owner of the repository. The name is not case sensitive. |
repo | string | The name of the repository without the .git extension. The name is not case sensitive. |
page | integer | The page number of the results to fetch. For more information, see "Using pagination in the REST API." |
per_page | integer | The number of results per page (max 100). For more information, see "Using pagination in the REST API." |
SELECT examples
- list_locations_for_alert
Lists all locations for a given secret scanning alert for an eligible repository.
The authenticated user must be an administrator for the repository or for the organization that owns the repository to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the repo or security_events scope to use this endpoint. If this endpoint is only used with public repositories, the token can use the public_repo scope instead.
SELECT
details,
type
FROM github.secret_scanning.locations
WHERE owner = '{{ owner }}' -- required
AND repo = '{{ repo }}' -- required
AND alert_number = '{{ alert_number }}' -- required
AND page = '{{ page }}'
AND per_page = '{{ per_page }}'
;