Secret Scanning¶
This part of the documentation covers all the secretscanning APIs.
SecretScanning¶
- class ghastoolkit.SecretScanning(repository: Repository | None = None)¶
Secret Scanning API.
- __init__(repository: Repository | None = None) None¶
Initialise Secret Scanning API.
- getAlert(alert_number: int, state: str | None = None) SecretAlert | None¶
Get Alert by alert_number.
Permissions: - “Secret scanning alerts” repository permissions (read)
https://docs.github.com/en/rest/secret-scanning#get-a-secret-scanning-alert
- getAlertLocations(alert_number: int) list[dict]¶
Get Alert Locations by alert_number.
Permissions: - “Secret scanning alerts” repository permissions (read)
https://docs.github.com/en/rest/secret-scanning#list-locations-for-a-secret-scanning-alert
- getAlerts(state: str = 'open') list[SecretAlert]¶
Get Repository alerts.
Permissions: - “Secret scanning alerts” repository permissions (read)
https://docs.github.com/en/rest/secret-scanning#list-secret-scanning-alerts-for-a-repository
- getAlertsInPR() list[SecretAlert]¶
Get Alerts in a Pull Request.
Permissions: - “Secret scanning alerts” repository permissions (read) - “Pull requests” repository permissions (read)
- getOrganizationAlerts(state: str | None = None) list[dict]¶
Get Organization Alerts.
Permissions: - “Secret scanning alerts” repository permissions (read)
https://docs.github.com/en/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
- getStatus() dict¶
Get Status of GitHub Advanced Security.
- isEnabled() bool¶
Check to see if Secret Scanning is enabled or not via the repository status.
Permissions: - “Administration” repository permissions (read)
https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#get-a-repository
- isPushProtectionEnabled() bool¶
Check if Push Protection is enabled.
Permissions: - “Administration” repository permissions (read)
https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#get-a-repository
SecretAlert¶
- class ghastoolkit.SecretAlert(number: int, state: str, secret_type: str, secret_type_display_name: str, secret: str, created_at: str, resolved_at: str | None = None, resolved_by: dict[str, ~typing.Any] | None = None, push_protection_bypassed: bool = False, push_protection_bypassed_by: dict[str, ~typing.Any] | None = None, push_protection_bypassed_at: str | None = None, resolution_comment: str | None = None, validity: str = 'unknown', _locations: list[dict] = <factory>, _sha: str | None = None)¶
Secret Scanning Alert.
- property commit_sha: str | None¶
Get commit sha if present.
- created_at: str¶
Created Timestamp
- property locations: list[dict]¶
Get Alert locations. Uses a cached version or request from API.
- property mttr: timedelta | None¶
Calculate Mean Time To Resolution / Remidiate (MTTR) for a closed/fixed alert.
- number: int¶
Number / Identifier
- push_protection_bypassed: bool = False¶
Push Protection Bypassed
- push_protection_bypassed_at: str | None = None¶
Push Protection Bypassed At
- push_protection_bypassed_by: dict[str, Any] | None = None¶
Push Protection Bypassed By
- resolution_comment: str | None = None¶
Resolution Comment
- resolved_at: str | None = None¶
Resolved Timestamp
- resolved_by: dict[str, Any] | None = None¶
Resolved By
- secret: str¶
Secret value (sensitive)
- secret_type: str¶
Secret Scanning type
- secret_type_display_name: str¶
Secret Scanning type display name
- state: str¶
Alert State
- validity: str = 'unknown'¶
Validity of secret
