app_idinteger
Filters check suites by GitHub App id.
Example:1
check_namestring
Returns check runs with the specified name.
per_pageinteger
Results per page (max 100)
Default:30
pageinteger
Page number of the results to fetch.
Default:1
List check suites for a Git reference
Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.
Lists check suites for a commit ref. The ref can be a SHA, branch name, or a tag name. GitHub Apps must have the checks:read permission on a private repository or pull access to a public repository to list check suites. OAuth Apps and authenticated users must have the repo scope to get check suites in a private repository.
get
http://HOSTNAME/api/v3/repos/{owner}/{repo}/commits/{ref}/check-suites
Query Parameters
Path Parameters
ownerstringrequired
repostringrequired
refstringrequired
ref parameter
Response
200 application/json
Response
200 application/json
Response
total_countintegerrequired
check_suitesarray[object]required
A suite of checks performed on the code of a given code change
Show Child Parameters
get/repos/{owner}/{repo}/commits/{ref}/check-suites
Path Parameters
Query Parameters
200 application/json
List code scanning alerts for a repository
Lists all open code scanning alerts for the default branch (usually main
or master). You must use an access token with the security_events scope to use
this endpoint. GitHub Apps must have the security_events read permission to use
this endpoint.
The response includes a most_recent_instance object.
This provides details of the most recent instance of this alert
for the default branch or for the specified Git reference
(if you used ref in the request).
get
http://HOSTNAME/api/v3/repos/{owner}/{repo}/code-scanning/alerts
Query Parameters
tool_namestring
The name of the tool used to generate the code scanning analysis.
tool_guidstring | null
The GUID of the tool used to generate the code scanning analysis, if provided in the uploaded SARIF data.
pageinteger
Page number of the results to fetch.
Default:1
per_pageinteger
Results per page (max 100)
Default:30
refstring
The full Git reference, formatted as refs/heads/<branch name>,
refs/pull/<number>/merge, or refs/pull/<number>/head.
statestring
State of a code scanning alert.
Allowed values:opencloseddismissedfixed
Path Parameters
ownerstringrequired
repostringrequired
Response
application/json
Response
application/json
Response
numberintegerrequiredread-only
The security alert number.
created_atstring(date-time)requiredread-only
The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
urlstring(uri)requiredread-only
The REST API URL of the alert resource.
html_urlstring(uri)requiredread-only
The GitHub URL of the alert resource.
instances_urlstring(uri)requiredread-only
The REST API URL for fetching the list of instances for an alert.
statestringrequired
State of a code scanning alert.
Allowed values:opencloseddismissedfixed
dismissed_byobject | nullrequired
Simple User
Show Child Parameters
dismissed_atstring | null(date-time)requiredread-only
The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_reasonstring | nullrequired
Required when the state is dismissed. The reason for dismissing or closing the alert. Can be one of: false positive, won't fix, and used in tests.
Allowed values:false positivewon't fixused in tests
ruleobjectrequired
Show Child Parameters
toolobjectrequired
Show Child Parameters
most_recent_instanceobjectrequired
Show Child Parameters
get/repos/{owner}/{repo}/code-scanning/alerts
Path Parameters
Query Parameters
application/json
Get a code scanning alert
Gets a single code scanning alert. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events read permission to use this endpoint.
Deprecation notice:
The instances field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The same information can now be retrieved via a GET request to the URL specified by instances_url.
get
http://HOSTNAME/api/v3/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
Path Parameters
ownerstringrequired
repostringrequired
alert_numberintegerrequiredread-only
The security alert number.
Response
application/json
Response
application/json
Response
code-scanning-alert
numberintegerrequiredread-only
The security alert number.
created_atstring(date-time)requiredread-only
The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
urlstring(uri)requiredread-only
The REST API URL of the alert resource.
html_urlstring(uri)requiredread-only
The GitHub URL of the alert resource.
instances_urlstring(uri)requiredread-only
The REST API URL for fetching the list of instances for an alert.
statestringrequired
State of a code scanning alert.
Allowed values:opencloseddismissedfixed
dismissed_byobject | nullrequired
Simple User
Show Child Parameters
dismissed_atstring | null(date-time)requiredread-only
The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_reasonstring | nullrequired
Required when the state is dismissed. The reason for dismissing or closing the alert. Can be one of: false positive, won't fix, and used in tests.
Allowed values:false positivewon't fixused in tests
ruleobjectrequired
Show Child Parameters
toolobjectrequired
Show Child Parameters
most_recent_instanceobjectrequired
Show Child Parameters
instancesDEPRECATED
get/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
Path Parameters
application/json
Update a code scanning alert
Updates the status of a single code scanning alert. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
patch
http://HOSTNAME/api/v3/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
Path Parameters
ownerstringrequired
repostringrequired
alert_numberintegerrequiredread-only
The security alert number.
Body
application/json
Body
application/json
statestringrequired
Sets the state of the code scanning alert. Can be one of open or dismissed. You must provide dismissed_reason when you set the state to dismissed.
Allowed values:opendismissed
dismissed_reasonstring | null
Required when the state is dismissed. The reason for dismissing or closing the alert. Can be one of: false positive, won't fix, and used in tests.
Allowed values:false positivewon't fixused in tests
Response
application/json
Response
application/json
Response
code-scanning-alert
numberintegerrequiredread-only
The security alert number.
created_atstring(date-time)requiredread-only
The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
urlstring(uri)requiredread-only
The REST API URL of the alert resource.
html_urlstring(uri)requiredread-only
The GitHub URL of the alert resource.
instances_urlstring(uri)requiredread-only
The REST API URL for fetching the list of instances for an alert.
statestringrequired
State of a code scanning alert.
Allowed values:opencloseddismissedfixed
dismissed_byobject | nullrequired
Simple User
Show Child Parameters
dismissed_atstring | null(date-time)requiredread-only
The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_reasonstring | nullrequired
Required when the state is dismissed. The reason for dismissing or closing the alert. Can be one of: false positive, won't fix, and used in tests.
Allowed values:false positivewon't fixused in tests
ruleobjectrequired
Show Child Parameters
toolobjectrequired
Show Child Parameters
most_recent_instanceobjectrequired
Show Child Parameters
instancesDEPRECATED
patch/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
Path Parameters
Body
{
"state": "dismissed",
"dismissed_reason": "false positive"
}
application/json
List code scanning analyses for a repository
Lists the details of all code scanning analyses for a repository,
starting with the most recent.
The response is paginated and you can use the page and per_page parameters
to list the analyses you’re interested in.
By default 30 analyses are listed per page.
The rules_count field in the response give the number of rules
that were run in the analysis.
For very old analyses this data is not available,
and 0 is returned in this field.
You must use an access token with the security_events scope to use this endpoint.
GitHub Apps must have the security_events read permission to use this endpoint.
Deprecation notice:
The tool_name field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the tool field.
get
http://HOSTNAME/api/v3/repos/{owner}/{repo}/code-scanning/analyses
Query Parameters
tool_namestring
The name of the tool used to generate the code scanning analysis.
tool_guidstring | null
The GUID of the tool used to generate the code scanning analysis, if provided in the uploaded SARIF data.
pageinteger
Page number of the results to fetch.
Default:1
per_pageinteger
Results per page (max 100)
Default:30
refstring
The full Git reference, formatted as refs/heads/<branch name>,
refs/pull/<number>/merge, or refs/pull/<number>/head.
sarif_idstring
An identifier for the upload.
Example:6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53
Path Parameters
ownerstringrequired
repostringrequired
Response
application/json
Response
application/json
Response
refstringrequired
The full Git reference, formatted as refs/heads/<branch name>,
refs/pull/<number>/merge, or refs/pull/<number>/head.
commit_shastringrequired
The SHA of the commit to which the analysis you are uploading relates.
Match pattern:^[0-9a-fA-F]+$
>= 40 characters<= 40 characters
analysis_keystringrequired
Identifies the configuration under which the analysis was executed. For example, in GitHub Actions this includes the workflow filename and job name.
environmentstringrequired
Identifies the variable values associated with the environment in which this analysis was performed.
categorystring
Identifies the configuration under which the analysis was executed. Used to distinguish between multiple analyses for the same tool and commit, but performed on different languages or different parts of the code.
errorstringrequired
Example:error reading field xyz
created_atstring(date-time)requiredread-only
The time that the analysis was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
results_countintegerrequired
The total number of results in the analysis.
rules_countintegerrequired
The total number of rules used in the analysis.
idintegerrequired
Unique identifier for this analysis.
urlstring(uri)requiredread-only
The REST API URL of the analysis resource.
sarif_idstringrequired
An identifier for the upload.
Example:6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53
toolobjectrequired
Show Child Parameters
deletablebooleanrequired
warningstringrequired
Warning generated when processing the analysis
Example:123 results were ignored
tool_namestring
get/repos/{owner}/{repo}/code-scanning/analyses
Path Parameters
Query Parameters
application/json