View Source GitHub.SecurityAdvisories (GitHub REST API Client v0.0.13)

Provides API endpoints related to security advisories

Link to this section Summary

Functions

Privately report a security vulnerability

Create a repository security advisory

Request a CVE for a repository security advisory

Get a global security advisory

List global security advisories

List repository security advisories for an organization

List repository security advisories

Link to this section Functions

Link to this function

create_private_vulnerability_report(owner, repo, body, opts \\ [])

View Source
@spec create_private_vulnerability_report(
  String.t(),
  String.t(),
  GitHub.PrivateVulnerabilityReport.Create.t(),
  keyword()
) :: {:ok, GitHub.Repository.Advisory.t()} | {:error, GitHub.Error.t()}

Privately report a security vulnerability

resources

Resources

Link to this function

create_repository_advisory(owner, repo, body, opts \\ [])

View Source
@spec create_repository_advisory(
  String.t(),
  String.t(),
  GitHub.Repository.Advisory.Create.t(),
  keyword()
) :: {:ok, GitHub.Repository.Advisory.t()} | {:error, GitHub.Error.t()}

Create a repository security advisory

resources

Resources

Link to this function

create_repository_advisory_cve_request(owner, repo, ghsa_id, opts \\ [])

View Source
@spec create_repository_advisory_cve_request(
  String.t(),
  String.t(),
  String.t(),
  keyword()
) ::
  {:ok, map()} | {:error, GitHub.Error.t()}

Request a CVE for a repository security advisory

resources

Resources

Link to this function

get_global_advisory(ghsa_id, opts \\ [])

View Source
@spec get_global_advisory(
  String.t(),
  keyword()
) :: {:ok, GitHub.GlobalAdvisory.t()} | {:error, GitHub.Error.t()}

Get a global security advisory

resources

Resources

Link to this function

get_repository_advisory(owner, repo, ghsa_id, opts \\ [])

View Source
@spec get_repository_advisory(String.t(), String.t(), String.t(), keyword()) ::
  {:ok, GitHub.Repository.Advisory.t()} | {:error, GitHub.Error.t()}

Get a repository security advisory

resources

Resources

Link to this function

list_global_advisories(opts \\ [])

View Source
@spec list_global_advisories(keyword()) ::
  {:ok, [GitHub.GlobalAdvisory.t()]} | {:error, GitHub.Error.t()}

List global security advisories

options

Options

  • ghsa_id (String.t()): If specified, only advisories with this GHSA (GitHub Security Advisory) identifier will be returned.
  • type (String.t()): If specified, only advisories of this type will be returned. By default, a request with no other parameters defined will only return reviewed advisories that are not malware.
  • cve_id (String.t()): If specified, only advisories with this CVE (Common Vulnerabilities and Exposures) identifier will be returned.
  • ecosystem (String.t()): If specified, only advisories for these ecosystems will be returned.
  • severity (String.t()): If specified, only advisories with these severities will be returned.
  • cwes (String.t() | [String.t()]): If specified, only advisories with these Common Weakness Enumerations (CWEs) will be returned.

Example: cwes=79,284,22 or cwes[]=79&cwes[]=284&cwes[]=22

  • is_withdrawn (boolean): Whether to only return advisories that have been withdrawn.
  • affects (String.t() | [String.t()]): If specified, only return advisories that affect any of package or package@version. A maximum of 1000 packages can be specified. If the query parameter causes the URL to exceed the maximum URL length supported by your client, you must specify fewer packages.

Example: affects=package1,package2@1.0.0,package3@^2.0.0 or affects[]=package1&affects[]=package2@1.0.0

  • published (String.t()): If specified, only return advisories that were published on a date or date range.

For more information on the syntax of the date range, see "Understanding the search syntax."

  • updated (String.t()): If specified, only return advisories that were updated on a date or date range.

For more information on the syntax of the date range, see "Understanding the search syntax."

  • modified (String.t()): If specified, only show advisories that were updated or published on a date or date range.

For more information on the syntax of the date range, see "Understanding the search syntax."

  • before (String.t()): A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.
  • after (String.t()): A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.
  • direction (String.t()): The direction to sort the results by.
  • per_page (integer): The number of results per page (max 100).
  • sort (String.t()): The property to sort the results by.

resources

Resources

Link to this function

list_org_repository_advisories(org, opts \\ [])

View Source
@spec list_org_repository_advisories(
  String.t(),
  keyword()
) :: {:ok, [GitHub.Repository.Advisory.t()]} | {:error, GitHub.Error.t()}

List repository security advisories for an organization

options

Options

  • direction (String.t()): The direction to sort the results by.
  • sort (String.t()): The property to sort the results by.
  • before (String.t()): A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.
  • after (String.t()): A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.
  • per_page (integer): The number of advisories to return per page.
  • state (String.t()): Filter by the state of the repository advisories. Only advisories of this state will be returned.

resources

Resources

Link to this function

list_repository_advisories(owner, repo, opts \\ [])

View Source
@spec list_repository_advisories(String.t(), String.t(), keyword()) ::
  {:ok, [GitHub.Repository.Advisory.t()]} | {:error, GitHub.Error.t()}

List repository security advisories

options

Options

  • direction (String.t()): The direction to sort the results by.
  • sort (String.t()): The property to sort the results by.
  • before (String.t()): A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.
  • after (String.t()): A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.
  • per_page (integer): Number of advisories to return per page.
  • state (String.t()): Filter by state of the repository advisories. Only advisories of this state will be returned.

resources

Resources

Link to this function

update_repository_advisory(owner, repo, ghsa_id, body, opts \\ [])

View Source
@spec update_repository_advisory(
  String.t(),
  String.t(),
  String.t(),
  GitHub.Repository.Advisory.Update.t(),
  keyword()
) :: {:ok, GitHub.Repository.Advisory.t()} | {:error, GitHub.Error.t()}

Update a repository security advisory

resources

Resources