jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 21:07:12 -05:00
Code Issues Projects Releases Wiki Activity

Update OpenAPI Descriptions (#19534)

Browse Source
This commit is contained in:
github-openapi-bot
2021-05-25 02:09:08 -04:00
committed by GitHub
parent 6e512a7ee0
commit 254598e4d5
10 changed files with 40 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/rest/static/decorated/api.github.com.json
View File

@@ -47100,7 +47100,7 @@
}
],
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -47137,12 +47137,12 @@
"childParamsGroups": []
},
"sarif": {
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
"checkout_uri": {
@@ -47195,7 +47195,7 @@
"category": "code-scanning",
"categoryLabel": "Code scanning",
"notes": [],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"bodyParameters": [
{
"description": "<p><strong>Required</strong>. The SHA of the commit to which the analysis you are uploading relates.</p>",
@@ -47219,12 +47219,12 @@
"childParamsGroups": []
},
{
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
{

12
lib/rest/static/decorated/ghes-2.22.json
View File

@@ -41208,7 +41208,7 @@
}
],
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -41245,12 +41245,12 @@
"childParamsGroups": []
},
"sarif": {
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/integrating-with-code-scanning/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/integrating-with-code-scanning/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
"checkout_uri": {
@@ -41303,7 +41303,7 @@
"category": "code-scanning",
"categoryLabel": "Code scanning",
"notes": [],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"bodyParameters": [
{
"description": "<p><strong>Required</strong>. The SHA of the commit to which the analysis you are uploading relates.</p>",
@@ -41327,12 +41327,12 @@
"childParamsGroups": []
},
{
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/integrating-with-code-scanning/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/integrating-with-code-scanning/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
{

12
lib/rest/static/decorated/ghes-3.0.json
View File

@@ -45679,7 +45679,7 @@
}
],
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -45716,12 +45716,12 @@
"childParamsGroups": []
},
"sarif": {
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.0/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.0/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.0/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.0/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
"checkout_uri": {
@@ -45774,7 +45774,7 @@
"category": "code-scanning",
"categoryLabel": "Code scanning",
"notes": [],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"bodyParameters": [
{
"description": "<p><strong>Required</strong>. The SHA of the commit to which the analysis you are uploading relates.</p>",
@@ -45798,12 +45798,12 @@
"childParamsGroups": []
},
{
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.0/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.0/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.0/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.0/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
{

12
lib/rest/static/decorated/ghes-3.1.json
View File

@@ -46276,7 +46276,7 @@
}
],
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -46313,12 +46313,12 @@
"childParamsGroups": []
},
"sarif": {
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.1/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.1/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.1/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.1/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
"checkout_uri": {
@@ -46371,7 +46371,7 @@
"category": "code-scanning",
"categoryLabel": "Code scanning",
"notes": [],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"bodyParameters": [
{
"description": "<p><strong>Required</strong>. The SHA of the commit to which the analysis you are uploading relates.</p>",
@@ -46395,12 +46395,12 @@
"childParamsGroups": []
},
{
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.1/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/enterprise-server@3.1/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.1/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.1/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
{

12
lib/rest/static/decorated/github.ae.json
View File

@@ -39326,7 +39326,7 @@
}
],
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -39363,12 +39363,12 @@
"childParamsGroups": []
},
"sarif": {
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/github-ae@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/github-ae@latest/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github-ae@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github-ae@latest/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
"checkout_uri": {
@@ -39421,7 +39421,7 @@
"category": "code-scanning",
"categoryLabel": "Code scanning",
"notes": [],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<p>SARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.</p>\n<p>The <code>202 Accepted</code>, response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using this for the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"bodyParameters": [
{
"description": "<p><strong>Required</strong>. The SHA of the commit to which the analysis you are uploading relates.</p>",
@@ -39445,12 +39445,12 @@
"childParamsGroups": []
},
{
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/github-ae@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"description": "<p><strong>Required</strong>. A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using <a href=\"http://www.gnu.org/software/gzip/manual/gzip.html\"><code>gzip</code></a> and then translate the contents of the file into a Base64 encoding string. For more information, see \"<a href=\"https://docs.github.com/github-ae@latest/code-security/secure-coding/sarif-support-for-code-scanning\">SARIF support for code scanning</a>.\"</p>",
"type": "string",
"name": "sarif",
"in": "body",
"rawType": "string",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github-ae@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"rawDescription": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github-ae@latest/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"childParamsGroups": []
},
{

4
lib/rest/static/dereferenced/api.github.com.deref.json
View File

@@ -164907,7 +164907,7 @@
"/repos/{owner}/{repo}/code-scanning/sarifs": {
"post": {
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -164952,7 +164952,7 @@
"description": "The full Git reference, formatted as `refs/heads/<branch name>`,\n`refs/pull/<number>/merge`, or `refs/pull/<number>/head`."
},
"sarif": {
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"type": "string"
},
"checkout_uri": {

4
lib/rest/static/dereferenced/ghes-2.22.deref.json
View File

@@ -145382,7 +145382,7 @@
"/repos/{owner}/{repo}/code-scanning/sarifs": {
"post": {
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/automatically-scanning-your-code-for-vulnerabilities-and-errors/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/automatically-scanning-your-code-for-vulnerabilities-and-errors/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -145427,7 +145427,7 @@
"description": "The full Git reference, formatted as `refs/heads/<branch name>`,\n`refs/pull/<number>/merge`, or `refs/pull/<number>/head`."
},
"sarif": {
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@2.22/github/finding-security-vulnerabilities-and-errors-in-your-code/integrating-with-code-scanning/sarif-support-for-code-scanning).\"",
"type": "string"
},
"checkout_uri": {

4
lib/rest/static/dereferenced/ghes-3.0.deref.json
View File

@@ -150785,7 +150785,7 @@
"/repos/{owner}/{repo}/code-scanning/sarifs": {
"post": {
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -150830,7 +150830,7 @@
"description": "The full Git reference, formatted as `refs/heads/<branch name>`,\n`refs/pull/<number>/merge`, or `refs/pull/<number>/head`."
},
"sarif": {
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.0/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.0/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"type": "string"
},
"checkout_uri": {

4
lib/rest/static/dereferenced/ghes-3.1.deref.json
View File

@@ -153387,7 +153387,7 @@
"/repos/{owner}/{repo}/code-scanning/sarifs": {
"post": {
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -153432,7 +153432,7 @@
"description": "The full Git reference, formatted as `refs/heads/<branch name>`,\n`refs/pull/<number>/merge`, or `refs/pull/<number>/head`."
},
"sarif": {
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.1/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/enterprise-server@3.1/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"type": "string"
},
"checkout_uri": {

4
lib/rest/static/dereferenced/github.ae.deref.json
View File

@@ -130930,7 +130930,7 @@
"/repos/{owner}/{repo}/code-scanning/sarifs": {
"post": {
"summary": "Upload an analysis as SARIF data",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/github/finding-security-vulnerabilities-and-errors-in-your-code/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/github/finding-security-vulnerabilities-and-errors-in-your-code/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"description": "Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.\n\nThere are two places where you can upload code scanning results.\n - If you upload to a pull request, for example `--ref refs/pull/42/merge` or `--ref refs/pull/42/head`, then the results appear as alerts in a pull request check. For more information, see \"[Triaging code scanning alerts in pull requests](/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests).\"\n - If you upload to a branch, for example `--ref refs/heads/my-branch`, then the results appear in the **Security** tab for your repository. For more information, see \"[Managing code scanning alerts for your repository](/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository).\"\n\nYou must compress the SARIF-formatted analysis data that you want to upload, using `gzip`, and then encode it as a Base64 format string. For example:\n\n```\ngzip -c analysis-data.sarif | base64 -w0\n```\n\nSARIF upload supports a maximum of 1000 results per analysis run. Any results over this limit are ignored. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries.\n\nThe `202 Accepted`, response includes an `id` value.\nYou can use this ID to check the status of the upload by using this for the `/sarifs/{sarif_id}` endpoint.\nFor more information, see \"[Get information about a SARIF upload](/rest/reference/code-scanning#get-information-about-a-sarif-upload).\"",
"operationId": "code-scanning/upload-sarif",
"tags": [
"code-scanning"
@@ -130975,7 +130975,7 @@
"description": "The full Git reference, formatted as `refs/heads/<branch name>`,\n`refs/pull/<number>/merge`, or `refs/pull/<number>/head`."
},
"sarif": {
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github-ae@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/sarif-support-for-code-scanning).\"",
"description": "A Base64 string representing the SARIF file to upload. You must first compress your SARIF file using [`gzip`](http://www.gnu.org/software/gzip/manual/gzip.html) and then translate the contents of the file into a Base64 encoding string. For more information, see \"[SARIF support for code scanning](https://docs.github.com/github-ae@latest/code-security/secure-coding/sarif-support-for-code-scanning).\"",
"type": "string"
},
"checkout_uri": {