View Source GitHub.Dependabot (GitHub REST API Client v0.2.3)

Provides API endpoints related to dependabot

Link to this section Summary

Functions

Add selected repository to an organization secret

Create or update an organization secret

Delete an organization secret

Get an organization public key

Get a repository public key

List Dependabot alerts for an enterprise

List Dependabot alerts for an organization

List Dependabot alerts for a repository

List organization secrets

List selected repositories for an organization secret

Remove selected repository from an organization secret

Set selected repositories for an organization secret

Link to this section Functions

Link to this function

add_selected_repo_to_org_secret(org, secret_name, repository_id, opts \\ [])

View Source
@spec add_selected_repo_to_org_secret(String.t(), String.t(), integer(), keyword()) ::
  :ok | {:error, GitHub.Error.t()}

Add selected repository to an organization secret

Adds a repository to an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

create_or_update_org_secret(org, secret_name, body, opts \\ [])

View Source
@spec create_or_update_org_secret(String.t(), String.t(), map(), keyword()) ::
  {:ok, GitHub.EmptyObject.t()} | {:error, GitHub.Error.t()}

Create or update an organization secret

Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

create_or_update_repo_secret(owner, repo, secret_name, body, opts \\ [])

View Source
@spec create_or_update_repo_secret(
  String.t(),
  String.t(),
  String.t(),
  map(),
  keyword()
) ::
  {:ok, GitHub.EmptyObject.t()} | {:error, GitHub.Error.t()}

Create or update a repository secret

Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."

You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

resources

Resources

Link to this function

delete_org_secret(org, secret_name, opts \\ [])

View Source
@spec delete_org_secret(String.t(), String.t(), keyword()) ::
  :ok | {:error, GitHub.Error.t()}

Delete an organization secret

Deletes a secret in an organization using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

delete_repo_secret(owner, repo, secret_name, opts \\ [])

View Source
@spec delete_repo_secret(String.t(), String.t(), String.t(), keyword()) ::
  :ok | {:error, GitHub.Error.t()}

Delete a repository secret

Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

resources

Resources

Link to this function

get_alert(owner, repo, alert_number, opts \\ [])

View Source
@spec get_alert(String.t(), String.t(), integer(), keyword()) ::
  {:ok, GitHub.Dependabot.Alert.t()} | {:error, GitHub.Error.t()}

Get a Dependabot alert

You must use an access token with the security_events scope to use this endpoint with private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have Dependabot alerts read permission to use this endpoint.

resources

Resources

Link to this function

get_org_public_key(org, opts \\ [])

View Source
@spec get_org_public_key(
  String.t(),
  keyword()
) :: {:ok, GitHub.Dependabot.PublicKey.t()} | {:error, GitHub.Error.t()}

Get an organization public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

get_org_secret(org, secret_name, opts \\ [])

View Source
@spec get_org_secret(String.t(), String.t(), keyword()) ::
  {:ok, GitHub.Organization.DependabotSecret.t()} | {:error, GitHub.Error.t()}

Get an organization secret

Gets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

get_repo_public_key(owner, repo, opts \\ [])

View Source
@spec get_repo_public_key(String.t(), String.t(), keyword()) ::
  {:ok, GitHub.Dependabot.PublicKey.t()} | {:error, GitHub.Error.t()}

Get a repository public key

Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

resources

Resources

Link to this function

get_repo_secret(owner, repo, secret_name, opts \\ [])

View Source
@spec get_repo_secret(String.t(), String.t(), String.t(), keyword()) ::
  {:ok, GitHub.Dependabot.Secret.t()} | {:error, GitHub.Error.t()}

Get a repository secret

Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

resources

Resources

Link to this function

list_alerts_for_enterprise(enterprise, opts \\ [])

View Source
@spec list_alerts_for_enterprise(
  String.t(),
  keyword()
) ::
  {:ok, [GitHub.Dependabot.Alert.WithRepository.t()]}
  | {:error, GitHub.Error.t()}

List Dependabot alerts for an enterprise

Lists Dependabot alerts for repositories that are owned by the specified enterprise. To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. For more information about security managers, see "Managing security managers in your organization."

options

Options

  • state: A comma-separated list of states. If specified, only alerts with these states will be returned.

    Can be: auto_dismissed, dismissed, fixed, open

  • severity: A comma-separated list of severities. If specified, only alerts with these severities will be returned.

    Can be: low, medium, high, critical

  • ecosystem: A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.

    Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust

  • package: A comma-separated list of package names. If specified, only alerts for these packages will be returned.

  • scope: The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.

  • sort: The property by which to sort the results. created means when the alert was created. updated means when the alert's state last changed.

  • direction: The direction to sort the results by.

  • before: A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.

  • after: A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.

  • first: Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with last. Instead, use per_page in combination with after to fetch the first page of results.

  • last: Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with first. Instead, use per_page in combination with before to fetch the last page of results.

  • per_page: The number of results per page (max 100).

resources

Resources

Link to this function

list_alerts_for_org(org, opts \\ [])

View Source
@spec list_alerts_for_org(
  String.t(),
  keyword()
) ::
  {:ok, [GitHub.Dependabot.Alert.WithRepository.t()]}
  | {:error, GitHub.Error.t()}

List Dependabot alerts for an organization

Lists Dependabot alerts for an organization.

To use this endpoint, you must be an owner or security manager for the organization, and you must use an access token with the repo scope or security_events scope.

For public repositories, you may instead use the public_repo scope.

GitHub Apps must have Dependabot alerts read permission to use this endpoint.

options

Options

  • state: A comma-separated list of states. If specified, only alerts with these states will be returned.

    Can be: auto_dismissed, dismissed, fixed, open

  • severity: A comma-separated list of severities. If specified, only alerts with these severities will be returned.

    Can be: low, medium, high, critical

  • ecosystem: A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.

    Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust

  • package: A comma-separated list of package names. If specified, only alerts for these packages will be returned.

  • scope: The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.

  • sort: The property by which to sort the results. created means when the alert was created. updated means when the alert's state last changed.

  • direction: The direction to sort the results by.

  • before: A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.

  • after: A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.

  • first: Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with last. Instead, use per_page in combination with after to fetch the first page of results.

  • last: Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with first. Instead, use per_page in combination with before to fetch the last page of results.

  • per_page: The number of results per page (max 100).

resources

Resources

Link to this function

list_alerts_for_repo(owner, repo, opts \\ [])

View Source
@spec list_alerts_for_repo(String.t(), String.t(), keyword()) ::
  {:ok, [GitHub.Dependabot.Alert.t()]} | {:error, GitHub.Error.t()}

List Dependabot alerts for a repository

You must use an access token with the security_events scope to use this endpoint with private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have Dependabot alerts read permission to use this endpoint.

options

Options

  • state: A comma-separated list of states. If specified, only alerts with these states will be returned.

    Can be: auto_dismissed, dismissed, fixed, open

  • severity: A comma-separated list of severities. If specified, only alerts with these severities will be returned.

    Can be: low, medium, high, critical

  • ecosystem: A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.

    Can be: composer, go, maven, npm, nuget, pip, pub, rubygems, rust

  • package: A comma-separated list of package names. If specified, only alerts for these packages will be returned.

  • manifest: A comma-separated list of full manifest paths. If specified, only alerts for these manifests will be returned.

  • scope: The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.

  • sort: The property by which to sort the results. created means when the alert was created. updated means when the alert's state last changed.

  • direction: The direction to sort the results by.

  • page: Deprecated. Page number of the results to fetch. Use cursor-based pagination with before or after instead.

  • per_page: The number of results per page (max 100).

  • before: A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.

  • after: A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.

  • first: Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination with last. Instead, use per_page in combination with after to fetch the first page of results.

  • last: Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination with first. Instead, use per_page in combination with before to fetch the last page of results.

resources

Resources

Link to this function

list_org_secrets(org, opts \\ [])

View Source
@spec list_org_secrets(
  String.t(),
  keyword()
) :: {:ok, map()} | {:error, GitHub.Error.t()}

List organization secrets

Lists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

options

Options

  • per_page: The number of results per page (max 100).
  • page: Page number of the results to fetch.

resources

Resources

Link to this function

list_repo_secrets(owner, repo, opts \\ [])

View Source
@spec list_repo_secrets(String.t(), String.t(), keyword()) ::
  {:ok, map()} | {:error, GitHub.Error.t()}

List repository secrets

Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the dependabot_secrets repository permission to use this endpoint.

options

Options

  • per_page: The number of results per page (max 100).
  • page: Page number of the results to fetch.

resources

Resources

Link to this function

list_selected_repos_for_org_secret(org, secret_name, opts \\ [])

View Source
@spec list_selected_repos_for_org_secret(String.t(), String.t(), keyword()) ::
  {:ok, map()} | {:error, GitHub.Error.t()}

List selected repositories for an organization secret

Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

options

Options

  • page: Page number of the results to fetch.
  • per_page: The number of results per page (max 100).

resources

Resources

Link to this function

remove_selected_repo_from_org_secret(org, secret_name, repository_id, opts \\ [])

View Source
@spec remove_selected_repo_from_org_secret(
  String.t(),
  String.t(),
  integer(),
  keyword()
) ::
  :ok | {:error, GitHub.Error.t()}

Remove selected repository from an organization secret

Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

set_selected_repos_for_org_secret(org, secret_name, body, opts \\ [])

View Source
@spec set_selected_repos_for_org_secret(String.t(), String.t(), map(), keyword()) ::
  :ok | {:error, GitHub.Error.t()}

Set selected repositories for an organization secret

Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint. GitHub Apps must have the dependabot_secrets organization permission to use this endpoint.

resources

Resources

Link to this function

update_alert(owner, repo, alert_number, body, opts \\ [])

View Source
@spec update_alert(String.t(), String.t(), integer(), map(), keyword()) ::
  {:ok, GitHub.Dependabot.Alert.t()} | {:error, GitHub.Error.t()}

Update a Dependabot alert

You must use an access token with the security_events scope to use this endpoint with private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have Dependabot alerts write permission to use this endpoint.

To use this endpoint, you must have access to security alerts for the repository. For more information, see "Granting access to security alerts."

resources

Resources