[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true\n }\n]\n[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n }\n]\n{\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"c18c69115654ff0166991962832dc2bd7756e655\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"javascript\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2021-01-13T11:55:49Z\",\n \"results_count\": 3,\n \"rules_count\": 67,\n \"id\": 3602840,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"47177e22-5596-11eb-80a1-c1e54ef945c6\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true\n}\n{\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"c18c69115654ff0166991962832dc2bd7756e655\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"javascript\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2021-01-13T11:55:49Z\",\n \"results_count\": 3,\n \"rules_count\": 67,\n \"id\": 3602840,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"47177e22-5596-11eb-80a1-c1e54ef945c6\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n}\nUploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64 -w0\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Required. The SHA of the commit to which the analysis you are uploading relates.
", diff --git a/lib/rest/static/decorated/ghes-2.22.json b/lib/rest/static/decorated/ghes-2.22.json index 95cd80b9285e..83e5b31408bf 100644 --- a/lib/rest/static/decorated/ghes-2.22.json +++ b/lib/rest/static/decorated/ghes-2.22.json @@ -40999,7 +40999,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "Response", - "payload": "[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true\n }\n]\n[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n }\n]\nUploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64 -w0\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Required. The SHA of the commit to which the analysis you are uploading relates.
", diff --git a/lib/rest/static/decorated/ghes-3.0.json b/lib/rest/static/decorated/ghes-3.0.json index c3426f556320..f88dc05109fa 100644 --- a/lib/rest/static/decorated/ghes-3.0.json +++ b/lib/rest/static/decorated/ghes-3.0.json @@ -45476,7 +45476,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "Response", - "payload": "[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true\n }\n]\n[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n }\n]\nUploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64 -w0\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Required. The SHA of the commit to which the analysis you are uploading relates.
", diff --git a/lib/rest/static/decorated/github.ae.json b/lib/rest/static/decorated/github.ae.json index 9fda4cb8cb7a..4945d97d291f 100644 --- a/lib/rest/static/decorated/github.ae.json +++ b/lib/rest/static/decorated/github.ae.json @@ -39287,7 +39287,7 @@ "httpStatusCode": "200", "httpStatusMessage": "OK", "description": "Response", - "payload": "[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true\n }\n]\n[\n {\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"d99612c3e1f2970085cfbaeadf8f010ef69bad83\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"python\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-27T15:05:21Z\",\n \"results_count\": 17,\n \"rules_count\": 49,\n \"id\": 201,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"6c81cd8e-b078-4ac3-a3be-1dad7dbd0b53\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n },\n {\n \"ref\": \"refs/heads/my-branch\",\n \"commit_sha\": \"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\",\n \"analysis_key\": \".github/workflows/shiftleft.yml:build\",\n \"environment\": \"{}\",\n \"error\": \"\",\n \"created_at\": \"2020-08-31T22:46:44Z\",\n \"results_count\": 17,\n \"rules_count\": 32,\n \"id\": 200,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/200\",\n \"sarif_id\": \"8981cd8e-b078-4ac3-a3be-1dad7dbd0b582\",\n \"tool\": {\n \"name\": \"Python Security Analysis\",\n \"guid\": null,\n \"version\": \"1.2.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n }\n]\n{\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"c18c69115654ff0166991962832dc2bd7756e655\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"javascript\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2021-01-13T11:55:49Z\",\n \"results_count\": 3,\n \"rules_count\": 67,\n \"id\": 3602840,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"47177e22-5596-11eb-80a1-c1e54ef945c6\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true\n}\n{\n \"ref\": \"refs/heads/main\",\n \"commit_sha\": \"c18c69115654ff0166991962832dc2bd7756e655\",\n \"analysis_key\": \".github/workflows/codeql-analysis.yml:analyze\",\n \"environment\": \"{\\\"language\\\":\\\"javascript\\\"}\",\n \"error\": \"\",\n \"created_at\": \"2021-01-13T11:55:49Z\",\n \"results_count\": 3,\n \"rules_count\": 67,\n \"id\": 3602840,\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/analyses/201\",\n \"sarif_id\": \"47177e22-5596-11eb-80a1-c1e54ef945c6\",\n \"tool\": {\n \"name\": \"CodeQL\",\n \"guid\": null,\n \"version\": \"2.4.0\"\n },\n \"deletable\": true,\n \"warning\": \"\"\n}\nUploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events write permission to use this endpoint.
There are two places where you can upload code scanning results.
\n--ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see \"Triaging code scanning alerts in pull requests.\"--ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see \"Managing code scanning alerts for your repository.\"You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:
gzip -c analysis-data.sarif | base64 -w0\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.
\nThe 202 Accepted, response includes an id value.\nYou can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.\nFor more information, see \"Get information about a SARIF upload.\"
Required. The SHA of the commit to which the analysis you are uploading relates.
", diff --git a/lib/rest/static/dereferenced/api.github.amrom.workers.dev.deref.json b/lib/rest/static/dereferenced/api.github.amrom.workers.dev.deref.json index f559a276f06b..1bc109dea155 100644 --- a/lib/rest/static/dereferenced/api.github.amrom.workers.dev.deref.json +++ b/lib/rest/static/dereferenced/api.github.amrom.workers.dev.deref.json @@ -164348,6 +164348,11 @@ }, "deletable": { "type": "boolean" + }, + "warning": { + "type": "string", + "description": "Warning generated when processing the analysis", + "example": "123 results were ignored" } }, "required": [ @@ -164363,7 +164368,8 @@ "url", "sarif_id", "tool", - "deletable" + "deletable", + "warning" ] } }, @@ -164387,7 +164393,8 @@ "guid": null, "version": "2.4.0" }, - "deletable": true + "deletable": true, + "warning": "" }, { "ref": "refs/heads/my-branch", @@ -164406,7 +164413,8 @@ "guid": null, "version": "1.2.0" }, - "deletable": true + "deletable": true, + "warning": "" } ] } @@ -164626,6 +164634,11 @@ }, "deletable": { "type": "boolean" + }, + "warning": { + "type": "string", + "description": "Warning generated when processing the analysis", + "example": "123 results were ignored" } }, "required": [ @@ -164641,7 +164654,8 @@ "url", "sarif_id", "tool", - "deletable" + "deletable", + "warning" ] }, "examples": { @@ -164664,7 +164678,8 @@ "guid": null, "version": "2.4.0" }, - "deletable": true + "deletable": true, + "warning": "" } } } @@ -164991,7 +165006,7 @@ "/repos/{owner}/{repo}/code-scanning/sarifs": { "post": { "summary": "Upload an analysis as SARIF data", - "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", + "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", "operationId": "code-scanning/upload-sarif", "tags": [ "code-scanning" diff --git a/lib/rest/static/dereferenced/ghes-2.22.deref.json b/lib/rest/static/dereferenced/ghes-2.22.deref.json index deec716a6b72..f73b948562b0 100644 --- a/lib/rest/static/dereferenced/ghes-2.22.deref.json +++ b/lib/rest/static/dereferenced/ghes-2.22.deref.json @@ -145573,6 +145573,11 @@ }, "deletable": { "type": "boolean" + }, + "warning": { + "type": "string", + "description": "Warning generated when processing the analysis", + "example": "123 results were ignored" } }, "required": [ @@ -145588,7 +145593,8 @@ "url", "sarif_id", "tool", - "deletable" + "deletable", + "warning" ] } }, @@ -145612,7 +145618,8 @@ "guid": null, "version": "2.4.0" }, - "deletable": true + "deletable": true, + "warning": "" }, { "ref": "refs/heads/my-branch", @@ -145631,7 +145638,8 @@ "guid": null, "version": "1.2.0" }, - "deletable": true + "deletable": true, + "warning": "" } ] } @@ -145726,7 +145734,7 @@ "/repos/{owner}/{repo}/code-scanning/sarifs": { "post": { "summary": "Upload an analysis as SARIF data", - "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", + "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", "operationId": "code-scanning/upload-sarif", "tags": [ "code-scanning" diff --git a/lib/rest/static/dereferenced/ghes-3.0.deref.json b/lib/rest/static/dereferenced/ghes-3.0.deref.json index 5044440c1da2..532bac8266ec 100644 --- a/lib/rest/static/dereferenced/ghes-3.0.deref.json +++ b/lib/rest/static/dereferenced/ghes-3.0.deref.json @@ -150856,6 +150856,11 @@ }, "deletable": { "type": "boolean" + }, + "warning": { + "type": "string", + "description": "Warning generated when processing the analysis", + "example": "123 results were ignored" } }, "required": [ @@ -150871,7 +150876,8 @@ "url", "sarif_id", "tool", - "deletable" + "deletable", + "warning" ] } }, @@ -150895,7 +150901,8 @@ "guid": null, "version": "2.4.0" }, - "deletable": true + "deletable": true, + "warning": "" }, { "ref": "refs/heads/my-branch", @@ -150914,7 +150921,8 @@ "guid": null, "version": "1.2.0" }, - "deletable": true + "deletable": true, + "warning": "" } ] } @@ -151009,7 +151017,7 @@ "/repos/{owner}/{repo}/code-scanning/sarifs": { "post": { "summary": "Upload an analysis as SARIF data", - "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", + "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", "operationId": "code-scanning/upload-sarif", "tags": [ "code-scanning" diff --git a/lib/rest/static/dereferenced/github.ae.deref.json b/lib/rest/static/dereferenced/github.ae.deref.json index e4fa0a176d16..2e50c3ce442d 100644 --- a/lib/rest/static/dereferenced/github.ae.deref.json +++ b/lib/rest/static/dereferenced/github.ae.deref.json @@ -131000,6 +131000,11 @@ }, "deletable": { "type": "boolean" + }, + "warning": { + "type": "string", + "description": "Warning generated when processing the analysis", + "example": "123 results were ignored" } }, "required": [ @@ -131015,7 +131020,8 @@ "url", "sarif_id", "tool", - "deletable" + "deletable", + "warning" ] } }, @@ -131039,7 +131045,8 @@ "guid": null, "version": "2.4.0" }, - "deletable": true + "deletable": true, + "warning": "" }, { "ref": "refs/heads/my-branch", @@ -131058,7 +131065,8 @@ "guid": null, "version": "1.2.0" }, - "deletable": true + "deletable": true, + "warning": "" } ] } @@ -131278,6 +131286,11 @@ }, "deletable": { "type": "boolean" + }, + "warning": { + "type": "string", + "description": "Warning generated when processing the analysis", + "example": "123 results were ignored" } }, "required": [ @@ -131293,7 +131306,8 @@ "url", "sarif_id", "tool", - "deletable" + "deletable", + "warning" ] }, "examples": { @@ -131316,7 +131330,8 @@ "guid": null, "version": "2.4.0" }, - "deletable": true + "deletable": true, + "warning": "" } } } @@ -131410,7 +131425,7 @@ "/repos/{owner}/{repo}/code-scanning/sarifs": { "post": { "summary": "Upload an analysis as SARIF data", - "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", + "description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"", "operationId": "code-scanning/upload-sarif", "tags": [ "code-scanning"