github.com/google/go-github/v74@v74.0.0/github/code_scanning.go (about) 1 // Copyright 2020 The go-github AUTHORS. All rights reserved. 2 // 3 // Use of this source code is governed by a BSD-style 4 // license that can be found in the LICENSE file. 5 6 package github 7 8 import ( 9 "context" 10 "encoding/json" 11 "errors" 12 "fmt" 13 "strconv" 14 "strings" 15 ) 16 17 // CodeScanningService handles communication with the code scanning related 18 // methods of the GitHub API. 19 // 20 // GitHub API docs: https://docs.github.com/rest/code-scanning 21 type CodeScanningService service 22 23 // Rule represents the complete details of GitHub Code Scanning alert type. 24 type Rule struct { 25 ID *string `json:"id,omitempty"` 26 Severity *string `json:"severity,omitempty"` 27 Description *string `json:"description,omitempty"` 28 Name *string `json:"name,omitempty"` 29 SecuritySeverityLevel *string `json:"security_severity_level,omitempty"` 30 FullDescription *string `json:"full_description,omitempty"` 31 Tags []string `json:"tags,omitempty"` 32 Help *string `json:"help,omitempty"` 33 } 34 35 // Location represents the exact location of the GitHub Code Scanning Alert in the scanned project. 36 type Location struct { 37 Path *string `json:"path,omitempty"` 38 StartLine *int `json:"start_line,omitempty"` 39 EndLine *int `json:"end_line,omitempty"` 40 StartColumn *int `json:"start_column,omitempty"` 41 EndColumn *int `json:"end_column,omitempty"` 42 } 43 44 // Message is a part of MostRecentInstance struct which provides the appropriate message when any action is performed on the analysis object. 45 type Message struct { 46 Text *string `json:"text,omitempty"` 47 } 48 49 // MostRecentInstance provides details of the most recent instance of this alert for the default branch or for the specified Git reference. 50 type MostRecentInstance struct { 51 Ref *string `json:"ref,omitempty"` 52 AnalysisKey *string `json:"analysis_key,omitempty"` 53 Category *string `json:"category,omitempty"` 54 Environment *string `json:"environment,omitempty"` 55 State *string `json:"state,omitempty"` 56 CommitSHA *string `json:"commit_sha,omitempty"` 57 Message *Message `json:"message,omitempty"` 58 Location *Location `json:"location,omitempty"` 59 HTMLURL *string `json:"html_url,omitempty"` 60 Classifications []string `json:"classifications,omitempty"` 61 } 62 63 // Tool represents the tool used to generate a GitHub Code Scanning Alert. 64 type Tool struct { 65 Name *string `json:"name,omitempty"` 66 GUID *string `json:"guid,omitempty"` 67 Version *string `json:"version,omitempty"` 68 } 69 70 // Alert represents an individual GitHub Code Scanning Alert on a single repository. 71 // 72 // GitHub API docs: https://docs.github.com/rest/code-scanning 73 type Alert struct { 74 Number *int `json:"number,omitempty"` 75 Repository *Repository `json:"repository,omitempty"` 76 RuleID *string `json:"rule_id,omitempty"` 77 RuleSeverity *string `json:"rule_severity,omitempty"` 78 RuleDescription *string `json:"rule_description,omitempty"` 79 Rule *Rule `json:"rule,omitempty"` 80 Tool *Tool `json:"tool,omitempty"` 81 CreatedAt *Timestamp `json:"created_at,omitempty"` 82 UpdatedAt *Timestamp `json:"updated_at,omitempty"` 83 FixedAt *Timestamp `json:"fixed_at,omitempty"` 84 State *string `json:"state,omitempty"` 85 ClosedBy *User `json:"closed_by,omitempty"` 86 ClosedAt *Timestamp `json:"closed_at,omitempty"` 87 URL *string `json:"url,omitempty"` 88 HTMLURL *string `json:"html_url,omitempty"` 89 MostRecentInstance *MostRecentInstance `json:"most_recent_instance,omitempty"` 90 Instances []*MostRecentInstance `json:"instances,omitempty"` 91 DismissedBy *User `json:"dismissed_by,omitempty"` 92 DismissedAt *Timestamp `json:"dismissed_at,omitempty"` 93 DismissedReason *string `json:"dismissed_reason,omitempty"` 94 DismissedComment *string `json:"dismissed_comment,omitempty"` 95 InstancesURL *string `json:"instances_url,omitempty"` 96 } 97 98 // ID returns the ID associated with an alert. It is the number at the end of the security alert's URL. 99 func (a *Alert) ID() int64 { 100 if a == nil { 101 return 0 102 } 103 104 s := a.GetHTMLURL() 105 106 // Check for an ID to parse at the end of the url 107 if i := strings.LastIndex(s, "/"); i >= 0 { 108 s = s[i+1:] 109 } 110 111 // Return the alert ID as a 64-bit integer. Unable to convert or out of range returns 0. 112 id, err := strconv.ParseInt(s, 10, 64) 113 if err != nil { 114 return 0 115 } 116 117 return id 118 } 119 120 // AlertInstancesListOptions specifies optional parameters to the CodeScanningService.ListAlertInstances method. 121 type AlertInstancesListOptions struct { 122 // Return code scanning alert instances for a specific branch reference. 123 // The ref can be formatted as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge 124 Ref string `url:"ref,omitempty"` 125 126 ListOptions 127 } 128 129 // AlertListOptions specifies optional parameters to the CodeScanningService.ListAlerts method. 130 type AlertListOptions struct { 131 // State of the code scanning alerts to list. Set to closed to list only closed code scanning alerts. Default: open 132 State string `url:"state,omitempty"` 133 134 // Return code scanning alerts for a specific branch reference. 135 // The ref can be formatted as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge 136 Ref string `url:"ref,omitempty"` 137 138 // If specified, only code scanning alerts with this severity will be returned. Possible values are: critical, high, medium, low, warning, note, error. 139 Severity string `url:"severity,omitempty"` 140 141 // The name of a code scanning tool. Only results by this tool will be listed. 142 ToolName string `url:"tool_name,omitempty"` 143 144 // The GUID of a code scanning tool. Only results by this tool will be listed. 145 ToolGUID string `url:"tool_guid,omitempty"` 146 147 // The direction to sort the results by. Possible values are: asc, desc. Default: desc. 148 Direction string `url:"direction,omitempty"` 149 150 // The property by which to sort the results. Possible values are: created, updated. Default: created. 151 Sort string `url:"sort,omitempty"` 152 153 ListCursorOptions 154 155 // Add ListOptions so offset pagination with integer type "page" query parameter is accepted 156 // since ListCursorOptions accepts "page" as string only. 157 ListOptions 158 } 159 160 // AnalysesListOptions specifies optional parameters to the CodeScanningService.ListAnalysesForRepo method. 161 type AnalysesListOptions struct { 162 // Return code scanning analyses belonging to the same SARIF upload. 163 SarifID *string `url:"sarif_id,omitempty"` 164 165 // Return code scanning analyses for a specific branch reference. 166 // The ref can be formatted as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge 167 Ref *string `url:"ref,omitempty"` 168 169 ListOptions 170 } 171 172 // CodeQLDatabase represents a metadata about the CodeQL database. 173 // 174 // GitHub API docs: https://docs.github.com/rest/code-scanning 175 type CodeQLDatabase struct { 176 ID *int64 `json:"id,omitempty"` 177 Name *string `json:"name,omitempty"` 178 Language *string `json:"language,omitempty"` 179 Uploader *User `json:"uploader,omitempty"` 180 ContentType *string `json:"content_type,omitempty"` 181 Size *int64 `json:"size,omitempty"` 182 CreatedAt *Timestamp `json:"created_at,omitempty"` 183 UpdatedAt *Timestamp `json:"updated_at,omitempty"` 184 URL *string `json:"url,omitempty"` 185 } 186 187 // ScanningAnalysis represents an individual GitHub Code Scanning ScanningAnalysis on a single repository. 188 // 189 // GitHub API docs: https://docs.github.com/rest/code-scanning 190 type ScanningAnalysis struct { 191 ID *int64 `json:"id,omitempty"` 192 Ref *string `json:"ref,omitempty"` 193 CommitSHA *string `json:"commit_sha,omitempty"` 194 AnalysisKey *string `json:"analysis_key,omitempty"` 195 Environment *string `json:"environment,omitempty"` 196 Error *string `json:"error,omitempty"` 197 Category *string `json:"category,omitempty"` 198 CreatedAt *Timestamp `json:"created_at,omitempty"` 199 ResultsCount *int `json:"results_count,omitempty"` 200 RulesCount *int `json:"rules_count,omitempty"` 201 URL *string `json:"url,omitempty"` 202 SarifID *string `json:"sarif_id,omitempty"` 203 Tool *Tool `json:"tool,omitempty"` 204 Deletable *bool `json:"deletable,omitempty"` 205 Warning *string `json:"warning,omitempty"` 206 } 207 208 // SarifAnalysis specifies the results of a code scanning job. 209 // 210 // GitHub API docs: https://docs.github.com/rest/code-scanning 211 type SarifAnalysis struct { 212 CommitSHA *string `json:"commit_sha,omitempty"` 213 Ref *string `json:"ref,omitempty"` 214 Sarif *string `json:"sarif,omitempty"` 215 CheckoutURI *string `json:"checkout_uri,omitempty"` 216 StartedAt *Timestamp `json:"started_at,omitempty"` 217 ToolName *string `json:"tool_name,omitempty"` 218 } 219 220 // CodeScanningAlertState specifies the state of a code scanning alert. 221 // 222 // GitHub API docs: https://docs.github.com/rest/code-scanning 223 type CodeScanningAlertState struct { 224 // State sets the state of the code scanning alert and is a required field. 225 // You must also provide DismissedReason when you set the state to "dismissed". 226 // State can be one of: "open", "dismissed". 227 State string `json:"state"` 228 // DismissedReason represents the reason for dismissing or closing the alert. 229 // It is required when the state is "dismissed". 230 // It can be one of: "false positive", "won't fix", "used in tests". 231 DismissedReason *string `json:"dismissed_reason,omitempty"` 232 // DismissedComment is associated with the dismissal of the alert. 233 DismissedComment *string `json:"dismissed_comment,omitempty"` 234 } 235 236 // SarifID identifies a sarif analysis upload. 237 // 238 // GitHub API docs: https://docs.github.com/rest/code-scanning 239 type SarifID struct { 240 ID *string `json:"id,omitempty"` 241 URL *string `json:"url,omitempty"` 242 } 243 244 // ListAlertsForOrg lists code scanning alerts for an org. 245 // 246 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events 247 // read permission to use this endpoint. 248 // 249 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-an-organization 250 // 251 //meta:operation GET /orgs/{org}/code-scanning/alerts 252 func (s *CodeScanningService) ListAlertsForOrg(ctx context.Context, org string, opts *AlertListOptions) ([]*Alert, *Response, error) { 253 u := fmt.Sprintf("orgs/%v/code-scanning/alerts", org) 254 u, err := addOptions(u, opts) 255 if err != nil { 256 return nil, nil, err 257 } 258 259 req, err := s.client.NewRequest("GET", u, nil) 260 if err != nil { 261 return nil, nil, err 262 } 263 264 var alerts []*Alert 265 resp, err := s.client.Do(ctx, req, &alerts) 266 if err != nil { 267 return nil, resp, err 268 } 269 270 return alerts, resp, nil 271 } 272 273 // ListAlertsForRepo lists code scanning alerts for a repository. 274 // 275 // Lists all open code scanning alerts for the default branch (usually master) and protected branches in a repository. 276 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events 277 // read permission to use this endpoint. 278 // 279 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-a-repository 280 // 281 //meta:operation GET /repos/{owner}/{repo}/code-scanning/alerts 282 func (s *CodeScanningService) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *AlertListOptions) ([]*Alert, *Response, error) { 283 u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts", owner, repo) 284 u, err := addOptions(u, opts) 285 if err != nil { 286 return nil, nil, err 287 } 288 289 req, err := s.client.NewRequest("GET", u, nil) 290 if err != nil { 291 return nil, nil, err 292 } 293 294 var alerts []*Alert 295 resp, err := s.client.Do(ctx, req, &alerts) 296 if err != nil { 297 return nil, resp, err 298 } 299 300 return alerts, resp, nil 301 } 302 303 // GetAlert gets a single code scanning alert for a repository. 304 // 305 // You must use an access token with the security_events scope to use this endpoint. 306 // GitHub Apps must have the security_events read permission to use this endpoint. 307 // 308 // The security alert_id is the number at the end of the security alert's URL. 309 // 310 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-code-scanning-alert 311 // 312 //meta:operation GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number} 313 func (s *CodeScanningService) GetAlert(ctx context.Context, owner, repo string, id int64) (*Alert, *Response, error) { 314 u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v", owner, repo, id) 315 316 req, err := s.client.NewRequest("GET", u, nil) 317 if err != nil { 318 return nil, nil, err 319 } 320 321 a := new(Alert) 322 resp, err := s.client.Do(ctx, req, a) 323 if err != nil { 324 return nil, resp, err 325 } 326 327 return a, resp, nil 328 } 329 330 // UpdateAlert updates the state of a single code scanning alert for a repository. 331 // 332 // You must use an access token with the security_events scope to use this endpoint. 333 // GitHub Apps must have the security_events read permission to use this endpoint. 334 // 335 // The security alert_id is the number at the end of the security alert's URL. 336 // 337 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#update-a-code-scanning-alert 338 // 339 //meta:operation PATCH /repos/{owner}/{repo}/code-scanning/alerts/{alert_number} 340 func (s *CodeScanningService) UpdateAlert(ctx context.Context, owner, repo string, id int64, stateInfo *CodeScanningAlertState) (*Alert, *Response, error) { 341 u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v", owner, repo, id) 342 343 req, err := s.client.NewRequest("PATCH", u, stateInfo) 344 if err != nil { 345 return nil, nil, err 346 } 347 348 a := new(Alert) 349 resp, err := s.client.Do(ctx, req, a) 350 if err != nil { 351 return nil, resp, err 352 } 353 354 return a, resp, nil 355 } 356 357 // ListAlertInstances lists instances of a code scanning alert. 358 // 359 // You must use an access token with the security_events scope to use this endpoint. 360 // GitHub Apps must have the security_events read permission to use this endpoint. 361 // 362 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-instances-of-a-code-scanning-alert 363 // 364 //meta:operation GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances 365 func (s *CodeScanningService) ListAlertInstances(ctx context.Context, owner, repo string, id int64, opts *AlertInstancesListOptions) ([]*MostRecentInstance, *Response, error) { 366 u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v/instances", owner, repo, id) 367 u, err := addOptions(u, opts) 368 if err != nil { 369 return nil, nil, err 370 } 371 372 req, err := s.client.NewRequest("GET", u, nil) 373 if err != nil { 374 return nil, nil, err 375 } 376 377 var alertInstances []*MostRecentInstance 378 resp, err := s.client.Do(ctx, req, &alertInstances) 379 if err != nil { 380 return nil, resp, err 381 } 382 383 return alertInstances, resp, nil 384 } 385 386 // UploadSarif uploads the result of code scanning job to GitHub. 387 // 388 // For the parameter sarif, you must first compress your SARIF file using gzip and then translate the contents of the file into a Base64 encoding string. 389 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events 390 // write permission to use this endpoint. 391 // 392 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data 393 // 394 //meta:operation POST /repos/{owner}/{repo}/code-scanning/sarifs 395 func (s *CodeScanningService) UploadSarif(ctx context.Context, owner, repo string, sarif *SarifAnalysis) (*SarifID, *Response, error) { 396 u := fmt.Sprintf("repos/%v/%v/code-scanning/sarifs", owner, repo) 397 398 req, err := s.client.NewRequest("POST", u, sarif) 399 if err != nil { 400 return nil, nil, err 401 } 402 403 // This will always return an error without unmarshaling the data 404 resp, err := s.client.Do(ctx, req, nil) 405 // Even though there was an error, we still return the response 406 // in case the caller wants to inspect it further. 407 // However, if the error is AcceptedError, decode it below before 408 // returning from this function and closing the response body. 409 var acceptedError *AcceptedError 410 if !errors.As(err, &acceptedError) { 411 return nil, resp, err 412 } 413 sarifID := new(SarifID) 414 decErr := json.Unmarshal(acceptedError.Raw, sarifID) 415 if decErr != nil { 416 return nil, resp, decErr 417 } 418 419 return sarifID, resp, nil 420 } 421 422 // SARIFUpload represents information about a SARIF upload. 423 type SARIFUpload struct { 424 // `pending` files have not yet been processed, while `complete` means results from the SARIF have been stored. 425 // `failed` files have either not been processed at all, or could only be partially processed. 426 ProcessingStatus *string `json:"processing_status,omitempty"` 427 // The REST API URL for getting the analyses associated with the upload. 428 AnalysesURL *string `json:"analyses_url,omitempty"` 429 } 430 431 // GetSARIF gets information about a SARIF upload. 432 // 433 // You must use an access token with the security_events scope to use this endpoint. 434 // GitHub Apps must have the security_events read permission to use this endpoint. 435 // 436 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-information-about-a-sarif-upload 437 // 438 //meta:operation GET /repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id} 439 func (s *CodeScanningService) GetSARIF(ctx context.Context, owner, repo, sarifID string) (*SARIFUpload, *Response, error) { 440 u := fmt.Sprintf("repos/%v/%v/code-scanning/sarifs/%v", owner, repo, sarifID) 441 442 req, err := s.client.NewRequest("GET", u, nil) 443 if err != nil { 444 return nil, nil, err 445 } 446 447 sarifUpload := new(SARIFUpload) 448 resp, err := s.client.Do(ctx, req, sarifUpload) 449 if err != nil { 450 return nil, resp, err 451 } 452 453 return sarifUpload, resp, nil 454 } 455 456 // ListAnalysesForRepo lists code scanning analyses for a repository. 457 // 458 // Lists the details of all code scanning analyses for a repository, starting with the most recent. 459 // You must use an access token with the security_events scope to use this endpoint. 460 // GitHub Apps must have the security_events read permission to use this endpoint. 461 // 462 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-code-scanning-analyses-for-a-repository 463 // 464 //meta:operation GET /repos/{owner}/{repo}/code-scanning/analyses 465 func (s *CodeScanningService) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts *AnalysesListOptions) ([]*ScanningAnalysis, *Response, error) { 466 u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses", owner, repo) 467 u, err := addOptions(u, opts) 468 if err != nil { 469 return nil, nil, err 470 } 471 472 req, err := s.client.NewRequest("GET", u, nil) 473 if err != nil { 474 return nil, nil, err 475 } 476 477 var analyses []*ScanningAnalysis 478 resp, err := s.client.Do(ctx, req, &analyses) 479 if err != nil { 480 return nil, resp, err 481 } 482 483 return analyses, resp, nil 484 } 485 486 // GetAnalysis gets a single code scanning analysis for a repository. 487 // 488 // You must use an access token with the security_events scope to use this endpoint. 489 // GitHub Apps must have the security_events read permission to use this endpoint. 490 // 491 // The security analysis_id is the ID of the analysis, as returned from the ListAnalysesForRepo operation. 492 // 493 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-code-scanning-analysis-for-a-repository 494 // 495 //meta:operation GET /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id} 496 func (s *CodeScanningService) GetAnalysis(ctx context.Context, owner, repo string, id int64) (*ScanningAnalysis, *Response, error) { 497 u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses/%v", owner, repo, id) 498 499 req, err := s.client.NewRequest("GET", u, nil) 500 if err != nil { 501 return nil, nil, err 502 } 503 504 analysis := new(ScanningAnalysis) 505 resp, err := s.client.Do(ctx, req, analysis) 506 if err != nil { 507 return nil, resp, err 508 } 509 510 return analysis, resp, nil 511 } 512 513 // DeleteAnalysis represents a successful deletion of a code scanning analysis. 514 type DeleteAnalysis struct { 515 // Next deletable analysis in chain, without last analysis deletion confirmation 516 NextAnalysisURL *string `json:"next_analysis_url,omitempty"` 517 // Next deletable analysis in chain, with last analysis deletion confirmation 518 ConfirmDeleteURL *string `json:"confirm_delete_url,omitempty"` 519 } 520 521 // DeleteAnalysis deletes a single code scanning analysis from a repository. 522 // 523 // You must use an access token with the repo scope to use this endpoint. 524 // GitHub Apps must have the security_events read permission to use this endpoint. 525 // 526 // The security analysis_id is the ID of the analysis, as returned from the ListAnalysesForRepo operation. 527 // 528 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#delete-a-code-scanning-analysis-from-a-repository 529 // 530 //meta:operation DELETE /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id} 531 func (s *CodeScanningService) DeleteAnalysis(ctx context.Context, owner, repo string, id int64) (*DeleteAnalysis, *Response, error) { 532 u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses/%v", owner, repo, id) 533 534 req, err := s.client.NewRequest("DELETE", u, nil) 535 if err != nil { 536 return nil, nil, err 537 } 538 539 deleteAnalysis := new(DeleteAnalysis) 540 resp, err := s.client.Do(ctx, req, deleteAnalysis) 541 if err != nil { 542 return nil, resp, err 543 } 544 545 return deleteAnalysis, resp, nil 546 } 547 548 // ListCodeQLDatabases lists the CodeQL databases that are available in a repository. 549 // 550 // You must use an access token with the security_events scope to use this endpoint. 551 // GitHub Apps must have the contents read permission to use this endpoint. 552 // 553 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-codeql-databases-for-a-repository 554 // 555 //meta:operation GET /repos/{owner}/{repo}/code-scanning/codeql/databases 556 func (s *CodeScanningService) ListCodeQLDatabases(ctx context.Context, owner, repo string) ([]*CodeQLDatabase, *Response, error) { 557 u := fmt.Sprintf("repos/%v/%v/code-scanning/codeql/databases", owner, repo) 558 559 req, err := s.client.NewRequest("GET", u, nil) 560 if err != nil { 561 return nil, nil, err 562 } 563 564 var codeqlDatabases []*CodeQLDatabase 565 resp, err := s.client.Do(ctx, req, &codeqlDatabases) 566 if err != nil { 567 return nil, resp, err 568 } 569 570 return codeqlDatabases, resp, nil 571 } 572 573 // GetCodeQLDatabase gets a CodeQL database for a language in a repository. 574 // 575 // You must use an access token with the security_events scope to use this endpoint. 576 // GitHub Apps must have the contents read permission to use this endpoint. 577 // 578 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-codeql-database-for-a-repository 579 // 580 //meta:operation GET /repos/{owner}/{repo}/code-scanning/codeql/databases/{language} 581 func (s *CodeScanningService) GetCodeQLDatabase(ctx context.Context, owner, repo, language string) (*CodeQLDatabase, *Response, error) { 582 u := fmt.Sprintf("repos/%v/%v/code-scanning/codeql/databases/%v", owner, repo, language) 583 584 req, err := s.client.NewRequest("GET", u, nil) 585 if err != nil { 586 return nil, nil, err 587 } 588 589 codeqlDatabase := new(CodeQLDatabase) 590 resp, err := s.client.Do(ctx, req, codeqlDatabase) 591 if err != nil { 592 return nil, resp, err 593 } 594 595 return codeqlDatabase, resp, nil 596 } 597 598 // DefaultSetupConfiguration represents a code scanning default setup configuration. 599 type DefaultSetupConfiguration struct { 600 State *string `json:"state,omitempty"` 601 Languages []string `json:"languages,omitempty"` 602 QuerySuite *string `json:"query_suite,omitempty"` 603 UpdatedAt *Timestamp `json:"updated_at,omitempty"` 604 } 605 606 // GetDefaultSetupConfiguration gets a code scanning default setup configuration. 607 // 608 // You must use an access token with the repo scope to use this 609 // endpoint with private repos or the public_repo scope for public repos. GitHub Apps must have the repo write 610 // permission to use this endpoint. 611 // 612 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-code-scanning-default-setup-configuration 613 // 614 //meta:operation GET /repos/{owner}/{repo}/code-scanning/default-setup 615 func (s *CodeScanningService) GetDefaultSetupConfiguration(ctx context.Context, owner, repo string) (*DefaultSetupConfiguration, *Response, error) { 616 u := fmt.Sprintf("repos/%s/%s/code-scanning/default-setup", owner, repo) 617 618 req, err := s.client.NewRequest("GET", u, nil) 619 if err != nil { 620 return nil, nil, err 621 } 622 623 cfg := new(DefaultSetupConfiguration) 624 resp, err := s.client.Do(ctx, req, cfg) 625 if err != nil { 626 return nil, resp, err 627 } 628 629 return cfg, resp, nil 630 } 631 632 // UpdateDefaultSetupConfigurationOptions specifies parameters to the CodeScanningService.UpdateDefaultSetupConfiguration 633 // method. 634 type UpdateDefaultSetupConfigurationOptions struct { 635 State string `json:"state"` 636 QuerySuite *string `json:"query_suite,omitempty"` 637 Languages []string `json:"languages,omitempty"` 638 } 639 640 // UpdateDefaultSetupConfigurationResponse represents a response from updating a code scanning default setup configuration. 641 type UpdateDefaultSetupConfigurationResponse struct { 642 RunID *int64 `json:"run_id,omitempty"` 643 RunURL *string `json:"run_url,omitempty"` 644 } 645 646 // UpdateDefaultSetupConfiguration updates a code scanning default setup configuration. 647 // 648 // You must use an access token with the repo scope to use this 649 // endpoint with private repos or the public_repo scope for public repos. GitHub Apps must have the repo write 650 // permission to use this endpoint. 651 // 652 // This method might return an AcceptedError and a status code of 202. This is because this is the status that GitHub 653 // returns to signify that it has now scheduled the update of the pull request branch in a background task. 654 // 655 // GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#update-a-code-scanning-default-setup-configuration 656 // 657 //meta:operation PATCH /repos/{owner}/{repo}/code-scanning/default-setup 658 func (s *CodeScanningService) UpdateDefaultSetupConfiguration(ctx context.Context, owner, repo string, options *UpdateDefaultSetupConfigurationOptions) (*UpdateDefaultSetupConfigurationResponse, *Response, error) { 659 u := fmt.Sprintf("repos/%s/%s/code-scanning/default-setup", owner, repo) 660 661 req, err := s.client.NewRequest("PATCH", u, options) 662 if err != nil { 663 return nil, nil, err 664 } 665 666 a := new(UpdateDefaultSetupConfigurationResponse) 667 resp, err := s.client.Do(ctx, req, a) 668 if err != nil { 669 return nil, resp, err 670 } 671 672 return a, resp, nil 673 }