View Source GitHub.Dependabot (GitHub REST API Client v0.2.3)
Provides API endpoints related to dependabot
Link to this section Summary
Functions
Add selected repository to an organization secret
Create or update an organization secret
Create or update a repository secret
Delete an organization secret
Delete a repository secret
Get a Dependabot alert
Get an organization public key
Get an organization secret
Get a repository public key
Get a repository secret
List Dependabot alerts for an enterprise
List Dependabot alerts for an organization
List Dependabot alerts for a repository
List organization secrets
List repository secrets
List selected repositories for an organization secret
Remove selected repository from an organization secret
Set selected repositories for an organization secret
Update a Dependabot alert
Link to this section Functions
add_selected_repo_to_org_secret(org, secret_name, repository_id, opts \\ [])
View Source@spec add_selected_repo_to_org_secret(String.t(), String.t(), integer(), keyword()) :: :ok | {:error, GitHub.Error.t()}
Add selected repository to an organization secret
Adds a repository to an organization secret when the visibility
for repository access is set to selected
. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
resources
Resources
@spec create_or_update_org_secret(String.t(), String.t(), map(), keyword()) :: {:ok, GitHub.EmptyObject.t()} | {:error, GitHub.Error.t()}
Create or update an organization secret
Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."
You must authenticate using an access
token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization
permission to use this endpoint.
resources
Resources
create_or_update_repo_secret(owner, repo, secret_name, body, opts \\ [])
View Source@spec create_or_update_repo_secret( String.t(), String.t(), String.t(), map(), keyword() ) :: {:ok, GitHub.EmptyObject.t()} | {:error, GitHub.Error.t()}
Create or update a repository secret
Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. For more information, see "Encrypting secrets for the REST API."
You must authenticate using an access
token with the repo
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
repository
permission to use this endpoint.
resources
Resources
@spec delete_org_secret(String.t(), String.t(), keyword()) :: :ok | {:error, GitHub.Error.t()}
Delete an organization secret
Deletes a secret in an organization using the secret name. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
resources
Resources
@spec delete_repo_secret(String.t(), String.t(), String.t(), keyword()) :: :ok | {:error, GitHub.Error.t()}
Delete a repository secret
Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
repository permission to use this endpoint.
resources
Resources
@spec get_alert(String.t(), String.t(), integer(), keyword()) :: {:ok, GitHub.Dependabot.Alert.t()} | {:error, GitHub.Error.t()}
Get a Dependabot alert
You must use an access token with the security_events
scope to use this endpoint with private repositories.
You can also use tokens with the public_repo
scope for public repositories only.
GitHub Apps must have Dependabot alerts read permission to use this endpoint.
resources
Resources
@spec get_org_public_key( String.t(), keyword() ) :: {:ok, GitHub.Dependabot.PublicKey.t()} | {:error, GitHub.Error.t()}
Get an organization public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
resources
Resources
@spec get_org_secret(String.t(), String.t(), keyword()) :: {:ok, GitHub.Organization.DependabotSecret.t()} | {:error, GitHub.Error.t()}
Get an organization secret
Gets a single organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
resources
Resources
@spec get_repo_public_key(String.t(), String.t(), keyword()) :: {:ok, GitHub.Dependabot.PublicKey.t()} | {:error, GitHub.Error.t()}
Get a repository public key
Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo
scope. GitHub Apps must have the dependabot_secrets
repository permission to use this endpoint.
resources
Resources
@spec get_repo_secret(String.t(), String.t(), String.t(), keyword()) :: {:ok, GitHub.Dependabot.Secret.t()} | {:error, GitHub.Error.t()}
Get a repository secret
Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
repository permission to use this endpoint.
resources
Resources
@spec list_alerts_for_enterprise( String.t(), keyword() ) :: {:ok, [GitHub.Dependabot.Alert.WithRepository.t()]} | {:error, GitHub.Error.t()}
List Dependabot alerts for an enterprise
Lists Dependabot alerts for repositories that are owned by the specified enterprise.
To use this endpoint, you must be a member of the enterprise, and you must use an
access token with the repo
scope or security_events
scope.
Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager. For more information about security managers, see "Managing security managers in your organization."
options
Options
state
: A comma-separated list of states. If specified, only alerts with these states will be returned.Can be:
auto_dismissed
,dismissed
,fixed
,open
severity
: A comma-separated list of severities. If specified, only alerts with these severities will be returned.Can be:
low
,medium
,high
,critical
ecosystem
: A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.Can be:
composer
,go
,maven
,npm
,nuget
,pip
,pub
,rubygems
,rust
package
: A comma-separated list of package names. If specified, only alerts for these packages will be returned.scope
: The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.sort
: The property by which to sort the results.created
means when the alert was created.updated
means when the alert's state last changed.direction
: The direction to sort the results by.before
: A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.after
: A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.first
: Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination withlast
. Instead, useper_page
in combination withafter
to fetch the first page of results.last
: Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination withfirst
. Instead, useper_page
in combination withbefore
to fetch the last page of results.per_page
: The number of results per page (max 100).
resources
Resources
@spec list_alerts_for_org( String.t(), keyword() ) :: {:ok, [GitHub.Dependabot.Alert.WithRepository.t()]} | {:error, GitHub.Error.t()}
List Dependabot alerts for an organization
Lists Dependabot alerts for an organization.
To use this endpoint, you must be an owner or security manager for the organization, and you must use an access token with the repo
scope or security_events
scope.
For public repositories, you may instead use the public_repo
scope.
GitHub Apps must have Dependabot alerts read permission to use this endpoint.
options
Options
state
: A comma-separated list of states. If specified, only alerts with these states will be returned.Can be:
auto_dismissed
,dismissed
,fixed
,open
severity
: A comma-separated list of severities. If specified, only alerts with these severities will be returned.Can be:
low
,medium
,high
,critical
ecosystem
: A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.Can be:
composer
,go
,maven
,npm
,nuget
,pip
,pub
,rubygems
,rust
package
: A comma-separated list of package names. If specified, only alerts for these packages will be returned.scope
: The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.sort
: The property by which to sort the results.created
means when the alert was created.updated
means when the alert's state last changed.direction
: The direction to sort the results by.before
: A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.after
: A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.first
: Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination withlast
. Instead, useper_page
in combination withafter
to fetch the first page of results.last
: Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination withfirst
. Instead, useper_page
in combination withbefore
to fetch the last page of results.per_page
: The number of results per page (max 100).
resources
Resources
@spec list_alerts_for_repo(String.t(), String.t(), keyword()) :: {:ok, [GitHub.Dependabot.Alert.t()]} | {:error, GitHub.Error.t()}
List Dependabot alerts for a repository
You must use an access token with the security_events
scope to use this endpoint with private repositories.
You can also use tokens with the public_repo
scope for public repositories only.
GitHub Apps must have Dependabot alerts read permission to use this endpoint.
options
Options
state
: A comma-separated list of states. If specified, only alerts with these states will be returned.Can be:
auto_dismissed
,dismissed
,fixed
,open
severity
: A comma-separated list of severities. If specified, only alerts with these severities will be returned.Can be:
low
,medium
,high
,critical
ecosystem
: A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.Can be:
composer
,go
,maven
,npm
,nuget
,pip
,pub
,rubygems
,rust
package
: A comma-separated list of package names. If specified, only alerts for these packages will be returned.manifest
: A comma-separated list of full manifest paths. If specified, only alerts for these manifests will be returned.scope
: The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.sort
: The property by which to sort the results.created
means when the alert was created.updated
means when the alert's state last changed.direction
: The direction to sort the results by.page
: Deprecated. Page number of the results to fetch. Use cursor-based pagination withbefore
orafter
instead.per_page
: The number of results per page (max 100).before
: A cursor, as given in the Link header. If specified, the query only searches for results before this cursor.after
: A cursor, as given in the Link header. If specified, the query only searches for results after this cursor.first
: Deprecated. The number of results per page (max 100), starting from the first matching result. This parameter must not be used in combination withlast
. Instead, useper_page
in combination withafter
to fetch the first page of results.last
: Deprecated. The number of results per page (max 100), starting from the last matching result. This parameter must not be used in combination withfirst
. Instead, useper_page
in combination withbefore
to fetch the last page of results.
resources
Resources
@spec list_org_secrets( String.t(), keyword() ) :: {:ok, map()} | {:error, GitHub.Error.t()}
List organization secrets
Lists all secrets available in an organization without revealing their encrypted values. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
options
Options
per_page
: The number of results per page (max 100).page
: Page number of the results to fetch.
resources
Resources
@spec list_repo_secrets(String.t(), String.t(), keyword()) :: {:ok, map()} | {:error, GitHub.Error.t()}
List repository secrets
Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
repository permission to use this endpoint.
options
Options
per_page
: The number of results per page (max 100).page
: Page number of the results to fetch.
resources
Resources
@spec list_selected_repos_for_org_secret(String.t(), String.t(), keyword()) :: {:ok, map()} | {:error, GitHub.Error.t()}
List selected repositories for an organization secret
Lists all repositories that have been selected when the visibility
for repository access to a secret is set to selected
. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
options
Options
page
: Page number of the results to fetch.per_page
: The number of results per page (max 100).
resources
Resources
remove_selected_repo_from_org_secret(org, secret_name, repository_id, opts \\ [])
View Source@spec remove_selected_repo_from_org_secret( String.t(), String.t(), integer(), keyword() ) :: :ok | {:error, GitHub.Error.t()}
Remove selected repository from an organization secret
Removes a repository from an organization secret when the visibility
for repository access is set to selected
. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
resources
Resources
set_selected_repos_for_org_secret(org, secret_name, body, opts \\ [])
View Source@spec set_selected_repos_for_org_secret(String.t(), String.t(), map(), keyword()) :: :ok | {:error, GitHub.Error.t()}
Set selected repositories for an organization secret
Replaces all repositories for an organization secret when the visibility
for repository access is set to selected
. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org
scope to use this endpoint. GitHub Apps must have the dependabot_secrets
organization permission to use this endpoint.
resources
Resources
@spec update_alert(String.t(), String.t(), integer(), map(), keyword()) :: {:ok, GitHub.Dependabot.Alert.t()} | {:error, GitHub.Error.t()}
Update a Dependabot alert
You must use an access token with the security_events
scope to use this endpoint with private repositories.
You can also use tokens with the public_repo
scope for public repositories only.
GitHub Apps must have Dependabot alerts write permission to use this endpoint.
To use this endpoint, you must have access to security alerts for the repository. For more information, see "Granting access to security alerts."