REST API endpoints for Dependabot alert dismissal requests
Use the REST API to manage Dependabot alert dismissal requests for a repository.
List dismissal requests for Dependabot alerts for a repository
Lists dismissal requests for Dependabot alerts for a repository.
Delegated alert dismissal must be enabled on the repository.
Personal access tokens (classic) need the security_events scope to use this endpoint.
Tokens de acesso refinados para "List dismissal requests for Dependabot alerts for a repository"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Dependabot alerts" repository permissions (read)
Parâmetros para "List dismissal requests for Dependabot alerts for a repository"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
| Nome, Tipo, Descrição |
|---|
reviewer string Filter alert dismissal requests by the handle of the GitHub user who reviewed the dismissal request. |
requester string Filter alert dismissal requests by the handle of the GitHub user who requested the dismissal. |
time_period string The time period to filter by. For example, Padrão: Pode ser um dos: |
request_status string Filter alert dismissal requests by status. When specified, only requests with this status will be returned. Padrão: Pode ser um dos: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." Padrão: |
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." Padrão: |
Códigos de status de resposta HTTP para "List dismissal requests for Dependabot alerts for a repository"
| Código de status | Descrição |
|---|---|
200 | A list of alert dismissal requests. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Exemplos de código para "List dismissal requests for Dependabot alerts for a repository"
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabotA list of alert dismissal requests.
Status: 200[
{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "dependabot_alert_dismissal",
"data": [
{
"reason": "no_bandwidth",
"alert_number": "1",
"alert_title": "lodash - GHSA-1234-abcd-5678"
}
],
"resource_identifier": "1",
"status": "denied",
"requester_comment": "No bandwidth to fix this right now",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [
{
"id": 42,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "denied",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/1",
"html_url": "https://github.com/octo-org/smile/security/dependabot/1"
},
{
"id": 12,
"number": 24,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "dependabot_alert_dismissal",
"data": [
{
"reason": "tolerable_risk",
"alert_number": "2",
"alert_title": "axios - GHSA-5678-efgh-9012"
}
],
"resource_identifier": "2",
"status": "approved",
"requester_comment": "Risk is acceptable for this internal tool",
"expires_at": "2024-07-08T07:43:03Z",
"created_at": "2024-07-01T07:43:03Z",
"responses": [
{
"id": 43,
"reviewer": {
"actor_id": 4,
"actor_name": "octocat"
},
"status": "approved",
"created_at": "2024-07-02T08:43:04Z"
}
],
"url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/2",
"html_url": "https://github.com/octo-org/smile/security/dependabot/2"
}
]Get a dismissal request for a Dependabot alert for a repository
Gets a dismissal request to dismiss a Dependabot alert in a repository.
Delegated alert dismissal must be enabled on the repository.
Personal access tokens (classic) need the security_events scope to use this endpoint.
Tokens de acesso refinados para "Get a dismissal request for a Dependabot alert for a repository"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Dependabot alerts" repository permissions (read)
Parâmetros para "Get a dismissal request for a Dependabot alert for a repository"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
alert_number integer ObrigatórioThe number that identifies the Dependabot alert. |
Códigos de status de resposta HTTP para "Get a dismissal request for a Dependabot alert for a repository"
| Código de status | Descrição |
|---|---|
200 | A single dismissal request. |
403 | Forbidden |
404 | Resource not found |
500 | Internal Error |
Exemplos de código para "Get a dismissal request for a Dependabot alert for a repository"
Exemplo de solicitação
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot/ALERT_NUMBERA single dismissal request.
Status: 200{
"id": 21,
"number": 42,
"repository": {
"id": 1,
"name": "smile",
"full_name": "octo-org/smile"
},
"organization": {
"id": 1,
"name": "octo-org"
},
"requester": {
"actor_id": 12,
"actor_name": "monalisa"
},
"request_type": "dependabot_alert_dismissal",
"data": [
{
"reason": "no_bandwidth",
"alert_number": "1",
"alert_title": "lodash - GHSA-1234-abcd-5678"
}
],
"resource_identifier": "1",
"status": "pending",
"requester_comment": "No bandwidth to fix this right now",
"expires_at": "2024-07-08T08:43:03Z",
"created_at": "2024-07-01T08:43:03Z",
"responses": [],
"url": "https://HOSTNAME/repos/octo-org/smile/dismissal-requests/dependabot/1",
"html_url": "https://github.com/octo-org/smile/security/dependabot/1"
}Review a dismissal request for a Dependabot alert for a repository
Approve or deny a dismissal request to dismiss a Dependabot alert in a repository.
Delegated alert dismissal must be enabled on the repository and the user must be a dismissal reviewer to access this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.
Tokens de acesso refinados para "Review a dismissal request for a Dependabot alert for a repository"
Esse ponto de extremidade funciona com os seguintes tipos de token refinados:
- Tokens de acesso de usuário do aplicativo GitHub
- Tokens de acesso à instalação do aplicativo GitHub
- Tokens de acesso pessoal refinados
O token refinado deve ter os seguintes conjuntos de permissões:
- "Organization dismissal requests for Dependabot" organization permissions (write) and "Dependabot alerts" repository permissions (read)
Parâmetros para "Review a dismissal request for a Dependabot alert for a repository"
| Nome, Tipo, Descrição |
|---|
accept string Setting to |
| Nome, Tipo, Descrição |
|---|
owner string ObrigatórioThe account owner of the repository. The name is not case sensitive. |
repo string ObrigatórioThe name of the repository without the |
alert_number integer ObrigatórioThe number that identifies the Dependabot alert. |
| Nome, Tipo, Descrição |
|---|
status string ObrigatórioThe review action to perform on the dismissal request. Pode ser um dos: |
message string ObrigatórioA message to include with the review. Has a maximum character length of 2048. |
Códigos de status de resposta HTTP para "Review a dismissal request for a Dependabot alert for a repository"
| Código de status | Descrição |
|---|---|
200 | The review of the dismissal request. |
403 | Forbidden |
404 | Resource not found |
422 | Validation failed, or the endpoint has been spammed. |
500 | Internal Error |
Exemplos de código para "Review a dismissal request for a Dependabot alert for a repository"
Exemplo de solicitação
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
http(s)://HOSTNAME/api/v3/repos/OWNER/REPO/dismissal-requests/dependabot/ALERT_NUMBER \
-d '{"status":"approve","message":"Used in tests."}'The review of the dismissal request.
Status: 200{
"dismissal_review_id": 1
}