[Schema Inaccuracy] secret scanning alerts have no required fields

[ebickle]

Schema Inaccuracy

The secret-scanning-alert schema component does not define any required fields, even though some fields are always present (e.g. primary keys). I can't tell on my end what the full list of fields that should be required are, but some obvious ones include:

• number - unique ID for the alert
• created_at
• updated_at
• url
• html_url
• state
• secret_type
• secret_type_display_name
• secret
• validity

Some fields are also marked nullable: true, so it's possible all fields are actually required (e.g. returned in a "GetAlert" response) with some being nullable instead.

For comparison, the code-scanning-alert and dependabot_alert (similar APIs also part of GitHub Advanced Security) have required fields.

Expected

The secret-scanning-alert schema component should define required fields.

Reproduction Steps

import { Octokit } from 'octokit';

const octokit = new Octokit({ auth: 'personal-access-token-here' });

const { data: alert } = await octokit.rest.secretScanning.getAlert({
    owner: 'sample-owner', 
    repo: 'sample-repo',
    alert_number: 1234
});

Using TypeScript, review type of fields in alert - they will all include | undefined.