Code Scanning

Retrieve code scanning alerts from a repository.

List code scanning alerts for an enterprise

get /enterprises/{enterprise}/code-scanning/alerts

Lists code scanning alerts for the default branch for all eligible repositories in an enterprise. Eligible repositories are repositories that are owned by organizations that you own or for which you are a security manager. For more information, see "Managing security managers in your organization."

To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope.

enterprise

string

required

The slug version of the enterprise name. You can also substitute this value with the enterprise id.

tool_name

string

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guid

string or null

The GUID of a code scanning tool. Only results by this tool will be listed. Note that some code scanning tools may not include a GUID in their analysis data. You can specify the tool by using either tool_guid or tool_name, but not both.

before

string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.

after

string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.

page

int

Page number of the results to fetch.

Default: 1

per_page

int

The number of results per page (max 100).

Default: 30

direction

string

The direction to sort the results by.

Default: "desc"
Enum: asc

desc

state

string

If specified, only code scanning alerts with this state will be returned.

Enum: open

closed

dismissed

fixed

sort

string

The property by which to sort the results.

Default: "created"
Enum: created

updated

Response

Examples Schema

Response

[
  {
    "number": 4,
    "created_at": "2020-02-13T12:29:18Z",
    "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4",
    "html_url": "https://github.com/octocat/hello-world/code-scanning/4",
    "state": "open",
    "dismissed_by": null,
    "dismissed_at": null,
    "dismissed_reason": null,
    "dismissed_comment": null,
    "rule": {
      "id": "js/zipslip",
      "severity": "error",
      "tags": [
        "Security",
        "external/cwe/cwe-022"
      ],
      "description": "Arbitrary file write during zip extraction",
      "name": "js/zipslip"
    },
    "tool": {
      "name": "CodeQL",
      "guid": null,
      "version": "2.4.0"
    },
    "most_recent_instance": {
      "ref": "refs/heads/main",
      "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "environment": "{}",
      "state": "open",
      "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
      "message": {
        "text": "This path depends on a user-provided value."
      },
      "location": {
        "path": "spec-main/api-session-spec.ts",
        "start_line": 917,
        "end_line": 917,
        "start_column": 7,
        "end_column": 18
      },
      "classifications": [
        "test"
      ]
    },
    "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4/instances",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
    }
  },
  {
    "number": 3,
    "created_at": "2020-02-13T12:29:18Z",
    "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3",
    "html_url": "https://github.com/octocat/hello-world/code-scanning/3",
    "state": "dismissed",
    "dismissed_by": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "dismissed_at": "2020-02-14T12:29:18Z",
    "dismissed_reason": "false positive",
    "dismissed_comment": "This alert is not actually correct, because there's a sanitizer included in the library.",
    "rule": {
      "id": "js/zipslip",
      "severity": "error",
      "tags": [
        "Security",
        "external/cwe/cwe-022"
      ],
      "description": "Arbitrary file write during zip extraction",
      "name": "js/zipslip"
    },
    "tool": {
      "name": "CodeQL",
      "guid": null,
      "version": "2.4.0"
    },
    "most_recent_instance": {
      "ref": "refs/heads/main",
      "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "environment": "{}",
      "state": "open",
      "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
      "message": {
        "text": "This path depends on a user-provided value."
      },
      "location": {
        "path": "lib/ab12-gen.js",
        "start_line": 917,
        "end_line": 917,
        "start_column": 7,
        "end_column": 18
      },
      "classifications": []
    },
    "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3/instances",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
    }
  }
]

Resource not found

{
  "message": "string",
  "documentation_url": "string",
  "url": "string",
  "status": "string"
}

Service unavailable

{
  "code": "string",
  "message": "string",
  "documentation_url": "string"
}

array[object]

object

number

int

required

The security alert number.

created_at

string

date-time

required

The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

updated_at

string

date-time

The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

url

string

uri

required

The REST API URL of the alert resource.

html_url

string

uri

required

The GitHub URL of the alert resource.

instances_url

string

uri

required

The REST API URL for fetching the list of instances for an alert.

state

string

required

State of a code scanning alert.

Enum: open

closed

dismissed

fixed

fixed_at

string or null

date-time

The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_by

object (dismissed_by) or null

required

A GitHub user.

name

string or null

string

required

Example: "octocat"

int

required

Example: 1

node_id

string

required

Example: "MDQ6VXNlcjE="

avatar_url

string

uri

required

Example: "https://github.com/images/error/octocat_happy.gif"

gravatar_id

string or null

required

Example: "41d064eb2195891e12d0413f63227ea7"

url

string

uri

required

Example: "https://api.github.com/users/octocat"

html_url

string

uri

required

Example: "https://github.com/octocat"

followers_url

string

uri

required

Example: "https://api.github.com/users/octocat/followers"

following_url

string

required

Example: "https://api.github.com/users/octocat/following{/other_user}"

gists_url

string

required

Example: "https://api.github.com/users/octocat/gists{/gist_id}"

starred_url

string

required

Example: "https://api.github.com/users/octocat/starred{/owner}{/repo}"

subscriptions_url

string

uri

required

Example: "https://api.github.com/users/octocat/subscriptions"

organizations_url

string

uri

required

Example: "https://api.github.com/users/octocat/orgs"

repos_url

string

uri

required

Example: "https://api.github.com/users/octocat/repos"

events_url

string

required

Example: "https://api.github.com/users/octocat/events{/privacy}"

received_events_url

string

uri

required

Example: "https://api.github.com/users/octocat/received_events"

type

string

required

Example: "User"

site_admin

boolean

required

starred_at

string

Example: "\"2020-07-09T00:17:55Z\""

dismissed_at

string or null

date-time

required

The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_reason

string or null

required

Required when the state is dismissed. The reason for dismissing or closing the alert.

Enum: null

false positive

won't fix

used in tests

dismissed_comment

string or null

The dismissal comment associated with the dismissal of the alert.

Max Length: 280

rule

object (rule)

required

string or null

A unique identifier for the rule used to detect the alert.

name

string

The name of the rule used to detect the alert.

severity

string or null

The severity of the alert.

Enum: none

note

warning

error

security_severity_level

string or null

The security severity of the alert.

Enum: low

medium

high

critical

description

string

A short description of the rule used to detect the alert.

full_description

string

description of the rule used to detect the alert.

List code scanning alerts for an organization

get /orgs/{org}/code-scanning/alerts

Lists code scanning alerts for the default branch for all eligible repositories in an organization. Eligible repositories are repositories that are owned by organizations that you own or for which you are a security manager. For more information, see "Managing security managers in your organization."

To use this endpoint, you must be an owner or security manager for the organization, and you must use an access token with the repo scope or security_events scope.

For public repositories, you may instead use the public_repo scope.

GitHub Apps must have the security_events read permission to use this endpoint.

org

string

required

The organization name. The name is not case sensitive.

tool_name

string

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guid

string or null

before

string

A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.

after

string

A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.

page

int

Page number of the results to fetch.

Default: 1

per_page

int

The number of results per page (max 100).

Default: 30

direction

string

The direction to sort the results by.

Default: "desc"
Enum: asc

desc

state

string

If specified, only code scanning alerts with this state will be returned.

Enum: open

closed

dismissed

fixed

sort

string

The property by which to sort the results.

Default: "created"
Enum: created

updated

severity

string

If specified, only code scanning alerts with this severity will be returned.

Enum: critical

high

medium

low

warning

note

error

Response

Examples Schema

Response

[
  {
    "number": 4,
    "created_at": "2020-02-13T12:29:18Z",
    "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4",
    "html_url": "https://github.com/octocat/hello-world/code-scanning/4",
    "state": "open",
    "dismissed_by": null,
    "dismissed_at": null,
    "dismissed_reason": null,
    "dismissed_comment": null,
    "rule": {
      "id": "js/zipslip",
      "severity": "error",
      "tags": [
        "Security",
        "external/cwe/cwe-022"
      ],
      "description": "Arbitrary file write during zip extraction",
      "name": "js/zipslip"
    },
    "tool": {
      "name": "CodeQL",
      "guid": null,
      "version": "2.4.0"
    },
    "most_recent_instance": {
      "ref": "refs/heads/main",
      "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "environment": "{}",
      "state": "open",
      "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
      "message": {
        "text": "This path depends on a user-provided value."
      },
      "location": {
        "path": "spec-main/api-session-spec.ts",
        "start_line": 917,
        "end_line": 917,
        "start_column": 7,
        "end_column": 18
      },
      "classifications": [
        "test"
      ]
    },
    "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4/instances",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
    }
  },
  {
    "number": 3,
    "created_at": "2020-02-13T12:29:18Z",
    "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3",
    "html_url": "https://github.com/octocat/hello-world/code-scanning/3",
    "state": "dismissed",
    "dismissed_by": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "dismissed_at": "2020-02-14T12:29:18Z",
    "dismissed_reason": "false positive",
    "dismissed_comment": "This alert is not actually correct, because there's a sanitizer included in the library.",
    "rule": {
      "id": "js/zipslip",
      "severity": "error",
      "tags": [
        "Security",
        "external/cwe/cwe-022"
      ],
      "description": "Arbitrary file write during zip extraction",
      "name": "js/zipslip"
    },
    "tool": {
      "name": "CodeQL",
      "guid": null,
      "version": "2.4.0"
    },
    "most_recent_instance": {
      "ref": "refs/heads/main",
      "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "environment": "{}",
      "state": "open",
      "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
      "message": {
        "text": "This path depends on a user-provided value."
      },
      "location": {
        "path": "lib/ab12-gen.js",
        "start_line": 917,
        "end_line": 917,
        "start_column": 7,
        "end_column": 18
      },
      "classifications": []
    },
    "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3/instances",
    "repository": {
      "id": 1296269,
      "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
      "name": "Hello-World",
      "full_name": "octocat/Hello-World",
      "owner": {
        "login": "octocat",
        "id": 1,
        "node_id": "MDQ6VXNlcjE=",
        "avatar_url": "https://github.com/images/error/octocat_happy.gif",
        "gravatar_id": "",
        "url": "https://api.github.com/users/octocat",
        "html_url": "https://github.com/octocat",
        "followers_url": "https://api.github.com/users/octocat/followers",
        "following_url": "https://api.github.com/users/octocat/following{/other_user}",
        "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
        "organizations_url": "https://api.github.com/users/octocat/orgs",
        "repos_url": "https://api.github.com/users/octocat/repos",
        "events_url": "https://api.github.com/users/octocat/events{/privacy}",
        "received_events_url": "https://api.github.com/users/octocat/received_events",
        "type": "User",
        "site_admin": false
      },
      "private": false,
      "html_url": "https://github.com/octocat/Hello-World",
      "description": "This your first repo!",
      "fork": false,
      "url": "https://api.github.com/repos/octocat/Hello-World",
      "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
      "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}",
      "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
      "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}",
      "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
      "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}",
      "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}",
      "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
      "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}",
      "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors",
      "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments",
      "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads",
      "events_url": "https://api.github.com/repos/octocat/Hello-World/events",
      "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks",
      "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
      "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
      "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
      "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
      "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
      "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}",
      "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
      "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}",
      "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages",
      "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges",
      "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}",
      "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
      "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}",
      "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}",
      "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers",
      "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
      "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers",
      "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription",
      "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags",
      "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams",
      "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
      "hooks_url": "https://api.github.com/repos/octocat/Hello-World/hooks"
    }
  }
]

Resource not found

{
  "message": "string",
  "documentation_url": "string",
  "url": "string",
  "status": "string"
}

Service unavailable

{
  "code": "string",
  "message": "string",
  "documentation_url": "string"
}

array[object]

object

number

int

required

The security alert number.

created_at

string

date-time

required

The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

updated_at

string

date-time

The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

url

string

uri

required

The REST API URL of the alert resource.

html_url

string

uri

required

The GitHub URL of the alert resource.

instances_url

string

uri

required

The REST API URL for fetching the list of instances for an alert.

state

string

required

State of a code scanning alert.

Enum: open

closed

dismissed

fixed

fixed_at

string or null

date-time

The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_by

object (dismissed_by) or null

required

A GitHub user.

name

string or null

string

required

Example: "octocat"

int

required

Example: 1

node_id

string

required

Example: "MDQ6VXNlcjE="

avatar_url

string

uri

required

Example: "https://github.com/images/error/octocat_happy.gif"

gravatar_id

string or null

required

Example: "41d064eb2195891e12d0413f63227ea7"

url

string

uri

required

Example: "https://api.github.com/users/octocat"

html_url

string

uri

required

Example: "https://github.com/octocat"

followers_url

string

uri

required

Example: "https://api.github.com/users/octocat/followers"

following_url

string

required

Example: "https://api.github.com/users/octocat/following{/other_user}"

gists_url

string

required

Example: "https://api.github.com/users/octocat/gists{/gist_id}"

starred_url

string

required

Example: "https://api.github.com/users/octocat/starred{/owner}{/repo}"

subscriptions_url

string

uri

required

Example: "https://api.github.com/users/octocat/subscriptions"

organizations_url

string

uri

required

Example: "https://api.github.com/users/octocat/orgs"

repos_url

string

uri

required

Example: "https://api.github.com/users/octocat/repos"

events_url

string

required

Example: "https://api.github.com/users/octocat/events{/privacy}"

received_events_url

string

uri

required

Example: "https://api.github.com/users/octocat/received_events"

type

string

required

Example: "User"

site_admin

boolean

required

starred_at

string

Example: "\"2020-07-09T00:17:55Z\""

dismissed_at

string or null

date-time

required

The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_reason

string or null

required

Required when the state is dismissed. The reason for dismissing or closing the alert.

Enum: null

false positive

won't fix

used in tests

dismissed_comment

string or null

The dismissal comment associated with the dismissal of the alert.

Max Length: 280

rule

object (rule)

required

string or null

A unique identifier for the rule used to detect the alert.

name

string

The name of the rule used to detect the alert.

severity

string or null

The severity of the alert.

Enum: none

note

warning

error

security_severity_level

string or null

The security severity of the alert.

Enum: low

medium

high

critical

description

string

A short description of the rule used to detect the alert.

full_description

string

description of the rule used to detect the alert.

List code scanning alerts for a repository

get /repos/{owner}/{repo}/code-scanning/alerts

Lists code scanning alerts.

To use this endpoint, you must use an access token with the security_events scope or, for alerts from public repositories only, an access token with the public_repo scope.

GitHub Apps must have the security_events read permission to use this endpoint.

The response includes a most_recent_instance object. This provides details of the most recent instance of this alert for the default branch (or for the specified Git reference if you used ref in the request).

owner

string

required

The account owner of the repository. The name is not case sensitive.

repo

string

required

The name of the repository. The name is not case sensitive.

tool_name

string

The name of a code scanning tool. Only results by this tool will be listed. You can specify the tool by using either tool_name or tool_guid, but not both.

tool_guid

string or null

page

int

Page number of the results to fetch.

Default: 1

per_page

int

The number of results per page (max 100).

Default: 30

ref

string

The Git reference for the results you want to list. The ref for a branch can be formatted either as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge.

direction

string

The direction to sort the results by.

Default: "desc"
Enum: asc

desc

sort

string

The property by which to sort the results.

Default: "created"
Enum: created

updated

state

string

If specified, only code scanning alerts with this state will be returned.

Enum: open

closed

dismissed

fixed

severity

string

If specified, only code scanning alerts with this severity will be returned.

Enum: critical

high

medium

low

warning

note

error

Response

Examples Schema

Response

[
  {
    "number": 4,
    "created_at": "2020-02-13T12:29:18Z",
    "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4",
    "html_url": "https://github.com/octocat/hello-world/code-scanning/4",
    "state": "open",
    "fixed_at": null,
    "dismissed_by": null,
    "dismissed_at": null,
    "dismissed_reason": null,
    "dismissed_comment": null,
    "rule": {
      "id": "js/zipslip",
      "severity": "error",
      "tags": [
        "Security",
        "external/cwe/cwe-022"
      ],
      "description": "Arbitrary file write during zip extraction",
      "name": "js/zipslip"
    },
    "tool": {
      "name": "CodeQL",
      "guid": null,
      "version": "2.4.0"
    },
    "most_recent_instance": {
      "ref": "refs/heads/main",
      "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "environment": "{}",
      "state": "open",
      "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
      "message": {
        "text": "This path depends on a user-provided value."
      },
      "location": {
        "path": "spec-main/api-session-spec.ts",
        "start_line": 917,
        "end_line": 917,
        "start_column": 7,
        "end_column": 18
      },
      "classifications": [
        "test"
      ]
    },
    "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/4/instances"
  },
  {
    "number": 3,
    "created_at": "2020-02-13T12:29:18Z",
    "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3",
    "html_url": "https://github.com/octocat/hello-world/code-scanning/3",
    "state": "dismissed",
    "fixed_at": null,
    "dismissed_by": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "dismissed_at": "2020-02-14T12:29:18Z",
    "dismissed_reason": "false positive",
    "dismissed_comment": "This alert is not actually correct, because there's a sanitizer included in the library.",
    "rule": {
      "id": "js/zipslip",
      "severity": "error",
      "tags": [
        "Security",
        "external/cwe/cwe-022"
      ],
      "description": "Arbitrary file write during zip extraction",
      "name": "js/zipslip"
    },
    "tool": {
      "name": "CodeQL",
      "guid": null,
      "version": "2.4.0"
    },
    "most_recent_instance": {
      "ref": "refs/heads/main",
      "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
      "environment": "{}",
      "state": "open",
      "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
      "message": {
        "text": "This path depends on a user-provided value."
      },
      "location": {
        "path": "lib/ab12-gen.js",
        "start_line": 917,
        "end_line": 917,
        "start_column": 7,
        "end_column": 18
      },
      "classifications": []
    },
    "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/3/instances"
  }
]

Not modified

Empty response

Response if GitHub Advanced Security is not enabled for this repository

{
  "message": "string",
  "documentation_url": "string",
  "url": "string",
  "status": "string"
}

Resource not found

{
  "message": "string",
  "documentation_url": "string",
  "url": "string",
  "status": "string"
}

Service unavailable

{
  "code": "string",
  "message": "string",
  "documentation_url": "string"
}

array[object]

object

number

int

required

The security alert number.

created_at

string

date-time

required

The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

updated_at

string

date-time

The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

url

string

uri

required

The REST API URL of the alert resource.

html_url

string

uri

required

The GitHub URL of the alert resource.

instances_url

string

uri

required

The REST API URL for fetching the list of instances for an alert.

state

string

required

State of a code scanning alert.

Enum: open

closed

dismissed

fixed

fixed_at

string or null

date-time

The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_by

object (dismissed_by) or null

required

A GitHub user.

name

string or null

string

required

Example: "octocat"

int

required

Example: 1

node_id

string

required

Example: "MDQ6VXNlcjE="

avatar_url

string

uri

required

Example: "https://github.com/images/error/octocat_happy.gif"

gravatar_id

string or null

required

Example: "41d064eb2195891e12d0413f63227ea7"

url

string

uri

required

Example: "https://api.github.com/users/octocat"

html_url

string

uri

required

Example: "https://github.com/octocat"

followers_url

string

uri

required

Example: "https://api.github.com/users/octocat/followers"

following_url

string

required

Example: "https://api.github.com/users/octocat/following{/other_user}"

gists_url

string

required

Example: "https://api.github.com/users/octocat/gists{/gist_id}"

starred_url

string

required

Example: "https://api.github.com/users/octocat/starred{/owner}{/repo}"

subscriptions_url

string

uri

required

Example: "https://api.github.com/users/octocat/subscriptions"

organizations_url

string

uri

required

Example: "https://api.github.com/users/octocat/orgs"

repos_url

string

uri

required

Example: "https://api.github.com/users/octocat/repos"

events_url

string

required

Example: "https://api.github.com/users/octocat/events{/privacy}"

received_events_url

string

uri

required

Example: "https://api.github.com/users/octocat/received_events"

type

string

required

Example: "User"

site_admin

boolean

required

starred_at

string

Example: "\"2020-07-09T00:17:55Z\""

dismissed_at

string or null

date-time

required

The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_reason

string or null

required

Required when the state is dismissed. The reason for dismissing or closing the alert.

Enum: null

false positive

won't fix

used in tests

dismissed_comment

string or null

The dismissal comment associated with the dismissal of the alert.

Max Length: 280

rule

object (rule)

required

string or null

A unique identifier for the rule used to detect the alert.

name

string

The name of the rule used to detect the alert.

Get a code scanning alert

get /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}

Gets a single code scanning alert. You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint.

owner

string

required

The account owner of the repository. The name is not case sensitive.

repo

string

required

The name of the repository. The name is not case sensitive.

alert_number

int

required

The number that identifies an alert. You can find this at the end of the URL for a code scanning alert within GitHub, and in the number field in the response from the GET /repos/{owner}/{repo}/code-scanning/alerts operation.

Response

Examples Schema

Response

{
  "number": 42,
  "created_at": "2020-06-19T11:21:34Z",
  "url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/42",
  "html_url": "https://github.com/octocat/hello-world/code-scanning/42",
  "state": "dismissed",
  "fixed_at": null,
  "dismissed_by": {
    "login": "octocat",
    "id": 54933897,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  },
  "dismissed_at": "2020-02-14T12:29:18Z",
  "dismissed_reason": "false positive",
  "dismissed_comment": "This alert is not actually correct, because there's a sanitizer included in the library.",
  "rule": {
    "id": "js/zipslip",
    "severity": "error",
    "security_severity_level": "high",
    "description": "Arbitrary file write during zip extraction (\"Zip Slip\")",
    "name": "js/zipslip",
    "full_description": "Extracting files from a malicious zip archive without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten.",
    "tags": [
      "Security",
      "external/cwe/cwe-022"
    ],
    "help": "# Arbitrary file write during zip extraction (\"Zip Slip\")\\nExtracting files from a malicious zip archive without validating that the destination file path is within the destination directory can cause files outside the destination directory to be overwritten ...",
    "help_uri": "https://codeql.github.com/"
  },
  "tool": {
    "name": "CodeQL",
    "guid": null,
    "version": "2.4.0"
  },
  "most_recent_instance": {
    "ref": "refs/heads/main",
    "analysis_key": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
    "category": ".github/workflows/codeql-analysis.yml:CodeQL-Build",
    "environment": "{}",
    "state": "dismissed",
    "commit_sha": "39406e42cb832f683daa691dd652a8dc36ee8930",
    "message": {
      "text": "This path depends on a user-provided value."
    },
    "location": {
      "path": "spec-main/api-session-spec.ts",
      "start_line": 917,
      "end_line": 917,
      "start_column": 7,
      "end_column": 18
    },
    "classifications": [
      "test"
    ]
  },
  "instances_url": "https://api.github.com/repos/octocat/hello-world/code-scanning/alerts/42/instances"
}

Not modified

Empty response

Response if GitHub Advanced Security is not enabled for this repository

{
  "message": "string",
  "documentation_url": "string",
  "url": "string",
  "status": "string"
}

Resource not found

{
  "message": "string",
  "documentation_url": "string",
  "url": "string",
  "status": "string"
}

Service unavailable

{
  "code": "string",
  "message": "string",
  "documentation_url": "string"
}

number

int

required

The security alert number.

created_at

string

date-time

required

The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

updated_at

string

date-time

The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

url

string

uri

required

The REST API URL of the alert resource.

html_url

string

uri

required

The GitHub URL of the alert resource.

instances_url

string

uri

required

The REST API URL for fetching the list of instances for an alert.

state

string

required

State of a code scanning alert.

Enum: open

closed

dismissed

fixed

fixed_at

string or null

date-time

The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.

dismissed_by

object (dismissed_by) or null

required

A GitHub user.