Data from integration saved in HackEDU

First we make a request to https://api.github.com/user/repos to get a list of repositories your token has access to. We only save the name of the repos you select in the integration process.

[ 
{
"id": "[REDACTED]",
"node_id": "[REDACTED]",
"name": "atka-app",
...
]


Each time the sync process is run we make an api call to this endpoint: https://api.github.com/repos/:username/:repository_name/code-scanning/alerts, requesting data only from the repositories that you selected in the integration process. The full response from this request is saved.


{ 
"number": 4,
"created_at": "2020-09-12T01:55:22Z",
"url":"https://api.github.com/repos/:repository_name/vulnerable
app/code-scanning/alerts/4",
"html_url": "https://github.com/:repository_name/vulnerable
app/security/code-scanning/4",
"state": "open",
"dismissed_by": null,
"dismissed_at": null,
"dismissed_reason": null,
"rule": { "id": "js/reflected-xss",
"severity": "error",
"description": "Reflected cross-site scripting" },
"tool": { "name": "CodeQL command-line toolchain",
"version": null }
}
Did this answer your question?