GraphQL API v4 - Checking whether VulnerabilityAlerts are enabled #24412

duckworth · 2019-06-18T21:39:55Z

duckworth
Jun 18, 2019

I cannot seem to detemine whether a repository truly has no security velnerabilities or whether security alerts are disabled for the reposistory as both seem to return empty vulnerabilityAlerts.

Is there a way I can determine the difference between having no vulnerabilityAlerts vs having security alerts disabled?

query:

{
  repository(name: "example-repo", owner: "example-owner") {
    vulnerabilityAlerts(first: 10) {
      nodes {
        id
      }
    }
  }
}

response:

{
  "data": {
    "repository": {
      "vulnerabilityAlerts": {
        "nodes": []
      }
    }
  }
}

Answered by duckworth

Jun 19, 2019

I found this response:

https://github.community/t5/GitHub-API-Development-and/Security-vulnerability-alerts/m-p/23416/highlight/true#M1660

which led me to the endpoint in the V3 api

/repos/:owner/:repo/vulnerability-alerts

which can be used to enable and disable vulnerability-alerts. It appears a GET request will return a 204 if enabled and a 404 if not.

View full answer

duckworth · 2019-06-19T16:18:37Z

duckworth
Jun 19, 2019
Author

I found this response:

https://github.community/t5/GitHub-API-Development-and/Security-vulnerability-alerts/m-p/23416/highlight/true#M1660

which led me to the endpoint in the V3 api

/repos/:owner/:repo/vulnerability-alerts

which can be used to enable and disable vulnerability-alerts. It appears a GET request will return a 204 if enabled and a 404 if not.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

GraphQL API v4 - Checking whether VulnerabilityAlerts are enabled #24412

{{title}}

Replies: 1 comment

{{title}}

Select a reply

GitHub Community

GraphQL API v4 - Checking whether VulnerabilityAlerts are enabled #24412

duckworth Jun 18, 2019

Replies: 1 comment

duckworth Jun 19, 2019 Author

duckworth
Jun 18, 2019

duckworth
Jun 19, 2019
Author