项目证明的 REST API 终结点 - GitHub Enterprise Cloud Docs

List attestations

List a collection of artifact attestations with a given subject digest that are associated with repositories owned by a user.

The collection of attestations returned by this endpoint is filtered according to the authenticated user's permissions; if the authenticated user cannot read a repository, the attestations associated with that repository will not be included in the response. In addition, when using a fine-grained access token the attestations:read permission is required.

Please note: in order to offer meaningful security benefits, an attestation's signature and timestamps must be cryptographically verified, and the identity of the attestation signer must be validated. Attestations can be verified using the GitHub CLI attestation verify command. For more information, see our guide on how to use artifact attestations to establish a build's provenance.

“List attestations”的细粒度访问令牌

此端点支持以下精细令牌类型:

精细令牌不需要任何权限。

如果仅请求公共资源，则无需身份验证即可使用此终结点。

“List attestations”的参数

标头
名称, 类型, 说明
`accept` string Setting to `application/vnd.github+json` is recommended.

路径参数
名称, 类型, 说明
`username` string 必须 The handle for the GitHub user account.
`subject_digest` string 必须 Subject Digest

查询参数
名称, 类型, 说明
`per_page` integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." 默认: `30`
`before` string A cursor, as given in the Link header. If specified, the query only searches for results before this cursor. For more information, see "Using pagination in the REST API."
`after` string A cursor, as given in the Link header. If specified, the query only searches for results after this cursor. For more information, see "Using pagination in the REST API."

“List attestations”的 HTTP 响应状态代码

状态代码	说明
`200`	OK
`201`	Created
`204`	No Content
`404`	Resource not found

“List attestations”的示例代码

If you access GitHub at GHE.com, replace api.github.com with your enterprise's dedicated subdomain at api.SUBDOMAIN.ghe.com.

请求示例

Select the example type

get/users/{username}/attestations/{subject_digest}

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer <YOUR-TOKEN>" \
  -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/users/USERNAME/attestations/SUBJECT_DIGEST

Response

Status: 200