Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copilot Lvl 2
Message 1 of 2

GraphQL API v4 - Checking whether VulnerabilityAlerts are enabled

Solved! Go to Solution.

I cannot seem to detemine whether a repository truly has no security velnerabilities or whether security alerts are disabled for the reposistory as both seem to return empty vulnerabilityAlerts.

Is there a way I can determine the difference between having no vulnerabilityAlerts vs having security alerts disabled?

 

query:

 

{
  repository(name: "example-repo", owner: "example-owner") {
    vulnerabilityAlerts(first: 10) {
      nodes {
        id
      }
    }
  }
}

 

 

response:

 

{
  "data": {
    "repository": {
      "vulnerabilityAlerts": {
        "nodes": []
      }
    }
  }
}

 

 

 

1 Reply
Solution
Copilot Lvl 2
Message 2 of 2

Re: GraphQL API v4 - Checking whether VulnerabilityAlerts are enabled

I found this response:

https://github.community/t5/GitHub-API-Development-and/Security-vulnerability-alerts/m-p/23416/highl...

 

which led me to the endpoint in the V3 api

/repos/:owner/:repo/vulnerability-alerts

which can be used to enable and disable vulnerability-alerts. It appears a GET request will return a 204 if enabled and a 404 if not.