From 8b38156a5acb2ec87d88cde2c260db2c86877084 Mon Sep 17 00:00:00 2001 From: Philip Holleran Date: Thu, 25 Feb 2021 09:38:38 -0600 Subject: [PATCH] chore(payloads): add code scanning examples (#371) Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com> Co-authored-by: wolfy1339 --- index.json | 599 ++++++++++++++++++ .../closed-by-user.payload.json | 206 ++++++ .../code_scanning_alert/created.payload.json | 187 ++++++ .../code_scanning_alert/fixed.payload.json | 206 ++++++ .../closed_by_user.schema.json | 9 +- .../code_scanning_alert/created.schema.json | 9 +- .../code_scanning_alert/fixed.schema.json | 13 +- .../code_scanning_alert/reopened.schema.json | 9 +- .../schemas/common/alert-instance.schema.json | 22 +- .../schemas/common/user.schema.json | 2 +- schema.d.ts | 36 +- 11 files changed, 1286 insertions(+), 12 deletions(-) create mode 100644 payload-examples/api.github.com/code_scanning_alert/closed-by-user.payload.json create mode 100644 payload-examples/api.github.com/code_scanning_alert/created.payload.json create mode 100644 payload-examples/api.github.com/code_scanning_alert/fixed.payload.json diff --git a/index.json b/index.json index a7429d11e..633d4b361 100644 --- a/index.json +++ b/index.json @@ -4727,6 +4727,605 @@ "site_admin": false } }, + { + "action": "closed_by_user", + "alert": { + "number": 10, + "created_at": "2021-02-11T02:49:18Z", + "url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10", + "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10", + "state": "dismissed", + "dismissed_by": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDQ6VXNlcjQwMDcxMjg=", + "avatar_url": "https://avatars.githubusercontent.com/u/4007128?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "User", + "site_admin": true + }, + "dismissed_at": "2021-02-11T02:59:08Z", + "dismissed_reason": "false positive", + "rule": { + "id": "ANCHOREVULN_CVE-2020-27218_java-archive_http2-hpack_9.4.27.v20200227", + "severity": "error", + "description": "CVE-2020-27218 Severity=Medium Package=http2-hpack Version=9.4.27.v20200227", + "name": "", + "full_description": "CVE-2020-27218 Severity=Medium Package=http2-hpack Version=9.4.27.v20200227", + "tags": null, + "help": null + }, + "tool": { + "name": "Anchore Container Vulnerability Report (T0)", + "guid": null, + "version": null + }, + "instances": [ + { + "ref": "refs/heads/master", + "analysis_key": ".github/workflows/container_scan.yml:container-scan", + "environment": "{}", + "state": "dismissed", + "commit_sha": "b30b5f3b935825766a22ab1bce14788bf9627f6c", + "message": { + "text": "" + }, + "location": { + "path": "/usr/local/jetty/lib/http2/http2-hpack-9.4.27.v20200227.jar", + "start_line": 1, + "end_line": 1, + "start_column": 1, + "end_column": 1 + }, + "classifications": ["library"] + } + ] + }, + "ref": "", + "commit_oid": "", + "repository": { + "id": 337911632, + "node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=", + "name": "Hello-World", + "full_name": "Codertocat/Hello-World", + "private": true, + "owner": { + "login": "Codertocat", + "id": 38940897, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "Organization", + "site_admin": false + }, + "html_url": "https://github.com/Codertocat/Hello-World", + "description": "", + "fork": false, + "url": "https://api.github.com/repos/Codertocat/Hello-World", + "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks", + "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams", + "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks", + "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}", + "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events", + "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}", + "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}", + "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags", + "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages", + "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers", + "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors", + "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription", + "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}", + "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges", + "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads", + "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}", + "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}", + "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}", + "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments", + "created_at": "2021-02-11T02:36:00Z", + "updated_at": "2021-02-11T02:46:41Z", + "pushed_at": "2021-02-11T02:47:04Z", + "git_url": "git://github.com/Codertocat/Hello-World.git", + "ssh_url": "org-38940897@github.com:Codertocat/Hello-World.git", + "clone_url": "https://github.com/Codertocat/Hello-World.git", + "svn_url": "https://github.com/Codertocat/Hello-World", + "homepage": "", + "size": 0, + "stargazers_count": 0, + "watchers_count": 0, + "language": "Java", + "has_issues": true, + "has_projects": false, + "has_downloads": false, + "has_wiki": false, + "has_pages": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 10, + "license": { + "key": "mit", + "name": "MIT License", + "spdx_id": "MIT", + "url": "https://api.github.com/licenses/mit", + "node_id": "MDc6TGljZW5zZTEz" + }, + "forks": 0, + "open_issues": 10, + "watchers": 0, + "default_branch": "master" + }, + "organization": { + "login": "Codertocat", + "id": 38940897, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "url": "https://api.github.com/orgs/Codertocat", + "repos_url": "https://api.github.com/orgs/Codertocat/repos", + "events_url": "https://api.github.com/orgs/Codertocat/events", + "hooks_url": "https://api.github.com/orgs/Codertocat/hooks", + "issues_url": "https://api.github.com/orgs/Codertocat/issues", + "members_url": "https://api.github.com/orgs/Codertocat/members{/member}", + "public_members_url": "https://api.github.com/orgs/Codertocat/public_members{/member}", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "description": "A collection of all demos managed by GitHub" + }, + "sender": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDQ6VXNlcjIxMDMxMDY3", + "avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "User", + "site_admin": false + }, + "installation": { + "id": 14662836, + "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY=" + } + }, + { + "action": "created", + "alert": { + "number": 10, + "created_at": "2021-02-11T03:10:43Z", + "url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10", + "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10", + "state": "open", + "dismissed_by": null, + "dismissed_at": null, + "dismissed_reason": null, + "rule": { + "id": "java/sql-injection", + "severity": "error", + "description": "Query built from user-controlled sources", + "name": "", + "full_description": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user.", + "tags": null, + "help": null + }, + "tool": { + "name": "CodeQL", + "guid": null, + "version": null + }, + "instances": [ + { + "ref": "refs/heads/code-feature", + "analysis_key": ".github/workflows/code-scanning.yml:build", + "environment": "{}", + "state": "open", + "commit_sha": "788437584c2522f27feab10d8e631bab3e9e783a", + "message": { + "text": "" + }, + "location": { + "path": "src/main/java/com/github/demo/service/BookService.java", + "start_line": 84, + "end_line": 84, + "start_column": 51, + "end_column": 56 + }, + "classifications": [] + } + ] + }, + "ref": "refs/heads/code-feature", + "commit_oid": "788437584c2522f27feab10d8e631bab3e9e783a", + "repository": { + "id": 337911632, + "node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=", + "name": "Hello-World", + "full_name": "Codertocat/Hello-World", + "private": true, + "owner": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "Organization", + "site_admin": false + }, + "html_url": "https://github.com/Codertocat/Hello-World", + "description": "", + "fork": false, + "url": "https://api.github.com/repos/Codertocat/Hello-World", + "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks", + "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams", + "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks", + "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}", + "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events", + "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}", + "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}", + "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags", + "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages", + "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers", + "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors", + "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription", + "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}", + "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges", + "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads", + "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}", + "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}", + "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}", + "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments", + "created_at": "2021-02-11T02:36:00Z", + "updated_at": "2021-02-11T02:46:41Z", + "pushed_at": "2021-02-11T03:08:42Z", + "git_url": "git://github.com/Codertocat/Hello-World.git", + "ssh_url": "org-38940897@github.com:Codertocat/Hello-World.git", + "clone_url": "https://github.com/Codertocat/Hello-World.git", + "svn_url": "https://github.com/Codertocat/Hello-World", + "homepage": "", + "size": 0, + "stargazers_count": 0, + "watchers_count": 0, + "language": "Java", + "has_issues": true, + "has_projects": false, + "has_downloads": false, + "has_wiki": false, + "has_pages": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 11, + "license": { + "key": "mit", + "name": "MIT License", + "spdx_id": "MIT", + "url": "https://api.github.com/licenses/mit", + "node_id": "MDc6TGljZW5zZTEz" + }, + "forks": 0, + "open_issues": 11, + "watchers": 0, + "default_branch": "master" + }, + "organization": { + "login": "Codertocat", + "id": 38940897, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "url": "https://api.github.com/orgs/Codertocat", + "repos_url": "https://api.github.com/orgs/Codertocat/repos", + "events_url": "https://api.github.com/orgs/Codertocat/events", + "hooks_url": "https://api.github.com/orgs/Codertocat/hooks", + "issues_url": "https://api.github.com/orgs/Codertocat/issues", + "members_url": "https://api.github.com/orgs/Codertocat/members{/member}", + "public_members_url": "https://api.github.com/orgs/Codertocat/public_members{/member}", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "description": "A collection of all demos managed by GitHub" + }, + "sender": { + "login": "github", + "id": 9919, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=", + "avatar_url": "https://avatars.githubusercontent.com/u/9919?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/github", + "html_url": "https://github.com/github", + "followers_url": "https://api.github.com/users/github/followers", + "following_url": "https://api.github.com/users/github/following{/other_user}", + "gists_url": "https://api.github.com/users/github/gists{/gist_id}", + "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/github/subscriptions", + "organizations_url": "https://api.github.com/users/github/orgs", + "repos_url": "https://api.github.com/users/github/repos", + "events_url": "https://api.github.com/users/github/events{/privacy}", + "received_events_url": "https://api.github.com/users/github/received_events", + "type": "Organization", + "site_admin": false + }, + "installation": { + "id": 14662836, + "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY=" + } + }, + { + "action": "fixed", + "alert": { + "number": 10, + "created_at": "2021-02-11T03:10:43Z", + "url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10", + "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10", + "state": "fixed", + "dismissed_by": null, + "dismissed_at": null, + "dismissed_reason": null, + "rule": { + "id": "java/sql-injection", + "severity": "error", + "description": "Query built from user-controlled sources", + "name": "", + "full_description": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user.", + "tags": null, + "help": null + }, + "tool": { + "name": "CodeQL", + "guid": null, + "version": null + }, + "most_recent_instance": { + "ref": "refs/pull/11/merge", + "analysis_key": ".github/workflows/code-scanning.yml:build", + "environment": "{}", + "state": "fixed", + "commit_sha": "0048a27ccd962b83b1bd781bbc6f7e8fd1b2caea", + "message": { + "text": "" + }, + "location": { + "path": "src/main/java/com/github/demo/service/BookService.java", + "start_line": 84, + "end_line": 84, + "start_column": 51, + "end_column": 56 + }, + "classifications": [] + }, + "instances_url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10/instances", + "instances": [ + { + "ref": "refs/pull/11/merge", + "analysis_key": ".github/workflows/code-scanning.yml:build", + "environment": "{}", + "state": "fixed", + "commit_sha": "0048a27ccd962b83b1bd781bbc6f7e8fd1b2caea", + "message": { + "text": "" + }, + "location": { + "path": "src/main/java/com/github/demo/service/BookService.java", + "start_line": 84, + "end_line": 84, + "start_column": 51, + "end_column": 56 + }, + "classifications": [] + } + ] + }, + "ref": "refs/pull/11/merge", + "commit_oid": "c5bf87afac650dbcb5fd97cfc22fcae5303da8e1", + "repository": { + "id": 337911632, + "node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=", + "name": "Hello-World", + "full_name": "Codertocat/Hello-World", + "private": true, + "owner": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDQ6VXNlcjIxMDMxMDY3", + "avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "User", + "site_admin": false + }, + "html_url": "https://github.com/Codertocat/Hello-World", + "description": "", + "fork": false, + "url": "https://api.github.com/repos/Codertocat/Hello-World", + "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks", + "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams", + "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks", + "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}", + "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events", + "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}", + "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}", + "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags", + "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages", + "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers", + "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors", + "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription", + "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}", + "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges", + "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads", + "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}", + "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}", + "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}", + "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments", + "created_at": "2021-02-11T02:36:00Z", + "updated_at": "2021-02-11T02:46:41Z", + "pushed_at": "2021-02-13T04:19:08Z", + "git_url": "git://github.com/Codertocat/Hello-World.git", + "ssh_url": "org-38940897@github.com:Codertocat/Hello-World.git", + "clone_url": "https://github.com/Codertocat/Hello-World.git", + "svn_url": "https://github.com/Codertocat/Hello-World", + "homepage": "", + "size": 533, + "stargazers_count": 0, + "watchers_count": 0, + "language": "Java", + "has_issues": true, + "has_projects": false, + "has_downloads": false, + "has_wiki": false, + "has_pages": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 11, + "license": { + "key": "mit", + "name": "MIT License", + "spdx_id": "MIT", + "url": "https://api.github.com/licenses/mit", + "node_id": "MDc6TGljZW5zZTEz" + }, + "forks": 0, + "open_issues": 11, + "watchers": 0, + "default_branch": "master" + }, + "organization": { + "login": "Octocoders", + "id": 6, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjY=", + "url": "https://api.github.com/orgs/Octocoders", + "repos_url": "https://api.github.com/orgs/Octocoders/repos", + "events_url": "https://api.github.com/orgs/Octocoders/events", + "hooks_url": "https://api.github.com/orgs/Octocoders/hooks", + "issues_url": "https://api.github.com/orgs/Octocoders/issues", + "members_url": "https://api.github.com/orgs/Octocoders/members{/member}", + "public_members_url": "https://api.github.com/orgs/Octocoders/public_members{/member}", + "avatar_url": "https://avatars0.githubusercontent.com/u/6?", + "description": "" + }, + "sender": { + "login": "github", + "id": 9919, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=", + "avatar_url": "https://avatars.githubusercontent.com/u/9919?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/github", + "html_url": "https://github.com/github", + "followers_url": "https://api.github.com/users/github/followers", + "following_url": "https://api.github.com/users/github/following{/other_user}", + "gists_url": "https://api.github.com/users/github/gists{/gist_id}", + "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/github/subscriptions", + "organizations_url": "https://api.github.com/users/github/orgs", + "repos_url": "https://api.github.com/users/github/repos", + "events_url": "https://api.github.com/users/github/events{/privacy}", + "received_events_url": "https://api.github.com/users/github/received_events", + "type": "Organization", + "site_admin": false + }, + "installation": { + "id": 14662836, + "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY=" + } + }, { "action": "reopened", "alert": { diff --git a/payload-examples/api.github.com/code_scanning_alert/closed-by-user.payload.json b/payload-examples/api.github.com/code_scanning_alert/closed-by-user.payload.json new file mode 100644 index 000000000..e53800fb1 --- /dev/null +++ b/payload-examples/api.github.com/code_scanning_alert/closed-by-user.payload.json @@ -0,0 +1,206 @@ +{ + "action": "closed_by_user", + "alert": { + "number": 10, + "created_at": "2021-02-11T02:49:18Z", + "url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10", + "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10", + "state": "dismissed", + "dismissed_by": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDQ6VXNlcjQwMDcxMjg=", + "avatar_url": "https://avatars.githubusercontent.com/u/4007128?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "User", + "site_admin": true + }, + "dismissed_at": "2021-02-11T02:59:08Z", + "dismissed_reason": "false positive", + "rule": { + "id": "ANCHOREVULN_CVE-2020-27218_java-archive_http2-hpack_9.4.27.v20200227", + "severity": "error", + "description": "CVE-2020-27218 Severity=Medium Package=http2-hpack Version=9.4.27.v20200227", + "name": "", + "full_description": "CVE-2020-27218 Severity=Medium Package=http2-hpack Version=9.4.27.v20200227", + "tags": null, + "help": null + }, + "tool": { + "name": "Anchore Container Vulnerability Report (T0)", + "guid": null, + "version": null + }, + "instances": [ + { + "ref": "refs/heads/master", + "analysis_key": ".github/workflows/container_scan.yml:container-scan", + "environment": "{}", + "state": "dismissed", + "commit_sha": "b30b5f3b935825766a22ab1bce14788bf9627f6c", + "message": { + "text": "" + }, + "location": { + "path": "/usr/local/jetty/lib/http2/http2-hpack-9.4.27.v20200227.jar", + "start_line": 1, + "end_line": 1, + "start_column": 1, + "end_column": 1 + }, + "classifications": ["library"] + } + ] + }, + "ref": "", + "commit_oid": "", + "repository": { + "id": 337911632, + "node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=", + "name": "Hello-World", + "full_name": "Codertocat/Hello-World", + "private": true, + "owner": { + "login": "Codertocat", + "id": 38940897, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "Organization", + "site_admin": false + }, + "html_url": "https://github.com/Codertocat/Hello-World", + "description": "", + "fork": false, + "url": "https://api.github.com/repos/Codertocat/Hello-World", + "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks", + "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams", + "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks", + "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}", + "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events", + "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}", + "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}", + "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags", + "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages", + "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers", + "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors", + "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription", + "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}", + "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges", + "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads", + "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}", + "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}", + "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}", + "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments", + "created_at": "2021-02-11T02:36:00Z", + "updated_at": "2021-02-11T02:46:41Z", + "pushed_at": "2021-02-11T02:47:04Z", + "git_url": "git://github.com/Codertocat/Hello-World.git", + "ssh_url": "org-38940897@github.com:Codertocat/Hello-World.git", + "clone_url": "https://github.com/Codertocat/Hello-World.git", + "svn_url": "https://github.com/Codertocat/Hello-World", + "homepage": "", + "size": 0, + "stargazers_count": 0, + "watchers_count": 0, + "language": "Java", + "has_issues": true, + "has_projects": false, + "has_downloads": false, + "has_wiki": false, + "has_pages": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 10, + "license": { + "key": "mit", + "name": "MIT License", + "spdx_id": "MIT", + "url": "https://api.github.com/licenses/mit", + "node_id": "MDc6TGljZW5zZTEz" + }, + "forks": 0, + "open_issues": 10, + "watchers": 0, + "default_branch": "master" + }, + "organization": { + "login": "Codertocat", + "id": 38940897, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "url": "https://api.github.com/orgs/Codertocat", + "repos_url": "https://api.github.com/orgs/Codertocat/repos", + "events_url": "https://api.github.com/orgs/Codertocat/events", + "hooks_url": "https://api.github.com/orgs/Codertocat/hooks", + "issues_url": "https://api.github.com/orgs/Codertocat/issues", + "members_url": "https://api.github.com/orgs/Codertocat/members{/member}", + "public_members_url": "https://api.github.com/orgs/Codertocat/public_members{/member}", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "description": "A collection of all demos managed by GitHub" + }, + "sender": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDQ6VXNlcjIxMDMxMDY3", + "avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "User", + "site_admin": false + }, + "installation": { + "id": 14662836, + "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY=" + } +} diff --git a/payload-examples/api.github.com/code_scanning_alert/created.payload.json b/payload-examples/api.github.com/code_scanning_alert/created.payload.json new file mode 100644 index 000000000..40a12da6e --- /dev/null +++ b/payload-examples/api.github.com/code_scanning_alert/created.payload.json @@ -0,0 +1,187 @@ +{ + "action": "created", + "alert": { + "number": 10, + "created_at": "2021-02-11T03:10:43Z", + "url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10", + "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10", + "state": "open", + "dismissed_by": null, + "dismissed_at": null, + "dismissed_reason": null, + "rule": { + "id": "java/sql-injection", + "severity": "error", + "description": "Query built from user-controlled sources", + "name": "", + "full_description": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user.", + "tags": null, + "help": null + }, + "tool": { + "name": "CodeQL", + "guid": null, + "version": null + }, + "instances": [ + { + "ref": "refs/heads/code-feature", + "analysis_key": ".github/workflows/code-scanning.yml:build", + "environment": "{}", + "state": "open", + "commit_sha": "788437584c2522f27feab10d8e631bab3e9e783a", + "message": { + "text": "" + }, + "location": { + "path": "src/main/java/com/github/demo/service/BookService.java", + "start_line": 84, + "end_line": 84, + "start_column": 51, + "end_column": 56 + }, + "classifications": [] + } + ] + }, + "ref": "refs/heads/code-feature", + "commit_oid": "788437584c2522f27feab10d8e631bab3e9e783a", + "repository": { + "id": 337911632, + "node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=", + "name": "Hello-World", + "full_name": "Codertocat/Hello-World", + "private": true, + "owner": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "Organization", + "site_admin": false + }, + "html_url": "https://github.com/Codertocat/Hello-World", + "description": "", + "fork": false, + "url": "https://api.github.com/repos/Codertocat/Hello-World", + "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks", + "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams", + "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks", + "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}", + "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events", + "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}", + "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}", + "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags", + "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages", + "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers", + "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors", + "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription", + "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}", + "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges", + "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads", + "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}", + "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}", + "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}", + "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments", + "created_at": "2021-02-11T02:36:00Z", + "updated_at": "2021-02-11T02:46:41Z", + "pushed_at": "2021-02-11T03:08:42Z", + "git_url": "git://github.com/Codertocat/Hello-World.git", + "ssh_url": "org-38940897@github.com:Codertocat/Hello-World.git", + "clone_url": "https://github.com/Codertocat/Hello-World.git", + "svn_url": "https://github.com/Codertocat/Hello-World", + "homepage": "", + "size": 0, + "stargazers_count": 0, + "watchers_count": 0, + "language": "Java", + "has_issues": true, + "has_projects": false, + "has_downloads": false, + "has_wiki": false, + "has_pages": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 11, + "license": { + "key": "mit", + "name": "MIT License", + "spdx_id": "MIT", + "url": "https://api.github.com/licenses/mit", + "node_id": "MDc6TGljZW5zZTEz" + }, + "forks": 0, + "open_issues": 11, + "watchers": 0, + "default_branch": "master" + }, + "organization": { + "login": "Codertocat", + "id": 38940897, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3", + "url": "https://api.github.com/orgs/Codertocat", + "repos_url": "https://api.github.com/orgs/Codertocat/repos", + "events_url": "https://api.github.com/orgs/Codertocat/events", + "hooks_url": "https://api.github.com/orgs/Codertocat/hooks", + "issues_url": "https://api.github.com/orgs/Codertocat/issues", + "members_url": "https://api.github.com/orgs/Codertocat/members{/member}", + "public_members_url": "https://api.github.com/orgs/Codertocat/public_members{/member}", + "avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4", + "description": "A collection of all demos managed by GitHub" + }, + "sender": { + "login": "github", + "id": 9919, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=", + "avatar_url": "https://avatars.githubusercontent.com/u/9919?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/github", + "html_url": "https://github.com/github", + "followers_url": "https://api.github.com/users/github/followers", + "following_url": "https://api.github.com/users/github/following{/other_user}", + "gists_url": "https://api.github.com/users/github/gists{/gist_id}", + "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/github/subscriptions", + "organizations_url": "https://api.github.com/users/github/orgs", + "repos_url": "https://api.github.com/users/github/repos", + "events_url": "https://api.github.com/users/github/events{/privacy}", + "received_events_url": "https://api.github.com/users/github/received_events", + "type": "Organization", + "site_admin": false + }, + "installation": { + "id": 14662836, + "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY=" + } +} diff --git a/payload-examples/api.github.com/code_scanning_alert/fixed.payload.json b/payload-examples/api.github.com/code_scanning_alert/fixed.payload.json new file mode 100644 index 000000000..62a46403f --- /dev/null +++ b/payload-examples/api.github.com/code_scanning_alert/fixed.payload.json @@ -0,0 +1,206 @@ +{ + "action": "fixed", + "alert": { + "number": 10, + "created_at": "2021-02-11T03:10:43Z", + "url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10", + "html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10", + "state": "fixed", + "dismissed_by": null, + "dismissed_at": null, + "dismissed_reason": null, + "rule": { + "id": "java/sql-injection", + "severity": "error", + "description": "Query built from user-controlled sources", + "name": "", + "full_description": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user.", + "tags": null, + "help": null + }, + "tool": { + "name": "CodeQL", + "guid": null, + "version": null + }, + "most_recent_instance": { + "ref": "refs/pull/11/merge", + "analysis_key": ".github/workflows/code-scanning.yml:build", + "environment": "{}", + "state": "fixed", + "commit_sha": "0048a27ccd962b83b1bd781bbc6f7e8fd1b2caea", + "message": { + "text": "" + }, + "location": { + "path": "src/main/java/com/github/demo/service/BookService.java", + "start_line": 84, + "end_line": 84, + "start_column": 51, + "end_column": 56 + }, + "classifications": [] + }, + "instances_url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10/instances", + "instances": [ + { + "ref": "refs/pull/11/merge", + "analysis_key": ".github/workflows/code-scanning.yml:build", + "environment": "{}", + "state": "fixed", + "commit_sha": "0048a27ccd962b83b1bd781bbc6f7e8fd1b2caea", + "message": { + "text": "" + }, + "location": { + "path": "src/main/java/com/github/demo/service/BookService.java", + "start_line": 84, + "end_line": 84, + "start_column": 51, + "end_column": 56 + }, + "classifications": [] + } + ] + }, + "ref": "refs/pull/11/merge", + "commit_oid": "c5bf87afac650dbcb5fd97cfc22fcae5303da8e1", + "repository": { + "id": 337911632, + "node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=", + "name": "Hello-World", + "full_name": "Codertocat/Hello-World", + "private": true, + "owner": { + "login": "Codertocat", + "id": 21031067, + "node_id": "MDQ6VXNlcjIxMDMxMDY3", + "avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Codertocat", + "html_url": "https://github.com/Codertocat", + "followers_url": "https://api.github.com/users/Codertocat/followers", + "following_url": "https://api.github.com/users/Codertocat/following{/other_user}", + "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions", + "organizations_url": "https://api.github.com/users/Codertocat/orgs", + "repos_url": "https://api.github.com/users/Codertocat/repos", + "events_url": "https://api.github.com/users/Codertocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/Codertocat/received_events", + "type": "User", + "site_admin": false + }, + "html_url": "https://github.com/Codertocat/Hello-World", + "description": "", + "fork": false, + "url": "https://api.github.com/repos/Codertocat/Hello-World", + "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks", + "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams", + "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks", + "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}", + "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events", + "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}", + "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}", + "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags", + "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages", + "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers", + "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors", + "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription", + "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}", + "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges", + "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads", + "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}", + "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}", + "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}", + "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments", + "created_at": "2021-02-11T02:36:00Z", + "updated_at": "2021-02-11T02:46:41Z", + "pushed_at": "2021-02-13T04:19:08Z", + "git_url": "git://github.com/Codertocat/Hello-World.git", + "ssh_url": "org-38940897@github.com:Codertocat/Hello-World.git", + "clone_url": "https://github.com/Codertocat/Hello-World.git", + "svn_url": "https://github.com/Codertocat/Hello-World", + "homepage": "", + "size": 533, + "stargazers_count": 0, + "watchers_count": 0, + "language": "Java", + "has_issues": true, + "has_projects": false, + "has_downloads": false, + "has_wiki": false, + "has_pages": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 11, + "license": { + "key": "mit", + "name": "MIT License", + "spdx_id": "MIT", + "url": "https://api.github.com/licenses/mit", + "node_id": "MDc6TGljZW5zZTEz" + }, + "forks": 0, + "open_issues": 11, + "watchers": 0, + "default_branch": "master" + }, + "organization": { + "login": "Octocoders", + "id": 6, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjY=", + "url": "https://api.github.com/orgs/Octocoders", + "repos_url": "https://api.github.com/orgs/Octocoders/repos", + "events_url": "https://api.github.com/orgs/Octocoders/events", + "hooks_url": "https://api.github.com/orgs/Octocoders/hooks", + "issues_url": "https://api.github.com/orgs/Octocoders/issues", + "members_url": "https://api.github.com/orgs/Octocoders/members{/member}", + "public_members_url": "https://api.github.com/orgs/Octocoders/public_members{/member}", + "avatar_url": "https://avatars0.githubusercontent.com/u/6?", + "description": "" + }, + "sender": { + "login": "github", + "id": 9919, + "node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=", + "avatar_url": "https://avatars.githubusercontent.com/u/9919?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/github", + "html_url": "https://github.com/github", + "followers_url": "https://api.github.com/users/github/followers", + "following_url": "https://api.github.com/users/github/following{/other_user}", + "gists_url": "https://api.github.com/users/github/gists{/gist_id}", + "starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/github/subscriptions", + "organizations_url": "https://api.github.com/users/github/orgs", + "repos_url": "https://api.github.com/users/github/repos", + "events_url": "https://api.github.com/users/github/events{/privacy}", + "received_events_url": "https://api.github.com/users/github/received_events", + "type": "Organization", + "site_admin": false + }, + "installation": { + "id": 14662836, + "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY=" + } +} diff --git a/payload-schemas/schemas/code_scanning_alert/closed_by_user.schema.json b/payload-schemas/schemas/code_scanning_alert/closed_by_user.schema.json index 320b77c0d..5daa55213 100644 --- a/payload-schemas/schemas/code_scanning_alert/closed_by_user.schema.json +++ b/payload-schemas/schemas/code_scanning_alert/closed_by_user.schema.json @@ -84,7 +84,11 @@ "description": { "type": "string", "description": "A short description of the rule used to detect the alert." - } + }, + "name": { "type": "string" }, + "full_description": { "type": "string" }, + "tags": { "type": "null" }, + "help": { "type": "null" } }, "additionalProperties": false }, @@ -99,7 +103,8 @@ "version": { "type": ["string", "null"], "description": "The version of the tool used to detect the alert." - } + }, + "guid": { "type": ["string", "null"] } }, "additionalProperties": false } diff --git a/payload-schemas/schemas/code_scanning_alert/created.schema.json b/payload-schemas/schemas/code_scanning_alert/created.schema.json index 098cdd74e..691a157b2 100644 --- a/payload-schemas/schemas/code_scanning_alert/created.schema.json +++ b/payload-schemas/schemas/code_scanning_alert/created.schema.json @@ -82,7 +82,11 @@ "description": { "type": "string", "description": "A short description of the rule used to detect the alert." - } + }, + "name": { "type": "string" }, + "full_description": { "type": "string" }, + "tags": { "type": "null" }, + "help": { "type": "null" } }, "additionalProperties": false }, @@ -97,7 +101,8 @@ "version": { "type": ["string", "null"], "description": "The version of the tool used to detect the alert." - } + }, + "guid": { "type": ["string", "null"] } }, "additionalProperties": false } diff --git a/payload-schemas/schemas/code_scanning_alert/fixed.schema.json b/payload-schemas/schemas/code_scanning_alert/fixed.schema.json index 452e6984c..66814237a 100644 --- a/payload-schemas/schemas/code_scanning_alert/fixed.schema.json +++ b/payload-schemas/schemas/code_scanning_alert/fixed.schema.json @@ -86,7 +86,11 @@ "description": { "type": "string", "description": "A short description of the rule used to detect the alert." - } + }, + "name": { "type": "string" }, + "full_description": { "type": "string" }, + "tags": { "type": "null" }, + "help": { "type": "null" } }, "additionalProperties": false }, @@ -101,10 +105,13 @@ "version": { "type": ["string", "null"], "description": "The version of the tool used to detect the alert." - } + }, + "guid": { "type": ["string", "null"] } }, "additionalProperties": false - } + }, + "most_recent_instance": { "$ref": "common/alert-instance.schema.json" }, + "instances_url": { "type": "string", "format": "uri" } }, "additionalProperties": false }, diff --git a/payload-schemas/schemas/code_scanning_alert/reopened.schema.json b/payload-schemas/schemas/code_scanning_alert/reopened.schema.json index 0d2b6a5a3..22fea53e6 100644 --- a/payload-schemas/schemas/code_scanning_alert/reopened.schema.json +++ b/payload-schemas/schemas/code_scanning_alert/reopened.schema.json @@ -82,7 +82,11 @@ "description": { "type": "string", "description": "A short description of the rule used to detect the alert." - } + }, + "name": { "type": "string" }, + "full_description": { "type": "string" }, + "tags": { "type": "null" }, + "help": { "type": "null" } }, "additionalProperties": false }, @@ -97,7 +101,8 @@ "version": { "type": ["string", "null"], "description": "The version of the tool used to detect the alert." - } + }, + "guid": { "type": ["string", "null"] } }, "additionalProperties": false } diff --git a/payload-schemas/schemas/common/alert-instance.schema.json b/payload-schemas/schemas/common/alert-instance.schema.json index 186ec8293..51aef146d 100644 --- a/payload-schemas/schemas/common/alert-instance.schema.json +++ b/payload-schemas/schemas/common/alert-instance.schema.json @@ -20,7 +20,27 @@ "type": "string", "description": "State of a code scanning alert.", "enum": ["open", "dismissed", "fixed"] - } + }, + "commit_sha": { "type": "string" }, + "message": { + "type": "object", + "properties": { + "text": { "type": "string" } + }, + "additionalProperties": false + }, + "location": { + "type": "object", + "properties": { + "path": { "type": "string" }, + "start_line": { "type": "integer" }, + "end_line": { "type": "integer" }, + "start_column": { "type": "integer" }, + "end_column": { "type": "integer" } + }, + "additionalProperties": false + }, + "classifications": { "type": "array", "items": { "type": "string" } } }, "additionalProperties": false, "title": "Alert Instance" diff --git a/payload-schemas/schemas/common/user.schema.json b/payload-schemas/schemas/common/user.schema.json index c265385cf..bc477746c 100644 --- a/payload-schemas/schemas/common/user.schema.json +++ b/payload-schemas/schemas/common/user.schema.json @@ -27,7 +27,7 @@ "id": { "type": "integer" }, "node_id": { "type": "string" }, "name": { "type": "string" }, - "email": { "type": "string" }, + "email": { "type": ["string", "null"] }, "avatar_url": { "type": "string", "format": "uri" }, "gravatar_id": { "type": "string" }, "url": { "type": "string", "format": "uri" }, diff --git a/schema.d.ts b/schema.d.ts index ca77d9235..a2e7341c9 100644 --- a/schema.d.ts +++ b/schema.d.ts @@ -414,7 +414,7 @@ export interface User { id: number; node_id: string; name?: string; - email?: string; + email?: string | null; avatar_url: string; gravatar_id: string; url: string; @@ -1079,6 +1079,18 @@ export interface AlertInstance { * State of a code scanning alert. */ state: "open" | "dismissed" | "fixed"; + commit_sha?: string; + message?: { + text?: string; + }; + location?: { + path?: string; + start_line?: number; + end_line?: number; + start_column?: number; + end_column?: number; + }; + classifications?: string[]; } export interface GitHubOrg { login: "github"; @@ -1147,6 +1159,10 @@ export interface CodeScanningAlertClosedByUserEvent { * A short description of the rule used to detect the alert. */ description: string; + name?: string; + full_description?: string; + tags?: null; + help?: null; }; tool: { /** @@ -1157,6 +1173,7 @@ export interface CodeScanningAlertClosedByUserEvent { * The version of the tool used to detect the alert. */ version: string | null; + guid?: string | null; }; }; /** @@ -1214,6 +1231,10 @@ export interface CodeScanningAlertCreatedEvent { * A short description of the rule used to detect the alert. */ description: string; + name?: string; + full_description?: string; + tags?: null; + help?: null; }; tool: { /** @@ -1224,6 +1245,7 @@ export interface CodeScanningAlertCreatedEvent { * The version of the tool used to detect the alert. */ version: string | null; + guid?: string | null; }; }; /** @@ -1281,6 +1303,10 @@ export interface CodeScanningAlertFixedEvent { * A short description of the rule used to detect the alert. */ description: string; + name?: string; + full_description?: string; + tags?: null; + help?: null; }; tool: { /** @@ -1291,7 +1317,10 @@ export interface CodeScanningAlertFixedEvent { * The version of the tool used to detect the alert. */ version: string | null; + guid?: string | null; }; + most_recent_instance?: AlertInstance; + instances_url?: string; }; /** * The full Git reference, formatted as `refs/heads/`. @@ -1348,6 +1377,10 @@ export interface CodeScanningAlertReopenedEvent { * A short description of the rule used to detect the alert. */ description: string; + name?: string; + full_description?: string; + tags?: null; + help?: null; }; tool: { /** @@ -1358,6 +1391,7 @@ export interface CodeScanningAlertReopenedEvent { * The version of the tool used to detect the alert. */ version: string | null; + guid?: string | null; }; }; /**