# GitHub REST API code scanning analyses sarif content type application/sarif+json

Status: search-observed
Product: GitHub REST API
Last verified: 2026-06-25
Canonical HTML: https://gitdocs.org/fix/github-rest-api-code-scanning-analyses-sarif-content-type-application-sarif-json
Machine JSON: https://gitdocs.org/api/fixes/github-rest-api-code-scanning-analyses-sarif-content-type-application-sarif-json.json

## Exact Symptom

See the observed Codex queries below.

## Diagnosis

Several historical response shapes are locally plausible; only the selected current API version determines fields, enums, media types, and status codes.

## Fix

```
Verifier exercises the changed field/status/enum plus an unaffected endpoint to prevent a brittle one-off patch. Exercise strict and permissive parsing plus one downstream behavior tied to the changed field.
```

## Avoid

- Changing local code without checking the current external contract.
- Retrying the same install, build, or API call with no version/source change.
- Applying a broad unsafe bypass when a narrow compatibility fix is available.

## Observed Codex Queries

- GitHub REST API code scanning analyses sarif content type application/sarif+json
- site:docs.github.com REST code scanning analyses download SARIF application/sarif+json
- GitHub REST API get code scanning analysis sarif media type
- https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28
- 'application/sarif' in https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28

## Sources

- GitHub REST API 2026-03-10 breaking changes: https://docs.github.com/en/rest/about-the-rest-api/breaking-changes?apiVersion=2026-03-10
- GitHub source file or repository reference: https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28