Upload a SARIF file

Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.


string The token will be passed in the authorization header.



string The commit SHA of the code scanning analysis file.

string The full Git reference of the code scanning analysis file, formatted as refs/heads/<branch name>.

string A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using gzip and then translate the contents of the file into a Base64 encoding string.

string The base directory used in the analysis, as it appears in the SARIF file. This property is used to convert file paths from absolute to relative, so that alerts can be mapped to their correct location in the repository.

string The time that the analysis run began. This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

string The name of the tool used to generate the code scanning analysis alert.


POST https://api.github.com/repos///code-scanning/sarifs
authorization: bearer undefined
accept: application/vnd.github.v3+json
user-agent: octokit.rest
content-length: 0

No response available

See documentation on GitHub developer guides