Code security and analysis

Use the REST API to manage code security and analysis features for your enterprise.

Enterprise 管理者用の REST API では、personal access token (classic) を使用する認証のみをサポートします。詳しくは、「personal access token を作成する」をご覧ください。

Get code security and analysis features for an enterprise

Gets code security and analysis settings for the specified enterprise. To use this endpoint, you must be an administrator of the enterprise, and you must use an access token with the admin:enterprise scope.

パラメーター

Headers
Name, Type, Description
`accept`string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`enterprise`stringRequired The slug version of the enterprise name. You can also substitute this value with the enterprise id.

HTTP 応答状態コード

status code	説明
`200`	OK
`404`	Resource not found

コードサンプル

get/enterprises/{enterprise}/code_security_and_analysis

curl \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>"\
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/code_security_and_analysis

Response

Status: 200

{
  "advanced_security_enabled_for_new_repositories": true,
  "secret_scanning_enabled_for_new_repositories": true,
  "secret_scanning_push_protection_enabled_for_new_repositories": true,
  "secret_scanning_push_protection_custom_link": "https://github.com/test-org/test-repo/blob/main/README.md"
}

Update code security and analysis features for an enterprise

Updates the settings for advanced security, secret scanning, and push protection for new repositories in an enterprise. To use this endpoint, you must be an administrator of the enterprise, and you must use an access token with the admin:enterprise scope.

パラメーター

Headers
Name, Type, Description
`accept`string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`enterprise`stringRequired The slug version of the enterprise name. You can also substitute this value with the enterprise id.
Body parameters
Name, Type, Description
`advanced_security_enabled_for_new_repositories`boolean Whether GitHub Advanced Security is automatically enabled for new repositories. For more information, see "About GitHub Advanced Security."
`secret_scanning_enabled_for_new_repositories`boolean Whether secret scanning is automatically enabled for new repositories. For more information, see "About secret scanning."
`secret_scanning_push_protection_enabled_for_new_repositories`boolean Whether secret scanning push protection is automatically enabled for new repositories. For more information, see "Protecting pushes with secret scanning."
`secret_scanning_push_protection_custom_link`string or null The URL that will be displayed to contributors who are blocked from pushing a secret. For more information, see "Protecting pushes with secret scanning." To disable this functionality, set this field to `null`.

HTTP 応答状態コード

status code	説明
`204`	Action started
`404`	Resource not found
`422`	The action could not be taken due to an in progress enablement, or a policy is preventing enablement

コードサンプル

patch/enterprises/{enterprise}/code_security_and_analysis

curl \
  -X PATCH \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>"\
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/code_security_and_analysis \
  -d '{"advanced_security_enabled_for_new_repositories":true,"secret_scanning_enabled_for_new_repositories":true,"secret_scanning_push_protection_enabled_for_new_repositories":true,"secret_scanning_push_protection_custom_link":"https://github.com/test-org/test-repo/blob/main/README.md"}'

Action started

Status: 204

Enable or disable a security feature

Enables or disables the specified security feature for all repositories in an enterprise.

To use this endpoint, you must be an administrator of the enterprise, and you must use an access token with the admin:enterprise scope.

パラメーター

Headers
Name, Type, Description
`accept`string Setting to `application/vnd.github+json` is recommended.
Path parameters
Name, Type, Description
`enterprise`stringRequired The slug version of the enterprise name. You can also substitute this value with the enterprise id.
`security_product`stringRequired The security feature to enable or disable. Can be one of: `advanced_security`, `secret_scanning`, `secret_scanning_push_protection`
`enablement`stringRequired The action to take. `enable_all` means to enable the specified security feature for all repositories in the enterprise. `disable_all` means to disable the specified security feature for all repositories in the enterprise. Can be one of: `enable_all`, `disable_all`

HTTP 応答状態コード

status code	説明
`204`	Action started
`404`	Resource not found
`422`	The action could not be taken due to an in progress enablement, or a policy is preventing enablement

コードサンプル

post/enterprises/{enterprise}/{security_product}/{enablement}

curl \
  -X POST \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>"\
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/enterprises/ENTERPRISE/SECURITY_PRODUCT/ENABLEMENT

Action started

Status: 204