Dependabot
Download SpecEndpoints to manage Dependabot.
List Dependabot alerts for an enterprise
Lists Dependabot alerts for repositories that are owned by the specified enterprise.
To use this endpoint, you must be a member of the enterprise, and you must use an
access token with the repo scope or security_events scope.
Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. For more information about security managers, see "Managing security managers in your organization."
enterprise
string
required
The slug version of the enterprise name. You can also substitute this value with the enterprise id.
state
string
A comma-separated list of states. If specified, only alerts with these states will be returned.
Can be: auto_dismissed, dismissed, fixed, open
severity
string
A comma-separated list of severities. If specified, only alerts with these severities will be returned.
Can be: low, medium, high, critical
ecosystem
string
A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.
Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust
package
string
A comma-separated list of package names. If specified, only alerts for these packages will be returned.
scope
string
The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.
- Enum
-
- development
- runtime
sort
string
The property by which to sort the results.
created means when the alert was created.
updated means when the alert's state last changed.
- Default
- "created"
- Enum
-
- created
- updated
direction
string
The direction to sort the results by.
- Default
- "desc"
- Enum
-
- asc
- desc
before
string
A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.
after
string
A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.
first
int
Deprecated. The number of results per page (max 100), starting from the first matching result.
This parameter must not be used in combination with last.
Instead, use per_page in combination with after to fetch the first page of results.
- Default
- 30
- Min
- 1
- Max
- 100
last
int
Deprecated. The number of results per page (max 100), starting from the last matching result.
This parameter must not be used in combination with first.
Instead, use per_page in combination with before to fetch the last page of results.
- Min
- 1
- Max
- 100
per_page
int
The number of results per page (max 100).
- Default
- 30
Response
Response
Not modified
Empty response
Forbidden
Resource not found
Validation failed, or the endpoint has been spammed.
array[object]
object
A Dependabot alert.
number
int
required
The security alert number.
state
string
required
The state of the Dependabot alert.
- Enum
-
- auto_dismissed
- dismissed
- fixed
- open
dependency
object (dependency)
required
Details for the vulnerable dependency.
package
object (package)
Details for the vulnerable package.
ecosystem
string
required
The package's language or package management ecosystem.
name
string
required
The unique package name within its ecosystem.
manifest_path
string
The full path to the dependency manifest file, relative to the root of the repository.
scope
string or null
The execution scope of the vulnerable dependency.
- Enum
-
- development
- runtime
security_advisory
object (security_advisory)
required
Details for the GitHub Security Advisory.
ghsa_id
string
required
The unique GitHub Security Advisory ID assigned to the advisory.
cve_id
string or null
required
The unique CVE ID assigned to the advisory.
summary
string
required
A short, plain text summary of the advisory.
- Max Length
- 1024
description
string
required
A long-form Markdown-supported description of the advisory.
vulnerabilities
array[object]
required
Vulnerable version range information for the advisory.
object
Details pertaining to one vulnerable version range for the advisory.
package
object (package)
required
Details for the vulnerable package.
ecosystem
string
required
The package's language or package management ecosystem.
name
string
required
The unique package name within its ecosystem.
severity
string
required
The severity of the vulnerability.
- Enum
-
- low
- medium
- high
- critical
vulnerable_version_range
string
required
Conditions that identify vulnerable versions of this vulnerability's package.
first_patched_version
object (first_patched_version) or null
required
Details pertaining to the package version that patches this vulnerability.
identifier
string
required
The package version that patches this vulnerability.
severity
string
required
The severity of the advisory.
- Enum
-
- low
- medium
- high
- critical
cvss
object (cvss)
required
Details for the advisory pertaining to the Common Vulnerability Scoring System.
score
number
required
The overall CVSS score of the advisory.
- Min
- 0
- Max
- 10
vector_string
string or null
required
The full CVSS vector string for the advisory.
cwes
array[object]
required
Details for the advisory pertaining to Common Weakness Enumeration.
object
A CWE weakness assigned to the advisory.
cwe_id
string
required
The unique CWE ID.
name
string
required
The short, plain text name of the CWE.
identifiers
array[object]
required
Values that identify this advisory among security information sources.
object
An advisory identifier.
type
string
required
The type of advisory identifier.
- Enum
-
- CVE
- GHSA
value
string
required
The value of the advisory identifer.
references
array[object]
required
Links to additional advisory information.
object
A link to additional advisory information.
url
string
uri
required
The URL of the reference.
published_at
string
date-time
required
The time that the advisory was published in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
updated_at
string
date-time
required
The time that the advisory was last modified in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
withdrawn_at
string or null
date-time
required
The time that the advisory was withdrawn in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
security_vulnerability
object (security_vulnerability)
required
Details pertaining to one vulnerable version range for the advisory.
package
object (package)
required
Details for the vulnerable package.
ecosystem
string
required
The package's language or package management ecosystem.
name
string
required
The unique package name within its ecosystem.
severity
string
required
The severity of the vulnerability.
- Enum
-
- low
- medium
- high
- critical
vulnerable_version_range
string
required
Conditions that identify vulnerable versions of this vulnerability's package.
first_patched_version
object (first_patched_version) or null
required
Details pertaining to the package version that patches this vulnerability.
identifier
string
required
The package version that patches this vulnerability.
url
string
uri
required
The REST API URL of the alert resource.
html_url
string
uri
required
The GitHub URL of the alert resource.
created_at
string
date-time
required
The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
updated_at
string
date-time
required
The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_at
string or null
date-time
required
The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_by
object (dismissed_by) or null
required
A GitHub user.
name
string or null
string or null
login
string
required
- Example
- "octocat"
id
int
required
- Example
- 1
node_id
string
required
- Example
- "MDQ6VXNlcjE="
avatar_url
string
uri
required
- Example
- "https://github.com/images/error/octocat_happy.gif"
gravatar_id
string or null
required
- Example
- "41d064eb2195891e12d0413f63227ea7"
url
string
uri
required
- Example
- "https://api.github.com/users/octocat"
html_url
string
uri
required
- Example
- "https://github.com/octocat"
followers_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/followers"
following_url
string
required
- Example
- "https://api.github.com/users/octocat/following{/other_user}"
gists_url
string
required
- Example
- "https://api.github.com/users/octocat/gists{/gist_id}"
starred_url
string
required
- Example
- "https://api.github.com/users/octocat/starred{/owner}{/repo}"
subscriptions_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/subscriptions"
organizations_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/orgs"
repos_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/repos"
events_url
string
required
- Example
- "https://api.github.com/users/octocat/events{/privacy}"
received_events_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/received_events"
type
string
required
- Example
- "User"
site_admin
boolean
required
starred_at
string
- Example
- "\"2020-07-09T00:17:55Z\""
dismissed_reason
string or null
required
The reason that the alert was dismissed.
- Enum
-
- fix_started
- inaccurate
- no_bandwidth
- not_used
- tolerable_risk
dismissed_comment
string or null
required
An optional comment associated with the alert's dismissal.
- Max Length
- 280
fixed_at
string or null
date-time
required
The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
auto_dismissed_at
string or null
date-time
The time that the alert was auto-dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
repository
object (repository)
required
A GitHub repository.
id
int
required
A unique identifier of the repository.
- Example
- 1296269
node_id
string
required
The GraphQL identifier of the repository.
- Example
- "MDEwOlJlcG9zaXRvcnkxMjk2MjY5"
name
string
required
The name of the repository.
- Example
- "Hello-World"
full_name
string
required
The full, globally unique, name of the repository.
- Example
- "octocat/Hello-World"
owner
object (owner)
required
A GitHub user.
name
string or null
string or null
login
string
required
- Example
- "octocat"
id
int
required
- Example
- 1
node_id
string
required
- Example
- "MDQ6VXNlcjE="
avatar_url
string
uri
required
- Example
- "https://github.com/images/error/octocat_happy.gif"
gravatar_id
string or null
required
- Example
- "41d064eb2195891e12d0413f63227ea7"
url
string
uri
required
- Example
- "https://api.github.com/users/octocat"
html_url
string
uri
required
- Example
- "https://github.com/octocat"
followers_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/followers"
following_url
string
required
- Example
- "https://api.github.com/users/octocat/following{/other_user}"
gists_url
string
required
- Example
- "https://api.github.com/users/octocat/gists{/gist_id}"
starred_url
string
required
- Example
- "https://api.github.com/users/octocat/starred{/owner}{/repo}"
subscriptions_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/subscriptions"
organizations_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/orgs"
repos_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/repos"
events_url
string
required
- Example
- "https://api.github.com/users/octocat/events{/privacy}"
received_events_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/received_events"
type
string
required
- Example
- "User"
site_admin
boolean
required
starred_at
string
- Example
- "\"2020-07-09T00:17:55Z\""
private
boolean
required
Whether the repository is private.
html_url
string
uri
required
The URL to view the repository on GitHub.com.
- Example
- "https://github.com/octocat/Hello-World"
description
string or null
required
The repository description.
- Example
- "This your first repo!"
fork
boolean
required
Whether the repository is a fork.
url
string
uri
required
The URL to get more information about the repository from the GitHub API.
- Example
- "https://api.github.com/repos/octocat/Hello-World"
archive_url
string
required
A template for the API URL to download the repository as an archive.
- Example
- "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}"
assignees_url
string
required
A template for the API URL to list the available assignees for issues in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/assignees{/user}"
blobs_url
string
required
A template for the API URL to create or retrieve a raw Git blob in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}"
branches_url
string
required
A template for the API URL to get information about branches in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/branches{/branch}"
collaborators_url
string
required
A template for the API URL to get information about collaborators of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}"
comments_url
string
required
A template for the API URL to get information about comments on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/comments{/number}"
commits_url
string
required
A template for the API URL to get information about commits on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/commits{/sha}"
compare_url
string
required
A template for the API URL to compare two commits or refs.
- Example
- "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}"
contents_url
string
required
A template for the API URL to get the contents of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/contents/{+path}"
contributors_url
string
uri
required
A template for the API URL to list the contributors to the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/contributors"
deployments_url
string
uri
required
The API URL to list the deployments of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/deployments"
downloads_url
string
uri
required
The API URL to list the downloads on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/downloads"
events_url
string
uri
required
The API URL to list the events of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/events"
forks_url
string
uri
required
The API URL to list the forks of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/forks"
git_commits_url
string
required
A template for the API URL to get information about Git commits of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}"
git_refs_url
string
required
A template for the API URL to get information about Git refs of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}"
git_tags_url
string
required
A template for the API URL to get information about Git tags of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}"
issue_comment_url
string
required
A template for the API URL to get information about issue comments on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}"
issue_events_url
string
required
A template for the API URL to get information about issue events on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}"
issues_url
string
required
A template for the API URL to get information about issues on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/issues{/number}"
keys_url
string
required
A template for the API URL to get information about deploy keys on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}"
labels_url
string
required
A template for the API URL to get information about labels of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/labels{/name}"
languages_url
string
uri
required
The API URL to get information about the languages of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/languages"
merges_url
string
uri
required
The API URL to merge branches in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/merges"
milestones_url
string
required
A template for the API URL to get information about milestones of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/milestones{/number}"
notifications_url
string
required
A template for the API URL to get information about notifications on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}"
pulls_url
string
required
A template for the API URL to get information about pull requests on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/pulls{/number}"
releases_url
string
required
A template for the API URL to get information about releases on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/releases{/id}"
stargazers_url
string
uri
required
The API URL to list the stargazers on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/stargazers"
statuses_url
string
required
A template for the API URL to get information about statuses of a commit.
- Example
- "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}"
subscribers_url
string
uri
required
The API URL to list the subscribers on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/subscribers"
subscription_url
string
uri
required
The API URL to subscribe to notifications for this repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/subscription"
tags_url
string
uri
required
The API URL to get information about tags on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/tags"
teams_url
string
uri
required
The API URL to list the teams on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/teams"
trees_url
string
required
A template for the API URL to create or retrieve a raw Git tree of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}"
hooks_url
string
uri
required
The API URL to list the hooks on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/hooks"
No schema
message
string
documentation_url
string
url
string
status
string
message
string
documentation_url
string
url
string
status
string
message
string
required
documentation_url
string
required
errors
array[string]
string
List Dependabot alerts for an organization
Lists Dependabot alerts for an organization.
To use this endpoint, you must be an owner or security manager for the organization, and you must use an access token with the repo scope or security_events scope.
For public repositories, you may instead use the public_repo scope.
GitHub Apps must have Dependabot alerts read permission to use this endpoint.
org
string
required
The organization name. The name is not case sensitive.
state
string
A comma-separated list of states. If specified, only alerts with these states will be returned.
Can be: auto_dismissed, dismissed, fixed, open
severity
string
A comma-separated list of severities. If specified, only alerts with these severities will be returned.
Can be: low, medium, high, critical
ecosystem
string
A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.
Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust
package
string
A comma-separated list of package names. If specified, only alerts for these packages will be returned.
scope
string
The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.
- Enum
-
- development
- runtime
sort
string
The property by which to sort the results.
created means when the alert was created.
updated means when the alert's state last changed.
- Default
- "created"
- Enum
-
- created
- updated
direction
string
The direction to sort the results by.
- Default
- "desc"
- Enum
-
- asc
- desc
before
string
A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.
after
string
A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.
first
int
Deprecated. The number of results per page (max 100), starting from the first matching result.
This parameter must not be used in combination with last.
Instead, use per_page in combination with after to fetch the first page of results.
- Default
- 30
- Min
- 1
- Max
- 100
last
int
Deprecated. The number of results per page (max 100), starting from the last matching result.
This parameter must not be used in combination with first.
Instead, use per_page in combination with before to fetch the last page of results.
- Min
- 1
- Max
- 100
per_page
int
The number of results per page (max 100).
- Default
- 30
Response
Response
Not modified
Empty response
Bad Request
Forbidden
Resource not found
Validation failed, or the endpoint has been spammed.
array[object]
object
A Dependabot alert.
number
int
required
The security alert number.
state
string
required
The state of the Dependabot alert.
- Enum
-
- auto_dismissed
- dismissed
- fixed
- open
dependency
object (dependency)
required
Details for the vulnerable dependency.
package
object (package)
Details for the vulnerable package.
ecosystem
string
required
The package's language or package management ecosystem.
name
string
required
The unique package name within its ecosystem.
manifest_path
string
The full path to the dependency manifest file, relative to the root of the repository.
scope
string or null
The execution scope of the vulnerable dependency.
- Enum
-
- development
- runtime
security_advisory
object (security_advisory)
required
Details for the GitHub Security Advisory.
ghsa_id
string
required
The unique GitHub Security Advisory ID assigned to the advisory.
cve_id
string or null
required
The unique CVE ID assigned to the advisory.
summary
string
required
A short, plain text summary of the advisory.
- Max Length
- 1024
description
string
required
A long-form Markdown-supported description of the advisory.
vulnerabilities
array[object]
required
Vulnerable version range information for the advisory.
object
Details pertaining to one vulnerable version range for the advisory.
package
object (package)
required
Details for the vulnerable package.
ecosystem
string
required
The package's language or package management ecosystem.
name
string
required
The unique package name within its ecosystem.
severity
string
required
The severity of the vulnerability.
- Enum
-
- low
- medium
- high
- critical
vulnerable_version_range
string
required
Conditions that identify vulnerable versions of this vulnerability's package.
first_patched_version
object (first_patched_version) or null
required
Details pertaining to the package version that patches this vulnerability.
identifier
string
required
The package version that patches this vulnerability.
severity
string
required
The severity of the advisory.
- Enum
-
- low
- medium
- high
- critical
cvss
object (cvss)
required
Details for the advisory pertaining to the Common Vulnerability Scoring System.
score
number
required
The overall CVSS score of the advisory.
- Min
- 0
- Max
- 10
vector_string
string or null
required
The full CVSS vector string for the advisory.
cwes
array[object]
required
Details for the advisory pertaining to Common Weakness Enumeration.
object
A CWE weakness assigned to the advisory.
cwe_id
string
required
The unique CWE ID.
name
string
required
The short, plain text name of the CWE.
identifiers
array[object]
required
Values that identify this advisory among security information sources.
object
An advisory identifier.
type
string
required
The type of advisory identifier.
- Enum
-
- CVE
- GHSA
value
string
required
The value of the advisory identifer.
references
array[object]
required
Links to additional advisory information.
object
A link to additional advisory information.
url
string
uri
required
The URL of the reference.
published_at
string
date-time
required
The time that the advisory was published in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
updated_at
string
date-time
required
The time that the advisory was last modified in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
withdrawn_at
string or null
date-time
required
The time that the advisory was withdrawn in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
security_vulnerability
object (security_vulnerability)
required
Details pertaining to one vulnerable version range for the advisory.
package
object (package)
required
Details for the vulnerable package.
ecosystem
string
required
The package's language or package management ecosystem.
name
string
required
The unique package name within its ecosystem.
severity
string
required
The severity of the vulnerability.
- Enum
-
- low
- medium
- high
- critical
vulnerable_version_range
string
required
Conditions that identify vulnerable versions of this vulnerability's package.
first_patched_version
object (first_patched_version) or null
required
Details pertaining to the package version that patches this vulnerability.
identifier
string
required
The package version that patches this vulnerability.
url
string
uri
required
The REST API URL of the alert resource.
html_url
string
uri
required
The GitHub URL of the alert resource.
created_at
string
date-time
required
The time that the alert was created in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
updated_at
string
date-time
required
The time that the alert was last updated in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_at
string or null
date-time
required
The time that the alert was dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
dismissed_by
object (dismissed_by) or null
required
A GitHub user.
name
string or null
string or null
login
string
required
- Example
- "octocat"
id
int
required
- Example
- 1
node_id
string
required
- Example
- "MDQ6VXNlcjE="
avatar_url
string
uri
required
- Example
- "https://github.com/images/error/octocat_happy.gif"
gravatar_id
string or null
required
- Example
- "41d064eb2195891e12d0413f63227ea7"
url
string
uri
required
- Example
- "https://api.github.com/users/octocat"
html_url
string
uri
required
- Example
- "https://github.com/octocat"
followers_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/followers"
following_url
string
required
- Example
- "https://api.github.com/users/octocat/following{/other_user}"
gists_url
string
required
- Example
- "https://api.github.com/users/octocat/gists{/gist_id}"
starred_url
string
required
- Example
- "https://api.github.com/users/octocat/starred{/owner}{/repo}"
subscriptions_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/subscriptions"
organizations_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/orgs"
repos_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/repos"
events_url
string
required
- Example
- "https://api.github.com/users/octocat/events{/privacy}"
received_events_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/received_events"
type
string
required
- Example
- "User"
site_admin
boolean
required
starred_at
string
- Example
- "\"2020-07-09T00:17:55Z\""
dismissed_reason
string or null
required
The reason that the alert was dismissed.
- Enum
-
- fix_started
- inaccurate
- no_bandwidth
- not_used
- tolerable_risk
dismissed_comment
string or null
required
An optional comment associated with the alert's dismissal.
- Max Length
- 280
fixed_at
string or null
date-time
required
The time that the alert was no longer detected and was considered fixed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
auto_dismissed_at
string or null
date-time
The time that the alert was auto-dismissed in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
repository
object (repository)
required
A GitHub repository.
id
int
required
A unique identifier of the repository.
- Example
- 1296269
node_id
string
required
The GraphQL identifier of the repository.
- Example
- "MDEwOlJlcG9zaXRvcnkxMjk2MjY5"
name
string
required
The name of the repository.
- Example
- "Hello-World"
full_name
string
required
The full, globally unique, name of the repository.
- Example
- "octocat/Hello-World"
owner
object (owner)
required
A GitHub user.
name
string or null
string or null
login
string
required
- Example
- "octocat"
id
int
required
- Example
- 1
node_id
string
required
- Example
- "MDQ6VXNlcjE="
avatar_url
string
uri
required
- Example
- "https://github.com/images/error/octocat_happy.gif"
gravatar_id
string or null
required
- Example
- "41d064eb2195891e12d0413f63227ea7"
url
string
uri
required
- Example
- "https://api.github.com/users/octocat"
html_url
string
uri
required
- Example
- "https://github.com/octocat"
followers_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/followers"
following_url
string
required
- Example
- "https://api.github.com/users/octocat/following{/other_user}"
gists_url
string
required
- Example
- "https://api.github.com/users/octocat/gists{/gist_id}"
starred_url
string
required
- Example
- "https://api.github.com/users/octocat/starred{/owner}{/repo}"
subscriptions_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/subscriptions"
organizations_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/orgs"
repos_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/repos"
events_url
string
required
- Example
- "https://api.github.com/users/octocat/events{/privacy}"
received_events_url
string
uri
required
- Example
- "https://api.github.com/users/octocat/received_events"
type
string
required
- Example
- "User"
site_admin
boolean
required
starred_at
string
- Example
- "\"2020-07-09T00:17:55Z\""
private
boolean
required
Whether the repository is private.
html_url
string
uri
required
The URL to view the repository on GitHub.com.
- Example
- "https://github.com/octocat/Hello-World"
description
string or null
required
The repository description.
- Example
- "This your first repo!"
fork
boolean
required
Whether the repository is a fork.
url
string
uri
required
The URL to get more information about the repository from the GitHub API.
- Example
- "https://api.github.com/repos/octocat/Hello-World"
archive_url
string
required
A template for the API URL to download the repository as an archive.
- Example
- "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}"
assignees_url
string
required
A template for the API URL to list the available assignees for issues in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/assignees{/user}"
blobs_url
string
required
A template for the API URL to create or retrieve a raw Git blob in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}"
branches_url
string
required
A template for the API URL to get information about branches in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/branches{/branch}"
collaborators_url
string
required
A template for the API URL to get information about collaborators of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}"
comments_url
string
required
A template for the API URL to get information about comments on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/comments{/number}"
commits_url
string
required
A template for the API URL to get information about commits on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/commits{/sha}"
compare_url
string
required
A template for the API URL to compare two commits or refs.
- Example
- "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}"
contents_url
string
required
A template for the API URL to get the contents of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/contents/{+path}"
contributors_url
string
uri
required
A template for the API URL to list the contributors to the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/contributors"
deployments_url
string
uri
required
The API URL to list the deployments of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/deployments"
downloads_url
string
uri
required
The API URL to list the downloads on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/downloads"
events_url
string
uri
required
The API URL to list the events of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/events"
forks_url
string
uri
required
The API URL to list the forks of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/forks"
git_commits_url
string
required
A template for the API URL to get information about Git commits of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}"
git_refs_url
string
required
A template for the API URL to get information about Git refs of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}"
git_tags_url
string
required
A template for the API URL to get information about Git tags of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}"
issue_comment_url
string
required
A template for the API URL to get information about issue comments on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}"
issue_events_url
string
required
A template for the API URL to get information about issue events on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}"
issues_url
string
required
A template for the API URL to get information about issues on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/issues{/number}"
keys_url
string
required
A template for the API URL to get information about deploy keys on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}"
labels_url
string
required
A template for the API URL to get information about labels of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/labels{/name}"
languages_url
string
uri
required
The API URL to get information about the languages of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/languages"
merges_url
string
uri
required
The API URL to merge branches in the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/merges"
milestones_url
string
required
A template for the API URL to get information about milestones of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/milestones{/number}"
notifications_url
string
required
A template for the API URL to get information about notifications on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}"
pulls_url
string
required
A template for the API URL to get information about pull requests on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/pulls{/number}"
releases_url
string
required
A template for the API URL to get information about releases on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/releases{/id}"
stargazers_url
string
uri
required
The API URL to list the stargazers on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/stargazers"
statuses_url
string
required
A template for the API URL to get information about statuses of a commit.
- Example
- "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}"
subscribers_url
string
uri
required
The API URL to list the subscribers on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/subscribers"
subscription_url
string
uri
required
The API URL to subscribe to notifications for this repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/subscription"
tags_url
string
uri
required
The API URL to get information about tags on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/tags"
teams_url
string
uri
required
The API URL to list the teams on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/teams"
trees_url
string
required
A template for the API URL to create or retrieve a raw Git tree of the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}"
hooks_url
string
uri
required
The API URL to list the hooks on the repository.
- Example
- "https://api.github.com/repos/octocat/Hello-World/hooks"
No schema
message
string
documentation_url
string
url
string
status
string
message
string or null
documentation_url
string or null
detail
string or null
status
int
scimType
string or null
schemas
array[string]
string
message
string
documentation_url
string
url
string
status
string
message
string
documentation_url
string
url
string
status
string
message
string
required
documentation_url
string
required
errors
array[string]
string
List organization secrets
Lists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.
org
string
required
The organization name. The name is not case sensitive.
per_page
int
The number of results per page (max 100).
- Default
- 30
page
int
Page number of the results to fetch.
- Default
- 1
Response
Response
total_count
int
required
secrets
array[object (Dependabot Secret for an Organization)]
required
Dependabot Secret for an Organization
object (Dependabot Secret for an Organization)
Secrets for GitHub Dependabot for an organization.
name
string
required
The name of the secret.
- Example
- "SECRET_TOKEN"
created_at
string
date-time
required
updated_at
string
date-time
required
visibility
string
required
Visibility of a secret
- Enum
-
- all
- private
- selected
selected_repositories_url
string
uri
- Example
- "https://api.github.com/organizations/org/dependabot/secrets/my_secret/repositories"
Link
string
Get an organization public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.
org
string
required
The organization name. The name is not case sensitive.
Response
Response
key_id
string
required
The identifier for the key.
- Example
- "1234567"
key
string
required
The Base64 encoded public key.
- Example
- "hBT5WZEj8ZoOv6TYJsfWq7MxTEQopZO5/IT3ZCVQPzs="
Get an organization secret
Gets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.
org
string
required
The organization name. The name is not case sensitive.
secret_name
string
required
The name of the secret.
Response
Response
name
string
required
The name of the secret.
- Example
- "SECRET_TOKEN"
created_at
string
date-time
required
updated_at
string
date-time
required
visibility
string
required
Visibility of a secret
- Enum
-
- all
- private
- selected