{"id":19237428,"url":"https://github.com/datatheorem/datatheorem-api-secure-action","last_synced_at":"2025-02-23T13:50:41.162Z","repository":{"id":65159463,"uuid":"372510705","full_name":"datatheorem/datatheorem-api-secure-action","owner":"datatheorem","description":"Integration to request RESTful APIs scans from Github Actions","archived":false,"fork":false,"pushed_at":"2021-06-07T17:57:29.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"main","last_synced_at":"2024-04-21T14:29:59.025Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/datatheorem.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-05-31T13:10:07.000Z","updated_at":"2021-06-07T17:57:32.000Z","dependencies_parsed_at":"2023-01-05T04:53:33.123Z","dependency_job_id":null,"html_url":"https://github.com/datatheorem/datatheorem-api-secure-action","commit_stats":{"total_commits":3,"total_committers":2,"mean_commits":1.5,"dds":"0.33333333333333337","last_synced_commit":"262b642bbbdbc6dc0fa124b78cc9af7b957ac107"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/datatheorem%2Fdatatheorem-api-secure-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/datatheorem%2Fdatatheorem-api-secure-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/datatheorem%2Fdatatheorem-api-secure-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/datatheorem%2Fdatatheorem-api-secure-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/datatheorem","download_url":"https://codeload.github.com/datatheorem/datatheorem-api-secure-action/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240324060,"owners_count":19783453,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T16:26:40.532Z","updated_at":"2025-02-23T13:50:41.129Z","avatar_url":"https://github.com/datatheorem.png","language":"Shell","readme":"# API Secure\n\nData Theorem's API Secure will scan your RESTful APIs for security issues, \nincluding, but not limited to, SQL injection, SSRF, XSS, and PII/PHI data publicly accessible on the Internet.\nMore information can be found here:\n\nhttps://www.datatheorem.com/products/api-secure\n\nValid Data Theorem API key required.\n\n## Set your Data Theorem API key as a secret\nTo find your Data Theorem API key, connect to https://www.securetheorem.com/mobile/sdlc/results_api_access \nusing your Data Theorem account.  \nCreate an encrypted variable named `DT_RESULTS_API_KEY` in your Github repository.\n\nFor more information, see [Github Encrypted secrets](https://docs.github.com/en/actions/reference/encrypted-secrets).\n\n## Find your RESTful API's ID\nGo to your [API Secure inventory]((https://securetheorem.com/api/inventory)) in the Data Theorem portal and find \nthe RESTful API you wish to scan.\n\nRetrieve the RESTful API’s ID from the url of the RESTful API’s page that looks like:  \n`https://securetheorem.com/api/restful-apis/\u003casset_id\u003e`\n\n\n## Optional scan configuration\nOptionally, the following scan configuration settings can be specified:\n\n`should_perform_pii_analysis: \u003ctrue/false\u003e`  \nIf set to true, the API responses received by the scanner will be analyzed for personally identifiable information.\n\n`should_perform_sql_injection_scan: \u003ctrue/false\u003e`    \nIf set to true, the API’s parameters will be scanned for SQL injection issues.  \nThis type of scan requires sending a lot of requests to the API,\nit will significantly increase the load on the API, and could potentially disrupt it.\n\n\n## Sample usage\n\n```yaml\nname: Request a Data Theorem API Secure scan\n\non:\n  push:\n    branches: [ main ]\n\njobs:\n  scan:\n    name: scan RESTful API for security issues\n    runs-on: ubuntu-20.04\n    steps:\n      - name: Request Data Theorem API Secure scan\n        uses: datatheorem/data-theorem-api-secure-action@v1.0.0\n        with:\n          dt_results_api_key: ${{ secrets.DT_RESULTS_API_KEY }}\n          asset_id: \"15255982-380f-4dae-8fed-b06fc6a82566\"\n          asset_base_url: \"https://\u003casset_base_url\u003e/\"\n          # Optional scan configuration\n          should_perform_pii_analysis: false\n          should_perform_sql_injection_scan: false\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdatatheorem%2Fdatatheorem-api-secure-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdatatheorem%2Fdatatheorem-api-secure-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdatatheorem%2Fdatatheorem-api-secure-action/lists"}