PATCH /enterprises/{enterprise}/code-security/configurations/{configuration_id}
Updates a code security configuration in an enterprise.
The authenticated user must be an administrator of the enterprise in order to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.
Servers
- https://api.github.com
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
configuration_id |
Integer | Yes |
The unique identifier of the code security configuration. |
enterprise |
String | Yes |
The slug version of the enterprise name. You can also substitute this value with the enterprise id. |
Request headers
| Name | Type | Required | Description |
|---|---|---|---|
Content-Type |
String | Yes |
The media type of the request body.
Default value: "application/json" |
Request body fields
| Name | Type | Required | Description |
|---|---|---|---|
dependency_graph_autosubmit_action_options |
Object | No |
Feature options for Automatic dependency submission |
dependency_graph_autosubmit_action_options.labeled_runners |
Boolean | No |
Whether to use runners labeled with 'dependency-submission' or standard GitHub runners. |
secret_scanning |
String | No |
The enablement status of secret scanning Possible values:
|
secret_scanning_non_provider_patterns |
String | No |
The enablement status of secret scanning non-provider patterns Possible values:
|
description |
String | No |
A description of the code security configuration |
secret_scanning_validity_checks |
String | No |
The enablement status of secret scanning validity checks Possible values:
|
secret_scanning_delegated_alert_dismissal |
String | No |
The enablement status of secret scanning delegated alert dismissal Possible values:
Default value: "disabled" |
secret_scanning_push_protection |
String | No |
The enablement status of secret scanning push protection Possible values:
|
dependency_graph_autosubmit_action |
String | No |
The enablement status of Automatic dependency submission Possible values:
|
code_scanning_default_setup |
String | No |
The enablement status of code scanning default setup Possible values:
|
secret_scanning_generic_secrets |
String | No |
The enablement status of Copilot secret scanning Possible values:
Default value: "disabled" |
dependabot_alerts |
String | No |
The enablement status of Dependabot alerts Possible values:
|
dependabot_security_updates |
String | No |
The enablement status of Dependabot security updates Possible values:
|
name |
String | No |
The name of the code security configuration. Must be unique across the enterprise. |
advanced_security |
String | No |
The enablement status of GitHub Advanced Security. Must be set to enabled if you want to enable any GHAS settings. Possible values:
|
private_vulnerability_reporting |
String | No |
The enablement status of private vulnerability reporting Possible values:
|
dependency_graph |
String | No |
The enablement status of Dependency Graph Possible values:
|
code_scanning_default_setup_options |
Object | No |
Feature options for code scanning default setup |
code_scanning_default_setup_options.runner_label |
String | No |
The label of the runner to use for code scanning default setup when runner_type is 'labeled'. |
code_scanning_default_setup_options.runner_type |
String | No |
Whether to use labeled runners or standard GitHub runners. Possible values:
|
code_scanning_delegated_alert_dismissal |
String | No |
The enablement status of code scanning delegated alert dismissal Possible values:
Default value: "disabled" |
enforcement |
String | No |
The enforcement status for a security configuration Possible values:
|
How to start integrating
- Add HTTP Task to your workflow definition.
- Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
- Click Test request to test run your request to the API and see the API's response.