dependabotListAlertsForRepo
List Dependabot alerts for a repository
Details
- Method:
GET - Path:
/repos/{owner}/{repo}/dependabot/alerts - Operation ID:
dependabot/list-alerts-for-repo
Parameters
{
"owner": {
"description": "The account owner of the repository. The name is not case sensitive.",
"required": true,
"location": "path",
"type": "string"
},
"repo": {
"description": "The name of the repository without the `.git` extension. The name is not case sensitive.",
"required": true,
"location": "path",
"type": "string"
},
"state": {
"description": "A comma-separated list of states. If specified, only alerts with these states will be returned.\n\nCan be: `auto_dismissed`, `dismissed`, `fixed`, `open`",
"required": false,
"location": "query",
"type": "string"
},
"severity": {
"description": "A comma-separated list of severities. If specified, only alerts with these severities will be returned.\n\nCan be: `low`, `medium`, `high`, `critical`",
"required": false,
"location": "query",
"type": "string"
},
"ecosystem": {
"description": "A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.\n\nCan be: `composer`, `go`, `maven`, `npm`, `nuget`, `pip`, `pub`, `rubygems`, `rust`",
"required": false,
"location": "query",
"type": "string"
},
"package": {
"description": "A comma-separated list of package names. If specified, only alerts for these packages will be returned.",
"required": false,
"location": "query",
"type": "string"
},
"manifest": {
"description": "A comma-separated list of full manifest paths. If specified, only alerts for these manifests will be returned.",
"required": false,
"location": "query",
"type": "string"
},
"epss_percentage": {
"description": "CVE Exploit Prediction Scoring System (EPSS) percentage. Can be specified as:\n- An exact number (`n`)\n- Comparators such as `>n`, `<n`, `>=n`, `<=n`\n- A range like `n..n`, where `n` is a number from 0.0 to 1.0\n\nFilters the list of alerts based on EPSS percentages. If specified, only alerts with the provided EPSS percentages will be returned.",
"required": false,
"location": "query",
"type": "string"
},
"has": {
"description": "Filters the list of alerts based on whether the alert has the given value. If specified, only alerts meeting this criterion will be returned.\nMultiple `has` filters can be passed to filter for alerts that have all of the values. Currently, only `patch` is supported.",
"required": false,
"location": "query",
"type": "string"
},
"scope": {
"description": "The scope of the vulnerable dependency. If specified, only alerts with this scope will be returned.",
"required": false,
"location": "query",
"type": "string",
"enum": [
"development",
"runtime"
]
},
"sort": {
"description": "The property by which to sort the results.\n`created` means when the alert was created.\n`updated` means when the alert's state last changed.\n`epss_percentage` sorts alerts by the Exploit Prediction Scoring System (EPSS) percentage.",
"required": false,
"location": "query",
"type": "string",
"enum": [
"created",
"updated",
"epss_percentage"
]
},
"direction": {
"description": "The direction to sort the results by.",
"required": false,
"location": "query",
"type": "string",
"enum": [
"asc",
"desc"
]
},
"per_page": {
"description": "The number of results per page (max 100). For more information, see \"[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api).\"",
"required": false,
"location": "query",
"type": "integer"
},
"before": {
"description": "A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for results before this cursor. For more information, see \"[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api).\"",
"required": false,
"location": "query",
"type": "string"
},
"after": {
"description": "A cursor, as given in the [Link header](https://docs.github.com/rest/guides/using-pagination-in-the-rest-api#using-link-headers). If specified, the query only searches for results after this cursor. For more information, see \"[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api).\"",
"required": false,
"location": "query",
"type": "string"
}
}Response Schema
{
"type": "array",
"items": {
"type": "object",
"description": "A Dependabot alert.",
"properties": {
"number": {
"type": "integer",
"description": "The security alert number.",
"readOnly": true
},
"state": {
"type": "string",
"description": "The state of the Dependabot alert.",
"readOnly": true,
"enum": [
"auto_dismissed",
"dismissed",
"fixed",
"open"
]
},
"dependency": {
"type": "object",
"description": "Details for the vulnerable dependency.",
"readOnly": true,
"properties": {
"package": {
"type": "object",
"description": "Details for the vulnerable package.",
"readOnly": true,
"properties": {
"ecosystem": {
"type": "string",
"description": "The package's language or package management ecosystem.",
"readOnly": true
},
"name": {
"type": "string",
"description": "The unique package name within its ecosystem.",
"readOnly": true
}
},
"required": [
"ecosystem",
"name"
],
"additionalProperties": false
},
"manifest_path": {
"type": "string",
"description": "The full path to the dependency manifest file, relative to the root of the repository.",
"readOnly": true
},
"scope": {
"type": "string",
"description": "The execution scope of the vulnerable dependency.",
"readOnly": true,
"nullable": true,
"enum": [
"development",
"runtime"
]
},
"relationship": {
"type": "string",
"description": "The vulnerable dependency's relationship to your project.\n\n> [!NOTE]\n> We are rolling out support for dependency relationship across ecosystems. This value will be \"unknown\" for all dependencies in unsupported ecosystems.\n",
"readOnly": true,
"nullable": true,
"enum": [
"unknown",
"direct",
"transitive"
]
}
}
},
"security_advisory": {
"type": "object",
"description": "Details for the GitHub Security Advisory.",
"readOnly": true,
"properties": {
"ghsa_id": {
"type": "string",
"description": "The unique GitHub Security Advisory ID assigned to the advisory.",
"readOnly": true
},
"cve_id": {
"type": "string",
"description": "The unique CVE ID assigned to the advisory.",
"readOnly": true,
"nullable": true
},
"summary": {
"type": "string",
"description": "A short, plain text summary of the advisory.",
"readOnly": true,
"maxLength": 1024
},
"description": {
"type": "string",
"description": "A long-form Markdown-supported description of the advisory.",
"readOnly": true
},
"vulnerabilities": {
"type": "array",
"description": "Vulnerable version range information for the advisory.",
"readOnly": true,
"items": {
"type": "object",
"description": "Details pertaining to one vulnerable version range for the advisory.",
"readOnly": true,
"properties": {
"package": {
"type": "object",
"description": "Details for the vulnerable package.",
"readOnly": true,
"properties": {
"ecosystem": {
"type": "string",
"description": "The package's language or package management ecosystem.",
"readOnly": true
},
"name": {
"type": "string",
"description": "The unique package name within its ecosystem.",
"readOnly": true
}
},
"required": [
"ecosystem",
"name"
],
"additionalProperties": false
},
"severity": {
"type": "string",
"description": "The severity of the vulnerability.",
"readOnly": true,
"enum": [
"low",
"medium",
"high",
"critical"
]
},
"vulnerable_version_range": {
"type": "string",
"description": "Conditions that identify vulnerable versions of this vulnerability's package.",
"readOnly": true
},
"first_patched_version": {
"type": "object",
"description": "Details pertaining to the package version that patches this vulnerability.",
"readOnly": true,
"nullable": true,
"properties": {
"identifier": {
"type": "string",
"description": "The package version that patches this vulnerability.",
"readOnly": true
}
},
"required": [
"identifier"
],
"additionalProperties": false
}
},
"required": [
"package",
"severity",
"vulnerable_version_range",
"first_patched_version"
],
"additionalProperties": false
}
},
"severity": {
"type": "string",
"description": "The severity of the advisory.",
"readOnly": true,
"enum": [
"low",
"medium",
"high",
"critical"
]
},
"cvss": {
"type": "object",
"description": "Details for the advisory pertaining to the Common Vulnerability Scoring System.",
"readOnly": true,
"properties": {
"score": {
"type": "number",
"description": "The overall CVSS score of the advisory.",
"minimum": 0,
"maximum": 10,
"readOnly": true
},
"vector_string": {
"type": "string",
"description": "The full CVSS vector string for the advisory.",
"readOnly": true,
"nullable": true
}
},
"required": [
"score",
"vector_string"
],
"additionalProperties": false
},
"cvss_severities": {
"type": "object",
"nullable": true,
"properties": {
"cvss_v3": {
"type": "object",
"nullable": true,
"properties": {
"vector_string": {
"type": "string",
"description": "The CVSS 3 vector string.",
"nullable": true
},
"score": {
"type": "number",
"description": "The CVSS 3 score.",
"minimum": 0,
"maximum": 10,
"nullable": true,
"readOnly": true
}
},
"required": [
"vector_string",
"score"
]
},
"cvss_v4": {
"type": "object",
"nullable": true,
"properties": {
"vector_string": {
"type": "string",
"description": "The CVSS 4 vector string.",
"nullable": true
},
"score": {
"type": "number",
"description": "The CVSS 4 score.",
"minimum": 0,
"maximum": 10,
"nullable": true,
"readOnly": true
}
},
"required": [
"vector_string",
"score"
]
}
}
},
"epss": {
"type": "object",
"nullable": true,
"readOnly": true,
"description": "The EPSS scores as calculated by the [Exploit Prediction Scoring System](https://www.first.org/epss).",
"properties": {
"percentage": {
"type": "number",
"minimum": 0,
"maximum": 100
},
"percentile": {
"type": "number",
"minimum": 0,
"maximum": 100
}
}
},
"cwes": {
"type": "array",
"description": "Details for the advisory pertaining to Common Weakness Enumeration.",
"readOnly": true,
"items": {
"type": "object",
"description": "A CWE weakness assigned to the advisory.",
"readOnly": true,
"properties": {
"cwe_id": {
"type": "string",
"description": "The unique CWE ID.",
"readOnly": true
},
"name": {
"type": "string",
"description": "The short, plain text name of the CWE.",
"readOnly": true
}
},
"required": [
"cwe_id",
"name"
],
"additionalProperties": false
}
},
"identifiers": {
"type": "array",
"description": "Values that identify this advisory among security information sources.",
"readOnly": true,
"items": {
"type": "object",
"description": "An advisory identifier.",
"readOnly": true,
"properties": {
"type": {
"type": "string",
"description": "The type of advisory identifier.",
"readOnly": true,
"enum": [
"CVE",
"GHSA"
]
},
"value": {
"type": "string",
"description": "The value of the advisory identifer.",
"readOnly": true
}
},
"required": [
"value",
"type"
],
"additionalProperties": false
}
},
"references": {
"type": "array",
"description": "Links to additional advisory information.",
"readOnly": true,
"items": {
"type": "object",
"description": "A link to additional advisory information.",
"readOnly": true,
"properties": {
"url": {
"type": "string",
"description": "The URL of the reference.",
"format": "uri",
"readOnly": true
}
},
"required": [
"url"
],
"additionalProperties": false
}
},
"published_at": {
"type": "string",
"description": "The time that the advisory was published in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true
},
"updated_at": {
"type": "string",
"description": "The time that the advisory was last modified in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true
},
"withdrawn_at": {
"type": "string",
"description": "The time that the advisory was withdrawn in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true,
"nullable": true
}
},
"required": [
"ghsa_id",
"cve_id",
"summary",
"description",
"vulnerabilities",
"severity",
"cvss",
"cwes",
"identifiers",
"references",
"published_at",
"updated_at",
"withdrawn_at"
],
"additionalProperties": false
},
"security_vulnerability": {
"type": "object",
"description": "Details pertaining to one vulnerable version range for the advisory.",
"readOnly": true,
"properties": {
"package": {
"type": "object",
"description": "Details for the vulnerable package.",
"readOnly": true,
"properties": {
"ecosystem": {
"type": "string",
"description": "The package's language or package management ecosystem.",
"readOnly": true
},
"name": {
"type": "string",
"description": "The unique package name within its ecosystem.",
"readOnly": true
}
},
"required": [
"ecosystem",
"name"
],
"additionalProperties": false
},
"severity": {
"type": "string",
"description": "The severity of the vulnerability.",
"readOnly": true,
"enum": [
"low",
"medium",
"high",
"critical"
]
},
"vulnerable_version_range": {
"type": "string",
"description": "Conditions that identify vulnerable versions of this vulnerability's package.",
"readOnly": true
},
"first_patched_version": {
"type": "object",
"description": "Details pertaining to the package version that patches this vulnerability.",
"readOnly": true,
"nullable": true,
"properties": {
"identifier": {
"type": "string",
"description": "The package version that patches this vulnerability.",
"readOnly": true
}
},
"required": [
"identifier"
],
"additionalProperties": false
}
},
"required": [
"package",
"severity",
"vulnerable_version_range",
"first_patched_version"
],
"additionalProperties": false
},
"url": {
"type": "string",
"description": "The REST API URL of the alert resource.",
"format": "uri",
"readOnly": true
},
"html_url": {
"type": "string",
"description": "The GitHub URL of the alert resource.",
"format": "uri",
"readOnly": true
},
"created_at": {
"type": "string",
"description": "The time that the alert was created in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true
},
"updated_at": {
"type": "string",
"description": "The time that the alert was last updated in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true
},
"dismissed_at": {
"type": "string",
"description": "The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true,
"nullable": true
},
"dismissed_by": {
"title": "Simple User",
"description": "A GitHub user.",
"type": "object",
"properties": {
"name": {
"nullable": true,
"type": "string"
},
"email": {
"nullable": true,
"type": "string"
},
"login": {
"type": "string",
"example": "octocat"
},
"id": {
"type": "integer",
"format": "int64",
"example": 1
},
"node_id": {
"type": "string",
"example": "MDQ6VXNlcjE="
},
"avatar_url": {
"type": "string",
"format": "uri",
"example": "https://github.com/images/error/octocat_happy.gif"
},
"gravatar_id": {
"type": "string",
"example": "41d064eb2195891e12d0413f63227ea7",
"nullable": true
},
"url": {
"type": "string",
"format": "uri",
"example": "https://api.github.com/users/octocat"
},
"html_url": {
"type": "string",
"format": "uri",
"example": "https://github.com/octocat"
},
"followers_url": {
"type": "string",
"format": "uri",
"example": "https://api.github.com/users/octocat/followers"
},
"following_url": {
"type": "string",
"example": "https://api.github.com/users/octocat/following{/other_user}"
},
"gists_url": {
"type": "string",
"example": "https://api.github.com/users/octocat/gists{/gist_id}"
},
"starred_url": {
"type": "string",
"example": "https://api.github.com/users/octocat/starred{/owner}{/repo}"
},
"subscriptions_url": {
"type": "string",
"format": "uri",
"example": "https://api.github.com/users/octocat/subscriptions"
},
"organizations_url": {
"type": "string",
"format": "uri",
"example": "https://api.github.com/users/octocat/orgs"
},
"repos_url": {
"type": "string",
"format": "uri",
"example": "https://api.github.com/users/octocat/repos"
},
"events_url": {
"type": "string",
"example": "https://api.github.com/users/octocat/events{/privacy}"
},
"received_events_url": {
"type": "string",
"format": "uri",
"example": "https://api.github.com/users/octocat/received_events"
},
"type": {
"type": "string",
"example": "User"
},
"site_admin": {
"type": "boolean"
},
"starred_at": {
"type": "string",
"example": "\"2020-07-09T00:17:55Z\""
},
"user_view_type": {
"type": "string",
"example": "public"
}
},
"required": [
"avatar_url",
"events_url",
"followers_url",
"following_url",
"gists_url",
"gravatar_id",
"html_url",
"id",
"node_id",
"login",
"organizations_url",
"received_events_url",
"repos_url",
"site_admin",
"starred_url",
"subscriptions_url",
"type",
"url"
],
"nullable": true
},
"dismissed_reason": {
"type": "string",
"description": "The reason that the alert was dismissed.",
"nullable": true,
"enum": [
"fix_started",
"inaccurate",
"no_bandwidth",
"not_used",
"tolerable_risk"
]
},
"dismissed_comment": {
"type": "string",
"description": "An optional comment associated with the alert's dismissal.",
"nullable": true,
"maxLength": 280
},
"fixed_at": {
"type": "string",
"description": "The time that the alert was no longer detected and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true,
"nullable": true
},
"auto_dismissed_at": {
"type": "string",
"description": "The time that the alert was auto-dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.",
"format": "date-time",
"readOnly": true,
"nullable": true
},
"dismissal_request": {
"title": "Dependabot alert dismissal request",
"description": "Information about an active dismissal request for this Dependabot alert.",
"type": "object",
"nullable": true,
"properties": {
"id": {
"type": "integer",
"description": "The unique identifier of the dismissal request."
},
"status": {
"type": "string",
"description": "The current status of the dismissal request.",
"enum": [
"pending",
"approved",
"rejected",
"cancelled"
]
},
"requester": {
"type": "object",
"description": "The user who requested the dismissal.",
"properties": {
"id": {
"type": "integer",
"description": "The unique identifier of the user."
},
"login": {
"type": "string",
"description": "The login name of the user."
}
}
},
"created_at": {
"type": "string",
"format": "date-time",
"description": "The date and time when the dismissal request was created."
},
"url": {
"type": "string",
"format": "uri",
"description": "The API URL to get more information about this dismissal request."
}
}
}
},
"required": [
"number",
"state",
"dependency",
"security_advisory",
"security_vulnerability",
"url",
"html_url",
"created_at",
"updated_at",
"dismissed_at",
"dismissed_by",
"dismissed_reason",
"dismissed_comment",
"fixed_at"
],
"additionalProperties": false
}
}Usage
from ocp_agent import OCPAgent
agent = OCPAgent()
await agent.register_api('github')
# Call this tool
result = await agent.call_tool('dependabotListAlertsForRepo', {
# Add required parameters here
})