search

advanced-security / secret-scanning-review-action

Action to detect if a secret is initially detected in a PR commit
MIT License
10 stars 3 forks source link

Feature Request: Add support for showing validity check status #3

Open felickz opened 6 months ago

felickz commented 6 months ago

Initial status + link

felickz commented 1 month ago

This is now included in the API response. Would be worth a noting the date that the validity was checked in case that status becomes outdated (ex: active now, but tomorrow it is revoked and is now inactive). Without some event based approach we cannot be updated to this changing... though it will query the API on any subsequent run of the action.

https://docs.github.com/en/rest/secret-scanning/secret-scanning?apiVersion=2022-11-28#get-a-secret-scanning-alert

validity string A comma-separated list of validities that, when present, will return alerts that match the validities in this list. Valid options are active, inactive, and unknown.

  "validity": "unknown"