Secret scanning alerts functionality

examples/get_code_scanning_alerts.rs

@@ -0,0 +1,61 @@
+use http::header::ACCEPT;
+use octocrab::params::AlertState;
+use octocrab::Octocrab;
+
+const OWNER: &str = "org";
+const REPO: &str = "some-repo";
+
+#[tokio::main]
+async fn main() {
+    // example for Code Scanning alerts API with OAuth GitHub App
+    let client_id = secrecy::SecretString::from(std::env::var("GITHUB_CLIENT_ID").unwrap());
+    let crab = octocrab::Octocrab::builder()
+        .base_uri("https://github.com")
+        .unwrap()
+        .add_header(ACCEPT, "application/json".to_string())
+        .build()
+        .unwrap();
+
+    let codes = crab
+        .authenticate_as_device(&client_id, ["security_events"])
+        .await
+        .unwrap();
+    println!(
+        "Go to {} and enter code {}",
+        codes.verification_uri, codes.user_code
+    );
+    let auth = codes.poll_until_available(&crab, &client_id).await.unwrap();
+    println!(
+        "Auth: scope {:?}; token type {}",
+        auth.scope, auth.token_type
+    );
+    let octocrab = Octocrab::builder()
+        .oauth(auth)
+        .add_header(ACCEPT, "application/vnd.github+json".to_string())
+        .build()
+        .unwrap();
+    // Get all Code Scanning alerts for a repo
+    let a = octocrab
+        .code_scannings(OWNER.to_owned(), REPO.to_owned())
+        .list()
+        .send()
+        .await
+        .unwrap();
+    println!("{:?}", a);
+    // Get a single Code Scanning alert
+    let single_alert = octocrab
+        .code_scannings(OWNER.to_owned(), REPO.to_owned())
+        .get(1)
+        .await
+        .unwrap();
+    println!("{:?}", single_alert);
+    // Update (Open) a Code Scanning alert
+    let updated_alert = octocrab
+        .code_scannings(OWNER.to_owned(), REPO.to_owned())
+        .update(1)
+        .state(AlertState::Open)
+        .send()
+        .await
+        .unwrap();
+    println!("{:?}", updated_alert);
+}

examples/get_secret_scanning_alerts.rs

@@ -0,0 +1,69 @@
+use http::header::ACCEPT;
+use octocrab::models::repos::secret_scanning_alert::UpdateSecretScanningAlert;
+use octocrab::Octocrab;
+
+const OWNER: &str = "org";
+const REPO: &str = "some-repo";
+
+#[tokio::main]
+async fn main() {
+    // example for Secret Scanning alerts API with OAuth GitHub App
+    let client_id = secrecy::SecretString::from(std::env::var("GITHUB_CLIENT_ID").unwrap());
+    let crab = octocrab::Octocrab::builder()
+        .base_uri("https://github.com")
+        .unwrap()
+        .add_header(ACCEPT, "application/json".to_string())
+        .build()
+        .unwrap();
+
+    let codes = crab
+        .authenticate_as_device(&client_id, ["security_events"])
+        .await
+        .unwrap();
+    println!(
+        "Go to {} and enter code {}",
+        codes.verification_uri, codes.user_code
+    );
+    let auth = codes.poll_until_available(&crab, &client_id).await.unwrap();
+    println!(
+        "Auth: scope {:?}; token type {}",
+        auth.scope, auth.token_type
+    );
+    let octocrab = Octocrab::builder()
+        .oauth(auth)
+        .add_header(ACCEPT, "application/vnd.github+json".to_string())
+        .build()
+        .unwrap();
+    // Get all Secret Scanning alerts for a repo
+    let a = octocrab
+        .repos(OWNER, REPO)
+        .secrets_scanning()
+        .direction("asc")
+        .get_alerts()
+        .await
+        .unwrap();
+    println!("{:?}", a);
+    // Get a single Secret Scanning alert
+    let single_alert = octocrab
+        .repos(OWNER, REPO)
+        .secrets_scanning()
+        .get_alert(5)
+        .await
+        .unwrap();
+    println!("{:?}", single_alert);
+    // Update (dismiss) a Secret Scanning alert
+    let updated_alert = octocrab
+        .repos(OWNER, REPO)
+        .secrets_scanning()
+        .update_alert(
+            5,
+            Some(&UpdateSecretScanningAlert {
+                state: "resolved",
+                resolution: Some("used_in_tests"),
+                resolution_comment: Some("Mock value that is used in tests"),
+            }),
+        )
+        .await
+        .unwrap();
+    println!("{:?}", updated_alert);
+}

src/api/repos.rs

@@ -20,6 +20,7 @@ mod merges;
 mod pulls;
 pub mod release_assets;
 pub mod releases;
+mod secret_scanning_alerts;
 mod secrets;
 mod stargazers;
 mod status;
@@ -42,6 +43,7 @@ pub use merges::MergeBranchBuilder;
 pub use pulls::ListPullsBuilder;
 pub use release_assets::ReleaseAssetsHandler;
 pub use releases::ReleasesHandler;
+pub use secret_scanning_alerts::RepoSecretScanningAlertsHandler;
 pub use secrets::RepoSecretsHandler;
 pub use stargazers::ListStarGazersBuilder;
 pub use status::{CreateStatusBuilder, ListStatusesBuilder};
@@ -755,6 +757,11 @@ impl<'octo> RepoHandler<'octo> {
         RepoDependabotAlertsHandler::new(self)
     }
 
+    /// Handle secrets scanning alerts on the repository
+    pub fn secrets_scanning(&self) -> RepoSecretScanningAlertsHandler<'_> {
+        RepoSecretScanningAlertsHandler::new(self)
+    }
+
     /// Creates a new Git commit object.
     /// See https://docs.github.com/en/rest/git/commits?apiVersion=2022-11-28#create-a-commit
     /// ```no_run

src/api/repos/secret_scanning_alerts.rs

@@ -0,0 +1,189 @@
+use super::RepoHandler;
+
+/// A client to GitHub's repository Secret Scanning API.
+///
+/// Created with [`Octocrab::repos`].
+pub struct RepoSecretScanningAlertsHandler<'octo> {
+    handler: &'octo RepoHandler<'octo>,
+    params: Params,
+}
+
+#[derive(serde::Serialize)]
+struct Params {
+    #[serde(skip_serializing_if = "Option::is_none")]
+    per_page: Option<u8>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    page: Option<u32>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    state: Option<Vec<String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    severity: Option<Vec<String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    ecosystem: Option<Vec<String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    package: Option<Vec<String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    manifest: Option<Vec<String>>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    scope: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    sort: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    direction: Option<String>,
+}
+
+impl<'octo> RepoSecretScanningAlertsHandler<'octo> {
+    pub(crate) fn new(repo: &'octo RepoHandler<'octo>) -> Self {
+        Self {
+            handler: repo,
+            params: Params {
+                per_page: None,
+                page: None,
+                state: None,
+                severity: None,
+                ecosystem: None,
+                package: None,
+                manifest: None,
+                scope: None,
+                sort: None,
+                direction: None,
+            },
+        }
+    }
+
+    /// Lists all Secret Scanning Alerts available in a repository.
+    /// You must authenticate using an access token with the `repo` or `security_events` scope to use this endpoint.
+    /// ```no_run
+    /// # async fn run() -> octocrab::Result<()> {
+    /// # let octocrab = octocrab::Octocrab::default();
+    /// let all_secrets = octocrab.repos("owner", "repo")
+    ///     .secrets_scanning()
+    ///     .direction("asc")
+    ///     .get_alerts()
+    ///     .await?;
+    /// # Ok(())
+    /// # }
+    pub async fn get_alerts(
+        &self,
+    ) -> crate::Result<crate::Page<crate::models::repos::secret_scanning_alert::SecretScanningAlert>>
+    {
+        let route = format!("/{}/secret-scanning/alerts", self.handler.repo);
+        self.handler.crab.get(route, Some(&self.params)).await
+    }
+
+    /// Results per page (max 100).
+    pub fn per_page(mut self, per_page: impl Into<u8>) -> Self {
+        self.params.per_page = Some(per_page.into());
+        self
+    }
+
+    /// Page number of the results to fetch.
+    pub fn page(mut self, page: impl Into<u32>) -> Self {
+        self.params.page = Some(page.into());
+        self
+    }
+
+    /// Filter Secret Scanning Alerts by state.
+    pub fn state(mut self, state: impl Into<Vec<String>>) -> Self {
+        self.params.state = Some(state.into());
+        self
+    }
+
+    /// Filter Secret Scanning Alerts by severity.
+    pub fn severity(mut self, severity: impl Into<Vec<String>>) -> Self {
+        self.params.severity = Some(severity.into());
+        self
+    }
+
+    /// Filter Secret Scanning Alerts by ecosystem.
+    pub fn ecosystem(mut self, ecosystem: impl Into<Vec<String>>) -> Self {
+        self.params.ecosystem = Some(ecosystem.into());
+        self
+    }
+
+    /// Filter Secret Scanning Alerts by package.
+    pub fn package(mut self, package: impl Into<Vec<String>>) -> Self {
+        self.params.package = Some(package.into());
+        self
+    }
+
+    /// Filter Secret Scanning Alerts by manifest.
+    pub fn manifest(mut self, manifest: impl Into<Vec<String>>) -> Self {
+        self.params.manifest = Some(manifest.into());
+        self
+    }
+
+    /// Filter Secret Scanning Alerts by scope.
+    pub fn scope(mut self, scope: impl Into<String>) -> Self {
+        self.params.scope = Some(scope.into());
+        self
+    }
+
+    /// Sort Secret Scanning Alerts.
+    pub fn sort(mut self, sort: impl Into<String>) -> Self {
+        self.params.sort = Some(sort.into());
+        self
+    }
+
+    /// Sort direction of Secret Scanning Alerts.
+    pub fn direction(mut self, direction: impl Into<String>) -> Self {
+        self.params.direction = Some(direction.into());
+        self
+    }
+
+    /// Lists single Secret Scanning Alert for a repository.
+    /// You must authenticate using an access token with the `repo` or `security_events` scope to use this endpoint.
+    /// ```no_run
+    /// # async fn run() -> octocrab::Result<()> {
+    /// # let octocrab = octocrab::Octocrab::default();
+    /// let all_secrets = octocrab.repos("owner", "repo")
+    ///     .secrets_scanning()
+    ///     .get_alert(5)
+    ///     .await?;
+    /// # Ok(())
+    /// # }
+    pub async fn get_alert(
+        &self,
+        alert_number: u32,
+    ) -> crate::Result<crate::models::repos::secret_scanning_alert::SecretScanningAlert> {
+        let route = format!(
+            "/{}/secret-scanning/alerts/{}",
+            self.handler.repo, alert_number
+        );
+        self.handler.crab.get(route, None::<&()>).await
+    }
+
+    /// Updates a Secret Scanning alert.
+    /// You must authenticate using an access token with the `security_events ` scope to use this endpoint.
+    /// ```no_run
+    /// # async fn run() -> octocrab::Result<()> {
+    /// # let octocrab = octocrab::Octocrab::default();
+    /// use octocrab::models::repos::secret_scanning_alert::UpdateSecretScanningAlert;
+    ///
+    /// let result = octocrab.repos("owner", "repo")
+    ///     .secrets_scanning()
+    ///     .update_alert(
+    ///         5,
+    ///         Some(&UpdateSecretScanningAlert {
+    ///             state: "dismissed",
+    ///             dismissed_reason: Some("no_bandwidth"),
+    ///             dismissed_comment: Some("I don't have time to fix this right now"),
+    ///         })
+    ///     )
+    ///     .await?;
+    /// # Ok(())
+    /// # }
+    pub async fn update_alert(
+        &self,
+        alert_number: u32,
+        alert_update: Option<
+            &crate::models::repos::secret_scanning_alert::UpdateSecretScanningAlert<'_>,
+        >,
+    ) -> crate::Result<crate::models::repos::secret_scanning_alert::SecretScanningAlert> {
+        let route = format!(
+            "/{}/secret-scanning/alerts/{}",
+            self.handler.repo, alert_number
+        );
+        self.handler.crab.patch(route, alert_update).await
+    }
+}