List code scanning alerts for a repository
Lists all open code scanning alerts for the default branch (usually main
or master
). You must use an access token with the security_events
scope to use this endpoint. GitHub Apps must have the security_events
read permission to use this endpoint.
Parameters
Example Response
Status: 200
[
{
"number": 4,
"created_at": "2020-02-13T12:29:18Z",
"url": "https://api.github.com/repos/github/hello-world/code-scanning/alerts/4",
"html_url": "https://github.com/github/hello-world/code-scanning/4",
"state": "open",
"dismissed_by": null,
"dismissed_at": null,
"dismissed_reason": null,
"rule": {
"id": "js/zipslip",
"severity": "error",
"description": "Arbitrary file write during zip extraction"
},
"tool": {
"name": "CodeQL command-line toolchain",
"version": null
}
},
{
"number": 3,
"created_at": "2020-02-13T12:29:18Z",
"url": "https://api.github.com/repos/github/hello-world/code-scanning/alerts/3",
"html_url": "https://github.com/github/hello-world/code-scanning/3",
"state": "dismissed",
"dismissed_by": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"dismissed_at": "2020-02-14T12:29:18Z",
"dismissed_reason": "false positive",
"rule": {
"id": "js/zipslip",
"severity": "error",
"description": "Arbitrary file write during zip extraction"
},
"tool": {
"name": "CodeQL command-line toolchain",
"version": null
}
}
]
See documentation on GitHub developer guides