GitHub v3 REST API — Code-Scanning

naftiko: 1.0.0-alpha2
info:
  label: GitHub v3 REST API — Code-Scanning
  description: 'GitHub v3 REST API — Code-Scanning. 13 operations. Lead operation: GitHub List Code Scanning Alerts for an
    Enterprise. Self-contained Naftiko capability covering one Github business surface.'
  tags:
  - Github
  - Code-Scanning
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    GITHUB_API_KEY: GITHUB_API_KEY
capability:
  consumes:
  - type: http
    namespace: github-code-scanning
    baseUri: ''
    description: GitHub v3 REST API — Code-Scanning business capability. Self-contained, no shared references.
    resources:
    - name: enterprises-enterprise-code-scanning-alerts
      path: /enterprises/{enterprise}/code-scanning/alerts
      operations:
      - name: codescanninglistalertsforenterprise
        method: GET
        description: GitHub List Code Scanning Alerts for an Enterprise
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: state
          in: query
          type: string
          description: If specified, only code scanning alerts with this state will be returned.
        - name: sort
          in: query
          type: string
          description: The property by which to sort the results.
    - name: orgs-org-code-scanning-alerts
      path: /orgs/{org}/code-scanning/alerts
      operations:
      - name: codescanninglistalertsfororg
        method: GET
        description: GitHub List Code Scanning Alerts for an Organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: state
          in: query
          type: string
          description: If specified, only code scanning alerts with this state will be returned.
        - name: sort
          in: query
          type: string
          description: The property by which to sort the results.
        - name: severity
          in: query
          type: string
          description: If specified, only code scanning alerts with this severity will be returned.
    - name: repos-owner-repo-code-scanning-alerts
      path: /repos/{owner}/{repo}/code-scanning/alerts
      operations:
      - name: codescanninglistalertsforrepo
        method: GET
        description: GitHub List Code Scanning Alerts for a Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: sort
          in: query
          type: string
          description: The property by which to sort the results.
        - name: state
          in: query
          type: string
          description: If specified, only code scanning alerts with this state will be returned.
        - name: severity
          in: query
          type: string
          description: If specified, only code scanning alerts with this severity will be returned.
    - name: repos-owner-repo-code-scanning-alerts-alert_number
      path: /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
      operations:
      - name: codescanninggetalert
        method: GET
        description: GitHub Get a Code Scanning Alert
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: codescanningupdatealert
        method: PATCH
        description: GitHub Update a Code Scanning Alert
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: repos-owner-repo-code-scanning-alerts-alert_number-instances
      path: /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances
      operations:
      - name: codescanninglistalertinstances
        method: GET
        description: GitHub List Instances of a Code Scanning Alert
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: repos-owner-repo-code-scanning-analyses
      path: /repos/{owner}/{repo}/code-scanning/analyses
      operations:
      - name: codescanninglistrecentanalyses
        method: GET
        description: GitHub List Code Scanning Analyses for a Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: ref
          in: query
          type: string
          description: 'The Git reference for the analyses you want to list. The `ref` for a branch can be formatted either
            as `refs/heads/<branch name>` or simply `<branch name>`. To '
        - name: sarif_id
          in: query
          type: string
          description: Filter analyses belonging to the same SARIF upload.
        - name: sort
          in: query
          type: string
          description: The property by which to sort the results.
    - name: repos-owner-repo-code-scanning-analyses-analysis_id
      path: /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}
      operations:
      - name: codescanninggetanalysis
        method: GET
        description: GitHub Get a Code Scanning Analysis for a Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: analysis_id
          in: path
          type: integer
          description: The ID of the analysis, as returned from the `GET /repos/{owner}/{repo}/code-scanning/analyses` operation.
          required: true
      - name: codescanningdeleteanalysis
        method: DELETE
        description: GitHub Delete a Code Scanning Analysis from a Repository
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: analysis_id
          in: path
          type: integer
          description: The ID of the analysis, as returned from the `GET /repos/{owner}/{repo}/code-scanning/analyses` operation.
          required: true
        - name: confirm_delete
          in: query
          type: string
          description: Allow deletion if the specified analysis is the last in a set. If you attempt to delete the final analysis
            in a set without setting this parameter to `true`, yo
    - name: repos-owner-repo-code-scanning-default-setup
      path: /repos/{owner}/{repo}/code-scanning/default-setup
      operations:
      - name: codescanninggetdefaultsetup
        method: GET
        description: GitHub Get a Code Scanning Default Setup Configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: codescanningupdatedefaultsetup
        method: PATCH
        description: GitHub Update a Code Scanning Default Setup Configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: repos-owner-repo-code-scanning-sarifs
      path: /repos/{owner}/{repo}/code-scanning/sarifs
      operations:
      - name: codescanninguploadsarif
        method: POST
        description: GitHub Upload an Analysis as SARIF Data
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: repos-owner-repo-code-scanning-sarifs-sarif_id
      path: /repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id}
      operations:
      - name: codescanninggetsarif
        method: GET
        description: GitHub Get Information About a SARIF Upload
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: sarif_id
          in: path
          type: string
          description: The SARIF ID obtained after uploading.
          required: true
  exposes:
  - type: rest
    namespace: github-code-scanning-rest
    port: 8080
    description: REST adapter for GitHub v3 REST API — Code-Scanning. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/enterprises/{enterprise}/code-scanning/alerts
      name: enterprises-enterprise-code-scanning-alerts
      description: REST surface for enterprises-enterprise-code-scanning-alerts.
      operations:
      - method: GET
        name: codescanninglistalertsforenterprise
        description: GitHub List Code Scanning Alerts for an Enterprise
        call: github-code-scanning.codescanninglistalertsforenterprise
        with:
          state: rest.state
          sort: rest.sort
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/orgs/{org}/code-scanning/alerts
      name: orgs-org-code-scanning-alerts
      description: REST surface for orgs-org-code-scanning-alerts.
      operations:
      - method: GET
        name: codescanninglistalertsfororg
        description: GitHub List Code Scanning Alerts for an Organization
        call: github-code-scanning.codescanninglistalertsfororg
        with:
          state: rest.state
          sort: rest.sort
          severity: rest.severity
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/alerts
      name: repos-owner-repo-code-scanning-alerts
      description: REST surface for repos-owner-repo-code-scanning-alerts.
      operations:
      - method: GET
        name: codescanninglistalertsforrepo
        description: GitHub List Code Scanning Alerts for a Repository
        call: github-code-scanning.codescanninglistalertsforrepo
        with:
          sort: rest.sort
          state: rest.state
          severity: rest.severity
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}
      name: repos-owner-repo-code-scanning-alerts-alert-number
      description: REST surface for repos-owner-repo-code-scanning-alerts-alert_number.
      operations:
      - method: GET
        name: codescanninggetalert
        description: GitHub Get a Code Scanning Alert
        call: github-code-scanning.codescanninggetalert
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: codescanningupdatealert
        description: GitHub Update a Code Scanning Alert
        call: github-code-scanning.codescanningupdatealert
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/alerts/{alert-number}/instances
      name: repos-owner-repo-code-scanning-alerts-alert-number-instances
      description: REST surface for repos-owner-repo-code-scanning-alerts-alert_number-instances.
      operations:
      - method: GET
        name: codescanninglistalertinstances
        description: GitHub List Instances of a Code Scanning Alert
        call: github-code-scanning.codescanninglistalertinstances
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/analyses
      name: repos-owner-repo-code-scanning-analyses
      description: REST surface for repos-owner-repo-code-scanning-analyses.
      operations:
      - method: GET
        name: codescanninglistrecentanalyses
        description: GitHub List Code Scanning Analyses for a Repository
        call: github-code-scanning.codescanninglistrecentanalyses
        with:
          ref: rest.ref
          sarif_id: rest.sarif_id
          sort: rest.sort
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/analyses/{analysis-id}
      name: repos-owner-repo-code-scanning-analyses-analysis-id
      description: REST surface for repos-owner-repo-code-scanning-analyses-analysis_id.
      operations:
      - method: GET
        name: codescanninggetanalysis
        description: GitHub Get a Code Scanning Analysis for a Repository
        call: github-code-scanning.codescanninggetanalysis
        with:
          analysis_id: rest.analysis_id
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: codescanningdeleteanalysis
        description: GitHub Delete a Code Scanning Analysis from a Repository
        call: github-code-scanning.codescanningdeleteanalysis
        with:
          analysis_id: rest.analysis_id
          confirm_delete: rest.confirm_delete
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/default-setup
      name: repos-owner-repo-code-scanning-default-setup
      description: REST surface for repos-owner-repo-code-scanning-default-setup.
      operations:
      - method: GET
        name: codescanninggetdefaultsetup
        description: GitHub Get a Code Scanning Default Setup Configuration
        call: github-code-scanning.codescanninggetdefaultsetup
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: codescanningupdatedefaultsetup
        description: GitHub Update a Code Scanning Default Setup Configuration
        call: github-code-scanning.codescanningupdatedefaultsetup
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/sarifs
      name: repos-owner-repo-code-scanning-sarifs
      description: REST surface for repos-owner-repo-code-scanning-sarifs.
      operations:
      - method: POST
        name: codescanninguploadsarif
        description: GitHub Upload an Analysis as SARIF Data
        call: github-code-scanning.codescanninguploadsarif
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/repos/{owner}/{repo}/code-scanning/sarifs/{sarif-id}
      name: repos-owner-repo-code-scanning-sarifs-sarif-id
      description: REST surface for repos-owner-repo-code-scanning-sarifs-sarif_id.
      operations:
      - method: GET
        name: codescanninggetsarif
        description: GitHub Get Information About a SARIF Upload
        call: github-code-scanning.codescanninggetsarif
        with:
          sarif_id: rest.sarif_id
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: github-code-scanning-mcp
    port: 9090
    transport: http
    description: MCP adapter for GitHub v3 REST API — Code-Scanning. One tool per consumed operation, routed inline through
      this capability's consumes block.
    tools:
    - name: github-list-code-scanning-alerts
      description: GitHub List Code Scanning Alerts for an Enterprise
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninglistalertsforenterprise
      with:
        state: tools.state
        sort: tools.sort
      outputParameters:
      - type: object
        mapping: $.
    - name: github-list-code-scanning-alerts-2
      description: GitHub List Code Scanning Alerts for an Organization
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninglistalertsfororg
      with:
        state: tools.state
        sort: tools.sort
        severity: tools.severity
      outputParameters:
      - type: object
        mapping: $.
    - name: github-list-code-scanning-alerts-3
      description: GitHub List Code Scanning Alerts for a Repository
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninglistalertsforrepo
      with:
        sort: tools.sort
        state: tools.state
        severity: tools.severity
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-code-scanning-alert
      description: GitHub Get a Code Scanning Alert
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninggetalert
      outputParameters:
      - type: object
        mapping: $.
    - name: github-update-code-scanning-alert
      description: GitHub Update a Code Scanning Alert
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanningupdatealert
      with:
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: github-list-instances-code-scanning
      description: GitHub List Instances of a Code Scanning Alert
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninglistalertinstances
      outputParameters:
      - type: object
        mapping: $.
    - name: github-list-code-scanning-analyses
      description: GitHub List Code Scanning Analyses for a Repository
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninglistrecentanalyses
      with:
        ref: tools.ref
        sarif_id: tools.sarif_id
        sort: tools.sort
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-code-scanning-analysis
      description: GitHub Get a Code Scanning Analysis for a Repository
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninggetanalysis
      with:
        analysis_id: tools.analysis_id
      outputParameters:
      - type: object
        mapping: $.
    - name: github-delete-code-scanning-analysis
      description: GitHub Delete a Code Scanning Analysis from a Repository
      hints:
        readOnly: false
        destructive: true
        idempotent: true
      call: github-code-scanning.codescanningdeleteanalysis
      with:
        analysis_id: tools.analysis_id
        confirm_delete: tools.confirm_delete
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-code-scanning-default
      description: GitHub Get a Code Scanning Default Setup Configuration
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninggetdefaultsetup
      outputParameters:
      - type: object
        mapping: $.
    - name: github-update-code-scanning-default
      description: GitHub Update a Code Scanning Default Setup Configuration
      hints:
        readOnly: false
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanningupdatedefaultsetup
      with:
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: github-upload-analysis-sarif-data
      description: GitHub Upload an Analysis as SARIF Data
      hints:
        readOnly: false
        destructive: false
        idempotent: false
      call: github-code-scanning.codescanninguploadsarif
      with:
        body: tools.body
      outputParameters:
      - type: object
        mapping: $.
    - name: github-get-information-about-sarif
      description: GitHub Get Information About a SARIF Upload
      hints:
        readOnly: true
        destructive: false
        idempotent: true
      call: github-code-scanning.codescanninggetsarif
      with:
        sarif_id: tools.sarif_id
      outputParameters:
      - type: object
        mapping: $.