Github API

Getting access, Developing, Testing

Back to Github

List Dependabot alerts for an enterprise

Lists Dependabot alerts for repositories that are owned by the specified enterprise. To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. For more information about security managers, see "Managing security managers in your organization."

Input

type: object properties: parameters: type: object properties: enterprise: type: string description: >- The slug version of the enterprise name. You can also substitute this value with the enterprise id. state: type: string description: >- A comma-separated list of states. If specified, only alerts with these states will be returned. Can be: `auto_dismissed`, `dismissed`, `fixed`, `open` severity: type: string description: >- A comma-separated list of severities. If specified, only alerts with these severities will be returned. Can be: `low`, `medium`, `high`, `critical` ecosystem: type: string description: >- A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned. Can be: `composer`, `go`, `maven`, `npm`, `nuget`, `pip`, `pub`, `rubygems`, `rust` package: type: string description: >- A comma-separated list of package names. If specified, only alerts for these packages will be returned. scope: type: string enum: - development - runtime description: >- The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned. sort: type: string enum: - created - updated default: created description: |- The property by which to sort the results. `created` means when the alert was created. `updated` means when the alert's state last changed. direction: type: string enum: - asc - desc default: desc description: The direction to sort the results by. before: type: string description: >- A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for results before this cursor. after: type: string description: >- A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for results after this cursor. first: type: integer minimum: 1 maximum: 100 default: 30 description: >- **Deprecated**. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with `last`. Instead, use `per_page` in combination with `after` to fetch the first page of results. last: type: integer minimum: 1 maximum: 100 description: >- **Deprecated**. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with `first`. Instead, use `per_page` in combination with `before` to fetch the last page of results. per_page: type: integer default: 30 description: The number of results per page (max 100). required: - enterprise title: Parameters

Output

type: array items: type: object properties: number: type: integer description: The security alert number. readOnly: true state: type: string description: The state of the Dependabot alert. readOnly: true enum: - auto_dismissed - dismissed - fixed - open dependency: type: object properties: package: type: object properties: ecosystem: type: string description: The package's language or package management ecosystem. readOnly: true name: type: string description: The unique package name within its ecosystem. readOnly: true manifest_path: type: string description: >- The full path to the dependency manifest file, relative to the root of the repository. readOnly: true scope: type: string description: The execution scope of the vulnerable dependency. readOnly: true nullable: true enum: - development - runtime security_advisory: type: object properties: ghsa_id: type: string description: The unique GitHub Security Advisory ID assigned to the advisory. readOnly: true cve_id: type: string description: The unique CVE ID assigned to the advisory. readOnly: true nullable: true summary: type: string description: A short, plain text summary of the advisory. readOnly: true maxLength: 1024 description: type: string description: A long-form Markdown-supported description of the advisory. readOnly: true vulnerabilities: type: array description: Vulnerable version range information for the advisory. readOnly: true items: type: object properties: package: type: object properties: ecosystem: type: string description: The package's language or package management ecosystem. readOnly: true name: type: string description: The unique package name within its ecosystem. readOnly: true severity: type: string description: The severity of the vulnerability. readOnly: true enum: - low - medium - high - critical vulnerable_version_range: type: string description: >- Conditions that identify vulnerable versions of this vulnerability's package. readOnly: true first_patched_version: type: object properties: identifier: type: string description: The package version that patches this vulnerability. readOnly: true severity: type: string description: The severity of the advisory. readOnly: true enum: - low - medium - high - critical cvss: type: object properties: score: type: number description: The overall CVSS score of the advisory. minimum: 0 maximum: 10 readOnly: true vector_string: type: string description: The full CVSS vector string for the advisory. readOnly: true nullable: true cwes: type: array description: Details for the advisory pertaining to Common Weakness Enumeration. readOnly: true items: type: object properties: cwe_id: type: string description: The unique CWE ID. readOnly: true name: type: string description: The short, plain text name of the CWE. readOnly: true identifiers: type: array description: >- Values that identify this advisory among security information sources. readOnly: true items: type: object properties: type: type: string description: The type of advisory identifier. readOnly: true enum: - CVE - GHSA value: type: string description: The value of the advisory identifer. readOnly: true references: type: array description: Links to additional advisory information. readOnly: true items: type: object properties: url: type: string description: The URL of the reference. format: uri readOnly: true published_at: type: string description: >- The time that the advisory was published in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true updated_at: type: string description: >- The time that the advisory was last modified in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true withdrawn_at: type: string description: >- The time that the advisory was withdrawn in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true nullable: true security_vulnerability: type: object properties: package: type: object properties: ecosystem: type: string description: The package's language or package management ecosystem. readOnly: true name: type: string description: The unique package name within its ecosystem. readOnly: true severity: type: string description: The severity of the vulnerability. readOnly: true enum: - low - medium - high - critical vulnerable_version_range: type: string description: >- Conditions that identify vulnerable versions of this vulnerability's package. readOnly: true first_patched_version: type: object properties: identifier: type: string description: The package version that patches this vulnerability. readOnly: true url: type: string description: The REST API URL of the alert resource. format: uri readOnly: true html_url: type: string description: The GitHub URL of the alert resource. format: uri readOnly: true created_at: type: string description: >- The time that the alert was created in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true updated_at: type: string description: >- The time that the alert was last updated in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true dismissed_at: type: string description: >- The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true nullable: true dismissed_by: type: object title: Simple User properties: name: nullable: true type: string email: nullable: true type: string login: type: string example: octocat id: type: integer example: 1 node_id: type: string example: MDQ6VXNlcjE= avatar_url: type: string format: uri example: https://github.com/images/error/octocat_happy.gif gravatar_id: type: string example: 41d064eb2195891e12d0413f63227ea7 nullable: true url: type: string format: uri example: https://api.github.com/users/octocat html_url: type: string format: uri example: https://github.com/octocat followers_url: type: string format: uri example: https://api.github.com/users/octocat/followers following_url: type: string example: https://api.github.com/users/octocat/following{/other_user} gists_url: type: string example: https://api.github.com/users/octocat/gists{/gist_id} starred_url: type: string example: https://api.github.com/users/octocat/starred{/owner}{/repo} subscriptions_url: type: string format: uri example: https://api.github.com/users/octocat/subscriptions organizations_url: type: string format: uri example: https://api.github.com/users/octocat/orgs repos_url: type: string format: uri example: https://api.github.com/users/octocat/repos events_url: type: string example: https://api.github.com/users/octocat/events{/privacy} received_events_url: type: string format: uri example: https://api.github.com/users/octocat/received_events type: type: string example: User site_admin: type: boolean starred_at: type: string example: '"2020-07-09T00:17:55Z"' dismissed_reason: type: string description: The reason that the alert was dismissed. nullable: true enum: - fix_started - inaccurate - no_bandwidth - not_used - tolerable_risk dismissed_comment: type: string description: An optional comment associated with the alert's dismissal. nullable: true maxLength: 280 fixed_at: type: string description: >- The time that the alert was no longer detected and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true nullable: true auto_dismissed_at: type: string description: >- The time that the alert was auto-dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`. format: date-time readOnly: true nullable: true repository: type: object title: Simple Repository properties: id: type: integer example: 1296269 description: A unique identifier of the repository. node_id: type: string example: MDEwOlJlcG9zaXRvcnkxMjk2MjY5 description: The GraphQL identifier of the repository. name: type: string example: Hello-World description: The name of the repository. full_name: type: string example: octocat/Hello-World description: The full, globally unique, name of the repository. owner: type: object title: Simple User properties: name: nullable: true type: string email: nullable: true type: string login: type: string example: octocat id: type: integer example: 1 node_id: type: string example: MDQ6VXNlcjE= avatar_url: type: string format: uri example: https://github.com/images/error/octocat_happy.gif gravatar_id: type: string example: 41d064eb2195891e12d0413f63227ea7 nullable: true url: type: string format: uri example: https://api.github.com/users/octocat html_url: type: string format: uri example: https://github.com/octocat followers_url: type: string format: uri example: https://api.github.com/users/octocat/followers following_url: type: string example: https://api.github.com/users/octocat/following{/other_user} gists_url: type: string example: https://api.github.com/users/octocat/gists{/gist_id} starred_url: type: string example: https://api.github.com/users/octocat/starred{/owner}{/repo} subscriptions_url: type: string format: uri example: https://api.github.com/users/octocat/subscriptions organizations_url: type: string format: uri example: https://api.github.com/users/octocat/orgs repos_url: type: string format: uri example: https://api.github.com/users/octocat/repos events_url: type: string example: https://api.github.com/users/octocat/events{/privacy} received_events_url: type: string format: uri example: https://api.github.com/users/octocat/received_events type: type: string example: User site_admin: type: boolean starred_at: type: string example: '"2020-07-09T00:17:55Z"' private: type: boolean description: Whether the repository is private. html_url: type: string format: uri example: https://github.com/octocat/Hello-World description: The URL to view the repository on GitHub.com. description: type: string example: This your first repo! nullable: true description: The repository description. fork: type: boolean description: Whether the repository is a fork. url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World description: >- The URL to get more information about the repository from the GitHub API. archive_url: type: string example: >- https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref} description: A template for the API URL to download the repository as an archive. assignees_url: type: string example: https://api.github.com/repos/octocat/Hello-World/assignees{/user} description: >- A template for the API URL to list the available assignees for issues in the repository. blobs_url: type: string example: https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha} description: >- A template for the API URL to create or retrieve a raw Git blob in the repository. branches_url: type: string example: https://api.github.com/repos/octocat/Hello-World/branches{/branch} description: >- A template for the API URL to get information about branches in the repository. collaborators_url: type: string example: >- https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator} description: >- A template for the API URL to get information about collaborators of the repository. comments_url: type: string example: https://api.github.com/repos/octocat/Hello-World/comments{/number} description: >- A template for the API URL to get information about comments on the repository. commits_url: type: string example: https://api.github.com/repos/octocat/Hello-World/commits{/sha} description: >- A template for the API URL to get information about commits on the repository. compare_url: type: string example: >- https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head} description: A template for the API URL to compare two commits or refs. contents_url: type: string example: https://api.github.com/repos/octocat/Hello-World/contents/{+path} description: A template for the API URL to get the contents of the repository. contributors_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/contributors description: >- A template for the API URL to list the contributors to the repository. deployments_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/deployments description: The API URL to list the deployments of the repository. downloads_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/downloads description: The API URL to list the downloads on the repository. events_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/events description: The API URL to list the events of the repository. forks_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/forks description: The API URL to list the forks of the repository. git_commits_url: type: string example: https://api.github.com/repos/octocat/Hello-World/git/commits{/sha} description: >- A template for the API URL to get information about Git commits of the repository. git_refs_url: type: string example: https://api.github.com/repos/octocat/Hello-World/git/refs{/sha} description: >- A template for the API URL to get information about Git refs of the repository. git_tags_url: type: string example: https://api.github.com/repos/octocat/Hello-World/git/tags{/sha} description: >- A template for the API URL to get information about Git tags of the repository. issue_comment_url: type: string example: >- https://api.github.com/repos/octocat/Hello-World/issues/comments{/number} description: >- A template for the API URL to get information about issue comments on the repository. issue_events_url: type: string example: >- https://api.github.com/repos/octocat/Hello-World/issues/events{/number} description: >- A template for the API URL to get information about issue events on the repository. issues_url: type: string example: https://api.github.com/repos/octocat/Hello-World/issues{/number} description: >- A template for the API URL to get information about issues on the repository. keys_url: type: string example: https://api.github.com/repos/octocat/Hello-World/keys{/key_id} description: >- A template for the API URL to get information about deploy keys on the repository. labels_url: type: string example: https://api.github.com/repos/octocat/Hello-World/labels{/name} description: >- A template for the API URL to get information about labels of the repository. languages_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/languages description: >- The API URL to get information about the languages of the repository. merges_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/merges description: The API URL to merge branches in the repository. milestones_url: type: string example: https://api.github.com/repos/octocat/Hello-World/milestones{/number} description: >- A template for the API URL to get information about milestones of the repository. notifications_url: type: string example: >- https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating} description: >- A template for the API URL to get information about notifications on the repository. pulls_url: type: string example: https://api.github.com/repos/octocat/Hello-World/pulls{/number} description: >- A template for the API URL to get information about pull requests on the repository. releases_url: type: string example: https://api.github.com/repos/octocat/Hello-World/releases{/id} description: >- A template for the API URL to get information about releases on the repository. stargazers_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/stargazers description: The API URL to list the stargazers on the repository. statuses_url: type: string example: https://api.github.com/repos/octocat/Hello-World/statuses/{sha} description: >- A template for the API URL to get information about statuses of a commit. subscribers_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/subscribers description: The API URL to list the subscribers on the repository. subscription_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/subscription description: The API URL to subscribe to notifications for this repository. tags_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/tags description: The API URL to get information about tags on the repository. teams_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/teams description: The API URL to list the teams on the repository. trees_url: type: string example: https://api.github.com/repos/octocat/Hello-World/git/trees{/sha} description: >- A template for the API URL to create or retrieve a raw Git tree of the repository. hooks_url: type: string format: uri example: https://api.github.com/repos/octocat/Hello-World/hooks description: The API URL to list the hooks on the repository.