diff options
| author | github-openapi-bot <security+github-openapi-bot@github.com> | 2022-09-22 10:49:14 -0700 |
|---|---|---|
| committer | github-openapi-bot <security+github-openapi-bot@github.com> | 2022-09-22 10:49:14 -0700 |
| commit | 032127c5f124b1ad9f9677b7159f375d84632c64 (patch) | |
| tree | 7600f7c7ca1843e5e57564d033bcef59d5e618b8 /descriptions/api.github.com | |
| parent | de4204899b3d70742f7c67901979f99db464f447 (diff) | |
| download | rest-api-description-032127c5f124b1ad9f9677b7159f375d84632c64.tar.gz rest-api-description-032127c5f124b1ad9f9677b7159f375d84632c64.zip | |
Update OpenAPI 3.0 Descriptions
Diffstat (limited to 'descriptions/api.github.com')
| -rw-r--r-- | descriptions/api.github.com/api.github.com.json | 1151 | ||||
| -rw-r--r-- | descriptions/api.github.com/api.github.com.yaml | 832 | ||||
| -rw-r--r-- | descriptions/api.github.com/dereferenced/api.github.com.deref.json | 2499 | ||||
| -rw-r--r-- | descriptions/api.github.com/dereferenced/api.github.com.deref.yaml | 1817 |
4 files changed, 5779 insertions, 520 deletions
diff --git a/descriptions/api.github.com/api.github.com.json b/descriptions/api.github.com/api.github.com.json index e563347d0..67f32010e 100644 --- a/descriptions/api.github.com/api.github.com.json +++ b/descriptions/api.github.com/api.github.com.json @@ -30572,6 +30572,260 @@ } } }, + "/repos/{owner}/{repo}/dependabot/alerts": { + "get": { + "summary": "List Dependabot alerts for a repository", + "description": "You must use an access token with the `security_events` scope to use this endpoint with private repositories.\nYou can also use tokens with the `public_repo` scope for public repositories only.\nGitHub Apps must have **Dependabot alerts** read permission to use this endpoint.", + "tags": [ + "dependabot" + ], + "operationId": "dependabot/list-alerts-for-repo", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/dependabot#list-dependabot-alerts-for-a-repository" + }, + "parameters": [ + { + "$ref": "#/components/parameters/owner" + }, + { + "$ref": "#/components/parameters/repo" + }, + { + "$ref": "#/components/parameters/dependabot-alert-state" + }, + { + "$ref": "#/components/parameters/dependabot-alert-severity" + }, + { + "$ref": "#/components/parameters/dependabot-alert-ecosystem" + }, + { + "$ref": "#/components/parameters/dependabot-alert-package" + }, + { + "$ref": "#/components/parameters/dependabot-alert-manifest" + }, + { + "$ref": "#/components/parameters/dependabot-alert-scope" + }, + { + "$ref": "#/components/parameters/dependabot-alert-sort" + }, + { + "$ref": "#/components/parameters/direction" + }, + { + "$ref": "#/components/parameters/page" + }, + { + "$ref": "#/components/parameters/per-page" + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "$ref": "#/components/schemas/dependabot-alert" + } + }, + "examples": { + "default": { + "$ref": "#/components/examples/dependabot-alerts" + } + } + } + } + }, + "304": { + "$ref": "#/components/responses/not_modified" + }, + "403": { + "$ref": "#/components/responses/forbidden" + }, + "404": { + "$ref": "#/components/responses/not_found" + }, + "422": { + "$ref": "#/components/responses/validation_failed_simple" + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "previews": [ + + ], + "category": "dependabot", + "subcategory": "alerts" + } + } + }, + "/repos/{owner}/{repo}/dependabot/alerts/{alert_number}": { + "get": { + "summary": "Get a Dependabot alert", + "description": "You must use an access token with the `security_events` scope to use this endpoint with private repositories.\nYou can also use tokens with the `public_repo` scope for public repositories only.\nGitHub Apps must have **Dependabot alerts** read permission to use this endpoint.", + "tags": [ + "dependabot" + ], + "operationId": "dependabot/get-alert", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/dependabot#get-a-dependabot-alert" + }, + "parameters": [ + { + "$ref": "#/components/parameters/owner" + }, + { + "$ref": "#/components/parameters/repo" + }, + { + "$ref": "#/components/parameters/dependabot-alert-number" + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/dependabot-alert" + }, + "examples": { + "default": { + "$ref": "#/components/examples/dependabot-alert-open" + } + } + } + } + }, + "304": { + "$ref": "#/components/responses/not_modified" + }, + "403": { + "$ref": "#/components/responses/forbidden" + }, + "404": { + "$ref": "#/components/responses/not_found" + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "previews": [ + + ], + "category": "dependabot", + "subcategory": "alerts" + } + }, + "patch": { + "summary": "Update a Dependabot alert", + "description": "You must use an access token with the `security_events` scope to use this endpoint with private repositories.\nYou can also use tokens with the `public_repo` scope for public repositories only.\nGitHub Apps must have **Dependabot alerts** write permission to use this endpoint.", + "tags": [ + "dependabot" + ], + "operationId": "dependabot/update-alert", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/dependabot#update-a-dependabot-alert" + }, + "parameters": [ + { + "$ref": "#/components/parameters/owner" + }, + { + "$ref": "#/components/parameters/repo" + }, + { + "$ref": "#/components/parameters/dependabot-alert-number" + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "state": { + "$ref": "#/components/schemas/dependabot-alert-set-state" + }, + "dismissed_reason": { + "$ref": "#/components/schemas/dependabot-alert-dismissed-reason" + }, + "dismissed_comment": { + "$ref": "#/components/schemas/dependabot-alert-dismissed-comment" + } + }, + "required": [ + "state" + ], + "additionalProperties": false + }, + "examples": { + "default": { + "value": { + "state": "dismissed", + "dismissed_reason": "tolerable_risk", + "dismissed_comment": "This alert is accurate but we use a sanitizer." + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/dependabot-alert" + }, + "examples": { + "default": { + "$ref": "#/components/examples/dependabot-alert-dismissed" + } + } + } + } + }, + "304": { + "$ref": "#/components/responses/not_modified" + }, + "400": { + "$ref": "#/components/responses/bad_request" + }, + "403": { + "$ref": "#/components/responses/forbidden" + }, + "404": { + "$ref": "#/components/responses/not_found" + }, + "409": { + "$ref": "#/components/responses/conflict" + }, + "422": { + "$ref": "#/components/responses/validation_failed_simple" + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "previews": [ + + ], + "category": "dependabot", + "subcategory": "alerts" + } + } + }, "/repos/{owner}/{repo}/dependabot/secrets": { "get": { "summary": "List repository secrets", @@ -73930,6 +74184,364 @@ "type" ] }, + "dependabot-alert-scope": { + "type": "string", + "description": "The scope of the vulnerable dependency.", + "nullable": true, + "readOnly": true, + "enum": [ + "development", + "runtime" + ] + }, + "dependabot-alert-state": { + "type": "string", + "description": "State of a Dependabot alert.", + "enum": [ + "dismissed", + "fixed", + "open" + ] + }, + "dependabot-alert-package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "dependabot-alert-dependency": { + "type": "object", + "readOnly": true, + "properties": { + "package": { + "$ref": "#/components/schemas/dependabot-alert-package" + }, + "manifest_path": { + "type": "string", + "description": "The path to the manifest filename.", + "readOnly": true + }, + "scope": { + "$ref": "#/components/schemas/dependabot-alert-scope" + } + } + }, + "dependabot-alert-security-advisory": { + "type": "object", + "description": "The details of the security advisory, including summary, description, and severity.", + "readOnly": true, + "properties": { + "ghsa_id": { + "type": "string" + }, + "cve_id": { + "type": "string", + "nullable": true + }, + "summary": { + "type": "string" + }, + "description": { + "type": "string" + }, + "severity": { + "type": "string", + "enum": [ + "low", + "medium", + "high", + "critical" + ] + }, + "identifiers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GHSA", + "CVE" + ] + }, + "value": { + "type": "string" + } + }, + "required": [ + "value", + "type" + ], + "additionalProperties": false + } + }, + "references": { + "type": "array", + "items": { + "type": "object", + "properties": { + "url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "url" + ], + "additionalProperties": false + } + }, + "cvss": { + "type": "object", + "properties": { + "score": { + "type": "number" + }, + "vector_string": { + "type": "string", + "nullable": true + } + }, + "required": [ + "vector_string", + "score" + ], + "additionalProperties": false + }, + "cwes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "cwe_id": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "cwe_id", + "name" + ], + "additionalProperties": false + } + }, + "published_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "vulnerabilities": { + "type": "array", + "items": { + "type": "object", + "properties": { + "first_patched_version": { + "type": "object", + "nullable": true, + "properties": { + "identifier": { + "type": "string" + } + }, + "required": [ + "identifier" + ], + "additionalProperties": false + }, + "package": { + "type": "object", + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "ecosystem", + "name" + ], + "additionalProperties": false + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + } + }, + "required": [ + "package", + "severity", + "vulnerable_version_range", + "first_patched_version" + ], + "additionalProperties": false + } + }, + "withdrawn_at": { + "type": "string", + "format": "date-time", + "nullable": true + } + }, + "required": [ + "cvss", + "cwes", + "ghsa_id", + "summary", + "description", + "severity", + "identifiers", + "references", + "published_at", + "updated_at", + "withdrawn_at", + "vulnerabilities" + ], + "additionalProperties": false + }, + "dependabot-alert-security-vulnerability": { + "type": "object", + "description": "The details of the vulnerability of a security advisory.", + "readOnly": true, + "properties": { + "package": { + "$ref": "#/components/schemas/dependabot-alert-package" + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + }, + "first_patched_version": { + "type": "object", + "properties": { + "identifier": { + "type": "string" + } + } + } + } + }, + "dependabot-alert-dismissed_at": { + "type": "string", + "description": "The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + }, + "dependabot-alert-dismissed-reason": { + "type": "string", + "description": "**Required when the `state` is `dismissed`.** The reason for dismissing the Dependabot alert.", + "nullable": true, + "enum": [ + "fix_started", + "inaccurate", + "no_bandwidth", + "not_used", + "tolerable_risk" + ] + }, + "dependabot-alert-dismissed-comment": { + "type": "string", + "description": "An optional comment associated with the alert's dismissal. The maximum size is 280 characters.", + "nullable": true, + "maxLength": 280 + }, + "dependabot-alert-fixed-at": { + "type": "string", + "description": "The time that the alert was no longer detected and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + }, + "dependabot-alert": { + "type": "object", + "properties": { + "number": { + "$ref": "#/components/schemas/alert-number" + }, + "state": { + "$ref": "#/components/schemas/dependabot-alert-state" + }, + "dependency": { + "$ref": "#/components/schemas/dependabot-alert-dependency" + }, + "security_advisory": { + "$ref": "#/components/schemas/dependabot-alert-security-advisory" + }, + "security_vulnerability": { + "$ref": "#/components/schemas/dependabot-alert-security-vulnerability" + }, + "created_at": { + "$ref": "#/components/schemas/alert-created-at" + }, + "updated_at": { + "$ref": "#/components/schemas/alert-updated-at" + }, + "url": { + "$ref": "#/components/schemas/alert-url" + }, + "html_url": { + "$ref": "#/components/schemas/alert-html-url" + }, + "dismissed_at": { + "$ref": "#/components/schemas/dependabot-alert-dismissed_at" + }, + "dismissed_by": { + "$ref": "#/components/schemas/nullable-simple-user" + }, + "dismissed_reason": { + "$ref": "#/components/schemas/dependabot-alert-dismissed-reason" + }, + "dismissed_comment": { + "$ref": "#/components/schemas/dependabot-alert-dismissed-comment" + }, + "fixed_at": { + "$ref": "#/components/schemas/dependabot-alert-fixed-at" + } + }, + "required": [ + "number", + "state", + "dependency", + "security_advisory", + "security_vulnerability", + "url", + "html_url", + "dismissed_at", + "dismissed_by", + "dismissed_reason", + "dismissed_comment", + "fixed_at", + "created_at", + "updated_at" + ] + }, + "dependabot-alert-set-state": { + "description": "Sets the status of the dependabot alert. You must provide `dismissed_reason` when you set the state to `dismissed`.", + "type": "string", + "enum": [ + "dismissed", + "open" + ] + }, "dependabot-secret": { "title": "Dependabot Secret", "description": "Set secrets for Dependabot.", @@ -98221,6 +98833,474 @@ } ] }, + "dependabot-alerts": { + "value": [ + { + "number": 2, + "state": "dismissed", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-rf4j-j272-fj86", + "cve_id": "CVE-2018-6188", + "summary": "Django allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive", + "description": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.", + "severity": "high", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-rf4j-j272-fj86" + }, + { + "type": "CVE", + "value": "CVE-2018-6188" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6188" + }, + { + "url": "https://github.com/advisories/GHSA-rf4j-j272-fj86" + }, + { + "url": "https://usn.ubuntu.com/3559-1/" + }, + { + "url": "https://www.djangoproject.com/weblog/2018/feb/01/security-releases/" + }, + { + "url": "http://www.securitytracker.com/id/1040422" + } + ], + "published_at": "2018-10-03T21:13:54Z", + "updated_at": "2022-04-26T18:35:37Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 1.11.8, < 1.11.10", + "first_patched_version": { + "identifier": "1.11.10" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "score": 7.5 + }, + "cwes": [ + { + "cwe_id": "CWE-200", + "name": "Exposure of Sensitive Information to an Unauthorized Actor" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/2", + "created_at": "2022-06-15T07:43:03Z", + "updated_at": "2022-08-23T14:29:47Z", + "dismissed_at": "2022-08-23T14:29:47Z", + "dismissed_by": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "dismissed_reason": "tolerable_risk", + "dismissed_comment": "This alert is accurate but we use a sanitizer.", + "fixed_at": null + }, + { + "number": 1, + "state": "open", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-8f4m-hccc-8qph", + "cve_id": "CVE-2021-20191", + "summary": "Insertion of Sensitive Information into Log File in ansible", + "description": "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", + "severity": "medium", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-8f4m-hccc-8qph" + }, + { + "type": "CVE", + "value": "CVE-2021-20191" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20191" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2021-20191" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916813" + } + ], + "published_at": "2021-06-01T17:38:00Z", + "updated_at": "2021-08-12T23:06:00Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.9.0, < 2.9.18", + "first_patched_version": { + "identifier": "2.9.18" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.10.0, < 2.10.7", + "first_patched_version": { + "identifier": "2.10.7" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "score": 5.5 + }, + "cwes": [ + { + "cwe_id": "CWE-532", + "name": "Insertion of Sensitive Information into Log File" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/1", + "created_at": "2022-06-14T15:21:52Z", + "updated_at": "2022-06-14T15:21:52Z", + "dismissed_at": null, + "dismissed_by": null, + "dismissed_reason": null, + "dismissed_comment": null, + "fixed_at": null + } + ] + }, + "dependabot-alert-open": { + "value": { + "number": 1, + "state": "open", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-8f4m-hccc-8qph", + "cve_id": "CVE-2021-20191", + "summary": "Insertion of Sensitive Information into Log File in ansible", + "description": "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", + "severity": "medium", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-8f4m-hccc-8qph" + }, + { + "type": "CVE", + "value": "CVE-2021-20191" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20191" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2021-20191" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916813" + } + ], + "published_at": "2021-06-01T17:38:00Z", + "updated_at": "2021-08-12T23:06:00Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.9.0, < 2.9.18", + "first_patched_version": { + "identifier": "2.9.18" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.10.0, < 2.10.7", + "first_patched_version": { + "identifier": "2.10.7" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "score": 5.5 + }, + "cwes": [ + { + "cwe_id": "CWE-532", + "name": "Insertion of Sensitive Information into Log File" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/1", + "created_at": "2022-06-14T15:21:52Z", + "updated_at": "2022-06-14T15:21:52Z", + "dismissed_at": null, + "dismissed_by": null, + "dismissed_reason": null, + "dismissed_comment": null, + "fixed_at": null + } + }, + "dependabot-alert-dismissed": { + "value": { + "number": 2, + "state": "dismissed", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-rf4j-j272-fj86", + "cve_id": "CVE-2018-6188", + "summary": "Django allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive", + "description": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.", + "severity": "high", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-rf4j-j272-fj86" + }, + { + "type": "CVE", + "value": "CVE-2018-6188" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6188" + }, + { + "url": "https://github.com/advisories/GHSA-rf4j-j272-fj86" + }, + { + "url": "https://usn.ubuntu.com/3559-1/" + }, + { + "url": "https://www.djangoproject.com/weblog/2018/feb/01/security-releases/" + }, + { + "url": "http://www.securitytracker.com/id/1040422" + } + ], + "published_at": "2018-10-03T21:13:54Z", + "updated_at": "2022-04-26T18:35:37Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 1.11.8, < 1.11.10", + "first_patched_version": { + "identifier": "1.11.10" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "score": 7.5 + }, + "cwes": [ + { + "cwe_id": "CWE-200", + "name": "Exposure of Sensitive Information to an Unauthorized Actor" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/2", + "created_at": "2022-06-15T07:43:03Z", + "updated_at": "2022-08-23T14:29:47Z", + "dismissed_at": "2022-08-23T14:29:47Z", + "dismissed_by": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "dismissed_reason": "tolerable_risk", + "dismissed_comment": "This alert is accurate but we use a sanitizer.", + "fixed_at": null + } + }, "dependabot-secret-paginated": { "value": { "total_count": 2, @@ -108858,6 +109938,77 @@ }, "x-multi-segment": true }, + "dependabot-alert-state": { + "name": "state", + "description": "A comma-separated list of states. If specified, only alerts with these states will be returned.\n\nCan be: `dismissed`, `fixed`, `open`", + "in": "query", + "schema": { + "type": "string" + } + }, + "dependabot-alert-severity": { + "name": "severity", + "description": "A comma-separated list of severities. If specified, only alerts with these severities will be returned.\n\nCan be: `low`, `medium`, `high`, `critical`", + "in": "query", + "schema": { + "type": "string" + } + }, + "dependabot-alert-ecosystem": { + "name": "ecosystem", + "description": "A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.\n\nCan be: `composer`, `go`, `maven`, `npm`, `nuget`, `pip`, `rubygems`, `rust`", + "in": "query", + "schema": { + "type": "string" + } + }, + "dependabot-alert-package": { + "name": "package", + "description": "A comma-separated list of package names. If specified, only alerts for these packages will be returned.", + "in": "query", + "schema": { + "type": "string" + } + }, + "dependabot-alert-manifest": { + "name": "manifest", + "description": "A comma-separated list of full manifest paths. If specified, only alerts for these manifests will be returned.", + "in": "query", + "schema": { + "type": "string" + } + }, + "dependabot-alert-scope": { + "name": "scope", + "description": "Scope of the dependency on a Dependabot alert.", + "in": "query", + "schema": { + "$ref": "#/components/schemas/dependabot-alert-scope" + } + }, + "dependabot-alert-sort": { + "name": "sort", + "description": "The property by which to sort the results.\n`created` means when the alert was created.\n`updated` means when the alert's state last changed.", + "in": "query", + "required": false, + "schema": { + "type": "string", + "enum": [ + "created", + "updated" + ], + "default": "created" + } + }, + "dependabot-alert-number": { + "name": "alert_number", + "in": "path", + "description": "The number that identifies a Dependabot alert in its repository. You can find this at the end of the URL for a Dependabot alert within GitHub, or in `number` fields in the response from the `GET /repos/{owner}/{repo}/dependabot/alerts` operation.", + "required": true, + "schema": { + "$ref": "#/components/schemas/alert-number" + } + }, "manifest-path": { "name": "name", "description": "The full path, relative to the repository root, of the dependency manifest file.", diff --git a/descriptions/api.github.com/api.github.com.yaml b/descriptions/api.github.com/api.github.com.yaml index d9df3f7e1..45638423b 100644 --- a/descriptions/api.github.com/api.github.com.yaml +++ b/descriptions/api.github.com/api.github.com.yaml @@ -22251,6 +22251,163 @@ paths: enabledForGitHubApps: true category: repos subcategory: + "/repos/{owner}/{repo}/dependabot/alerts": + get: + summary: List Dependabot alerts for a repository + description: |- + You must use an access token with the `security_events` scope to use this endpoint with private repositories. + You can also use tokens with the `public_repo` scope for public repositories only. + GitHub Apps must have **Dependabot alerts** read permission to use this endpoint. + tags: + - dependabot + operationId: dependabot/list-alerts-for-repo + externalDocs: + description: API method documentation + url: https://docs.github.com/rest/reference/dependabot#list-dependabot-alerts-for-a-repository + parameters: + - "$ref": "#/components/parameters/owner" + - "$ref": "#/components/parameters/repo" + - "$ref": "#/components/parameters/dependabot-alert-state" + - "$ref": "#/components/parameters/dependabot-alert-severity" + - "$ref": "#/components/parameters/dependabot-alert-ecosystem" + - "$ref": "#/components/parameters/dependabot-alert-package" + - "$ref": "#/components/parameters/dependabot-alert-manifest" + - "$ref": "#/components/parameters/dependabot-alert-scope" + - "$ref": "#/components/parameters/dependabot-alert-sort" + - "$ref": "#/components/parameters/direction" + - "$ref": "#/components/parameters/page" + - "$ref": "#/components/parameters/per-page" + responses: + '200': + description: Response + content: + application/json: + schema: + type: array + items: + "$ref": "#/components/schemas/dependabot-alert" + examples: + default: + "$ref": "#/components/examples/dependabot-alerts" + '304': + "$ref": "#/components/responses/not_modified" + '403': + "$ref": "#/components/responses/forbidden" + '404': + "$ref": "#/components/responses/not_found" + '422': + "$ref": "#/components/responses/validation_failed_simple" + x-github: + githubCloudOnly: false + enabledForGitHubApps: true + previews: [] + category: dependabot + subcategory: alerts + "/repos/{owner}/{repo}/dependabot/alerts/{alert_number}": + get: + summary: Get a Dependabot alert + description: |- + You must use an access token with the `security_events` scope to use this endpoint with private repositories. + You can also use tokens with the `public_repo` scope for public repositories only. + GitHub Apps must have **Dependabot alerts** read permission to use this endpoint. + tags: + - dependabot + operationId: dependabot/get-alert + externalDocs: + description: API method documentation + url: https://docs.github.com/rest/reference/dependabot#get-a-dependabot-alert + parameters: + - "$ref": "#/components/parameters/owner" + - "$ref": "#/components/parameters/repo" + - "$ref": "#/components/parameters/dependabot-alert-number" + responses: + '200': + description: Response + content: + application/json: + schema: + "$ref": "#/components/schemas/dependabot-alert" + examples: + default: + "$ref": "#/components/examples/dependabot-alert-open" + '304': + "$ref": "#/components/responses/not_modified" + '403': + "$ref": "#/components/responses/forbidden" + '404': + "$ref": "#/components/responses/not_found" + x-github: + githubCloudOnly: false + enabledForGitHubApps: true + previews: [] + category: dependabot + subcategory: alerts + patch: + summary: Update a Dependabot alert + description: |- + You must use an access token with the `security_events` scope to use this endpoint with private repositories. + You can also use tokens with the `public_repo` scope for public repositories only. + GitHub Apps must have **Dependabot alerts** write permission to use this endpoint. + tags: + - dependabot + operationId: dependabot/update-alert + externalDocs: + description: API method documentation + url: https://docs.github.com/rest/reference/dependabot#update-a-dependabot-alert + parameters: + - "$ref": "#/components/parameters/owner" + - "$ref": "#/components/parameters/repo" + - "$ref": "#/components/parameters/dependabot-alert-number" + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + state: + "$ref": "#/components/schemas/dependabot-alert-set-state" + dismissed_reason: + "$ref": "#/components/schemas/dependabot-alert-dismissed-reason" + dismissed_comment: + "$ref": "#/components/schemas/dependabot-alert-dismissed-comment" + required: + - state + additionalProperties: false + examples: + default: + value: + state: dismissed + dismissed_reason: tolerable_risk + dismissed_comment: This alert is accurate but we use a sanitizer. + responses: + '200': + description: Response + content: + application/json: + schema: + "$ref": "#/components/schemas/dependabot-alert" + examples: + default: + "$ref": "#/components/examples/dependabot-alert-dismissed" + '304': + "$ref": "#/components/responses/not_modified" + '400': + "$ref": "#/components/responses/bad_request" + '403': + "$ref": "#/components/responses/forbidden" + '404': + "$ref": "#/components/responses/not_found" + '409': + "$ref": "#/components/responses/conflict" + '422': + "$ref": "#/components/responses/validation_failed_simple" + x-github: + githubCloudOnly: false + enabledForGitHubApps: true + previews: [] + category: dependabot + subcategory: alerts "/repos/{owner}/{repo}/dependabot/secrets": get: summary: List repository secrets @@ -54383,6 +54540,274 @@ components: required: - contributions - type + dependabot-alert-scope: + type: string + description: The scope of the vulnerable dependency. + nullable: true + readOnly: true + enum: + - development + - runtime + dependabot-alert-state: + type: string + description: State of a Dependabot alert. + enum: + - dismissed + - fixed + - open + dependabot-alert-package: + type: object + description: The details of the vulnerable package. + readOnly: true + properties: + ecosystem: + type: string + name: + type: string + dependabot-alert-dependency: + type: object + readOnly: true + properties: + package: + "$ref": "#/components/schemas/dependabot-alert-package" + manifest_path: + type: string + description: The path to the manifest filename. + readOnly: true + scope: + "$ref": "#/components/schemas/dependabot-alert-scope" + dependabot-alert-security-advisory: + type: object + description: The details of the security advisory, including summary, description, + and severity. + readOnly: true + properties: + ghsa_id: + type: string + cve_id: + type: string + nullable: true + summary: + type: string + description: + type: string + severity: + type: string + enum: + - low + - medium + - high + - critical + identifiers: + type: array + items: + type: object + properties: + type: + type: string + enum: + - GHSA + - CVE + value: + type: string + required: + - value + - type + additionalProperties: false + references: + type: array + items: + type: object + properties: + url: + type: string + format: uri + required: + - url + additionalProperties: false + cvss: + type: object + properties: + score: + type: number + vector_string: + type: string + nullable: true + required: + - vector_string + - score + additionalProperties: false + cwes: + type: array + items: + type: object + properties: + cwe_id: + type: string + name: + type: string + required: + - cwe_id + - name + additionalProperties: false + published_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + vulnerabilities: + type: array + items: + type: object + properties: + first_patched_version: + type: object + nullable: true + properties: + identifier: + type: string + required: + - identifier + additionalProperties: false + package: + type: object + properties: + ecosystem: + type: string + name: + type: string + required: + - ecosystem + - name + additionalProperties: false + severity: + type: string + vulnerable_version_range: + type: string + required: + - package + - severity + - vulnerable_version_range + - first_patched_version + additionalProperties: false + withdrawn_at: + type: string + format: date-time + nullable: true + required: + - cvss + - cwes + - ghsa_id + - summary + - description + - severity + - identifiers + - references + - published_at + - updated_at + - withdrawn_at + - vulnerabilities + additionalProperties: false + dependabot-alert-security-vulnerability: + type: object + description: The details of the vulnerability of a security advisory. + readOnly: true + properties: + package: + "$ref": "#/components/schemas/dependabot-alert-package" + severity: + type: string + vulnerable_version_range: + type: string + first_patched_version: + type: object + properties: + identifier: + type: string + dependabot-alert-dismissed_at: + type: string + description: 'The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.' + format: date-time + readOnly: true + nullable: true + dependabot-alert-dismissed-reason: + type: string + description: "**Required when the `state` is `dismissed`.** The reason for dismissing + the Dependabot alert." + nullable: true + enum: + - fix_started + - inaccurate + - no_bandwidth + - not_used + - tolerable_risk + dependabot-alert-dismissed-comment: + type: string + description: An optional comment associated with the alert's dismissal. The + maximum size is 280 characters. + nullable: true + maxLength: 280 + dependabot-alert-fixed-at: + type: string + description: 'The time that the alert was no longer detected and was considered + fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.' + format: date-time + readOnly: true + nullable: true + dependabot-alert: + type: object + properties: + number: + "$ref": "#/components/schemas/alert-number" + state: + "$ref": "#/components/schemas/dependabot-alert-state" + dependency: + "$ref": "#/components/schemas/dependabot-alert-dependency" + security_advisory: + "$ref": "#/components/schemas/dependabot-alert-security-advisory" + security_vulnerability: + "$ref": "#/components/schemas/dependabot-alert-security-vulnerability" + created_at: + "$ref": "#/components/schemas/alert-created-at" + updated_at: + "$ref": "#/components/schemas/alert-updated-at" + url: + "$ref": "#/components/schemas/alert-url" + html_url: + "$ref": "#/components/schemas/alert-html-url" + dismissed_at: + "$ref": "#/components/schemas/dependabot-alert-dismissed_at" + dismissed_by: + "$ref": "#/components/schemas/nullable-simple-user" + dismissed_reason: + "$ref": "#/components/schemas/dependabot-alert-dismissed-reason" + dismissed_comment: + "$ref": "#/components/schemas/dependabot-alert-dismissed-comment" + fixed_at: + "$ref": "#/components/schemas/dependabot-alert-fixed-at" + required: + - number + - state + - dependency + - security_advisory + - security_vulnerability + - url + - html_url + - dismissed_at + - dismissed_by + - dismissed_reason + - dismissed_comment + - fixed_at + - created_at + - updated_at + dependabot-alert-set-state: + description: Sets the status of the dependabot alert. You must provide `dismissed_reason` + when you set the state to `dismissed`. + type: string + enum: + - dismissed + - open dependabot-secret: title: Dependabot Secret description: Set secrets for Dependabot. @@ -74851,6 +75276,342 @@ components: type: User site_admin: false contributions: 32 + dependabot-alerts: + value: + - number: 2 + state: dismissed + dependency: + package: + ecosystem: pip + name: django + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-rf4j-j272-fj86 + cve_id: CVE-2018-6188 + summary: Django allows remote attackers to obtain potentially sensitive + information by leveraging data exposure from the confirm_login_allowed() + method, as demonstrated by discovering whether a user account is inactive + description: django.contrib.auth.forms.AuthenticationForm in Django 2.0 + before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain + potentially sensitive information by leveraging data exposure from the + confirm_login_allowed() method, as demonstrated by discovering whether + a user account is inactive. + severity: high + identifiers: + - type: GHSA + value: GHSA-rf4j-j272-fj86 + - type: CVE + value: CVE-2018-6188 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2018-6188 + - url: https://github.com/advisories/GHSA-rf4j-j272-fj86 + - url: https://usn.ubuntu.com/3559-1/ + - url: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/ + - url: http://www.securitytracker.com/id/1040422 + published_at: '2018-10-03T21:13:54Z' + updated_at: '2022-04-26T18:35:37Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 1.11.8, < 1.11.10" + first_patched_version: + identifier: 1.11.10 + cvss: + vector_string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + score: 7.5 + cwes: + - cwe_id: CWE-200 + name: Exposure of Sensitive Information to an Unauthorized Actor + security_vulnerability: + package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2 + html_url: https://github.com/octocat/hello-world/security/dependabot/2 + created_at: '2022-06-15T07:43:03Z' + updated_at: '2022-08-23T14:29:47Z' + dismissed_at: '2022-08-23T14:29:47Z' + dismissed_by: + login: octocat + id: 1 + node_id: MDQ6VXNlcjE= + avatar_url: https://github.com/images/error/octocat_happy.gif + gravatar_id: '' + url: https://api.github.com/users/octocat + html_url: https://github.com/octocat + followers_url: https://api.github.com/users/octocat/followers + following_url: https://api.github.com/users/octocat/following{/other_user} + gists_url: https://api.github.com/users/octocat/gists{/gist_id} + starred_url: https://api.github.com/users/octocat/starred{/owner}{/repo} + subscriptions_url: https://api.github.com/users/octocat/subscriptions + organizations_url: https://api.github.com/users/octocat/orgs + repos_url: https://api.github.com/users/octocat/repos + events_url: https://api.github.com/users/octocat/events{/privacy} + received_events_url: https://api.github.com/users/octocat/received_events + type: User + site_admin: false + dismissed_reason: tolerable_risk + dismissed_comment: This alert is accurate but we use a sanitizer. + fixed_at: + - number: 1 + state: open + dependency: + package: + ecosystem: pip + name: ansible + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-8f4m-hccc-8qph + cve_id: CVE-2021-20191 + summary: Insertion of Sensitive Information into Log File in ansible + description: A flaw was found in ansible. Credentials, such as secrets, + are being disclosed in console log by default and not protected by no_log + feature when using those modules. An attacker can take advantage of this + information to steal those credentials. The highest threat from this vulnerability + is to data confidentiality. + severity: medium + identifiers: + - type: GHSA + value: GHSA-8f4m-hccc-8qph + - type: CVE + value: CVE-2021-20191 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2021-20191 + - url: https://access.redhat.com/security/cve/cve-2021-20191 + - url: https://bugzilla.redhat.com/show_bug.cgi?id=1916813 + published_at: '2021-06-01T17:38:00Z' + updated_at: '2021-08-12T23:06:00Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.9.0, < 2.9.18" + first_patched_version: + identifier: 2.9.18 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.10.0, < 2.10.7" + first_patched_version: + identifier: 2.10.7 + cvss: + vector_string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + score: 5.5 + cwes: + - cwe_id: CWE-532 + name: Insertion of Sensitive Information into Log File + security_vulnerability: + package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1 + html_url: https://github.com/octocat/hello-world/security/dependabot/1 + created_at: '2022-06-14T15:21:52Z' + updated_at: '2022-06-14T15:21:52Z' + dismissed_at: + dismissed_by: + dismissed_reason: + dismissed_comment: + fixed_at: + dependabot-alert-open: + value: + number: 1 + state: open + dependency: + package: + ecosystem: pip + name: ansible + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-8f4m-hccc-8qph + cve_id: CVE-2021-20191 + summary: Insertion of Sensitive Information into Log File in ansible + description: A flaw was found in ansible. Credentials, such as secrets, + are being disclosed in console log by default and not protected by no_log + feature when using those modules. An attacker can take advantage of this + information to steal those credentials. The highest threat from this vulnerability + is to data confidentiality. + severity: medium + identifiers: + - type: GHSA + value: GHSA-8f4m-hccc-8qph + - type: CVE + value: CVE-2021-20191 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2021-20191 + - url: https://access.redhat.com/security/cve/cve-2021-20191 + - url: https://bugzilla.redhat.com/show_bug.cgi?id=1916813 + published_at: '2021-06-01T17:38:00Z' + updated_at: '2021-08-12T23:06:00Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.9.0, < 2.9.18" + first_patched_version: + identifier: 2.9.18 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.10.0, < 2.10.7" + first_patched_version: + identifier: 2.10.7 + cvss: + vector_string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + score: 5.5 + cwes: + - cwe_id: CWE-532 + name: Insertion of Sensitive Information into Log File + security_vulnerability: + package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1 + html_url: https://github.com/octocat/hello-world/security/dependabot/1 + created_at: '2022-06-14T15:21:52Z' + updated_at: '2022-06-14T15:21:52Z' + dismissed_at: + dismissed_by: + dismissed_reason: + dismissed_comment: + fixed_at: + dependabot-alert-dismissed: + value: + number: 2 + state: dismissed + dependency: + package: + ecosystem: pip + name: django + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-rf4j-j272-fj86 + cve_id: CVE-2018-6188 + summary: Django allows remote attackers to obtain potentially sensitive + information by leveraging data exposure from the confirm_login_allowed() + method, as demonstrated by discovering whether a user account is inactive + description: django.contrib.auth.forms.AuthenticationForm in Django 2.0 + before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain + potentially sensitive information by leveraging data exposure from the + confirm_login_allowed() method, as demonstrated by discovering whether + a user account is inactive. + severity: high + identifiers: + - type: GHSA + value: GHSA-rf4j-j272-fj86 + - type: CVE + value: CVE-2018-6188 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2018-6188 + - url: https://github.com/advisories/GHSA-rf4j-j272-fj86 + - url: https://usn.ubuntu.com/3559-1/ + - url: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/ + - url: http://www.securitytracker.com/id/1040422 + published_at: '2018-10-03T21:13:54Z' + updated_at: '2022-04-26T18:35:37Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 1.11.8, < 1.11.10" + first_patched_version: + identifier: 1.11.10 + cvss: + vector_string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + score: 7.5 + cwes: + - cwe_id: CWE-200 + name: Exposure of Sensitive Information to an Unauthorized Actor + security_vulnerability: + package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2 + html_url: https://github.com/octocat/hello-world/security/dependabot/2 + created_at: '2022-06-15T07:43:03Z' + updated_at: '2022-08-23T14:29:47Z' + dismissed_at: '2022-08-23T14:29:47Z' + dismissed_by: + login: octocat + id: 1 + node_id: MDQ6VXNlcjE= + avatar_url: https://github.com/images/error/octocat_happy.gif + gravatar_id: '' + url: https://api.github.com/users/octocat + html_url: https://github.com/octocat + followers_url: https://api.github.com/users/octocat/followers + following_url: https://api.github.com/users/octocat/following{/other_user} + gists_url: https://api.github.com/users/octocat/gists{/gist_id} + starred_url: https://api.github.com/users/octocat/starred{/owner}{/repo} + subscriptions_url: https://api.github.com/users/octocat/subscriptions + organizations_url: https://api.github.com/users/octocat/orgs + repos_url: https://api.github.com/users/octocat/repos + events_url: https://api.github.com/users/octocat/events{/privacy} + received_events_url: https://api.github.com/users/octocat/received_events + type: User + site_admin: false + dismissed_reason: tolerable_risk + dismissed_comment: This alert is accurate but we use a sanitizer. + fixed_at: dependabot-secret-paginated: value: total_count: 2 @@ -84031,6 +84792,77 @@ components: schema: type: string x-multi-segment: true + dependabot-alert-state: + name: state + description: |- + A comma-separated list of states. If specified, only alerts with these states will be returned. + + Can be: `dismissed`, `fixed`, `open` + in: query + schema: + type: string + dependabot-alert-severity: + name: severity + description: |- + A comma-separated list of severities. If specified, only alerts with these severities will be returned. + + Can be: `low`, `medium`, `high`, `critical` + in: query + schema: + type: string + dependabot-alert-ecosystem: + name: ecosystem + description: |- + A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned. + + Can be: `composer`, `go`, `maven`, `npm`, `nuget`, `pip`, `rubygems`, `rust` + in: query + schema: + type: string + dependabot-alert-package: + name: package + description: A comma-separated list of package names. If specified, only alerts + for these packages will be returned. + in: query + schema: + type: string + dependabot-alert-manifest: + name: manifest + description: A comma-separated list of full manifest paths. If specified, only + alerts for these manifests will be returned. + in: query + schema: + type: string + dependabot-alert-scope: + name: scope + description: Scope of the dependency on a Dependabot alert. + in: query + schema: + "$ref": "#/components/schemas/dependabot-alert-scope" + dependabot-alert-sort: + name: sort + description: |- + The property by which to sort the results. + `created` means when the alert was created. + `updated` means when the alert's state last changed. + in: query + required: false + schema: + type: string + enum: + - created + - updated + default: created + dependabot-alert-number: + name: alert_number + in: path + description: The number that identifies a Dependabot alert in its repository. + You can find this at the end of the URL for a Dependabot alert within GitHub, + or in `number` fields in the response from the `GET /repos/{owner}/{repo}/dependabot/alerts` + operation. + required: true + schema: + "$ref": "#/components/schemas/alert-number" manifest-path: name: name description: The full path, relative to the repository root, of the dependency diff --git a/descriptions/api.github.com/dereferenced/api.github.com.deref.json b/descriptions/api.github.com/dereferenced/api.github.com.deref.json index 0002245b6..0f512158e 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.deref.json +++ b/descriptions/api.github.com/dereferenced/api.github.com.deref.json @@ -242111,6 +242111,2505 @@ } } }, + "/repos/{owner}/{repo}/dependabot/alerts": { + "get": { + "summary": "List Dependabot alerts for a repository", + "description": "You must use an access token with the `security_events` scope to use this endpoint with private repositories.\nYou can also use tokens with the `public_repo` scope for public repositories only.\nGitHub Apps must have **Dependabot alerts** read permission to use this endpoint.", + "tags": [ + "dependabot" + ], + "operationId": "dependabot/list-alerts-for-repo", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/dependabot#list-dependabot-alerts-for-a-repository" + }, + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository. The name is not case sensitive.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "state", + "description": "A comma-separated list of states. If specified, only alerts with these states will be returned.\n\nCan be: `dismissed`, `fixed`, `open`", + "in": "query", + "schema": { + "type": "string" + } + }, + { + "name": "severity", + "description": "A comma-separated list of severities. If specified, only alerts with these severities will be returned.\n\nCan be: `low`, `medium`, `high`, `critical`", + "in": "query", + "schema": { + "type": "string" + } + }, + { + "name": "ecosystem", + "description": "A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.\n\nCan be: `composer`, `go`, `maven`, `npm`, `nuget`, `pip`, `rubygems`, `rust`", + "in": "query", + "schema": { + "type": "string" + } + }, + { + "name": "package", + "description": "A comma-separated list of package names. If specified, only alerts for these packages will be returned.", + "in": "query", + "schema": { + "type": "string" + } + }, + { + "name": "manifest", + "description": "A comma-separated list of full manifest paths. If specified, only alerts for these manifests will be returned.", + "in": "query", + "schema": { + "type": "string" + } + }, + { + "name": "scope", + "description": "Scope of the dependency on a Dependabot alert.", + "in": "query", + "schema": { + "type": "string", + "description": "The scope of the vulnerable dependency.", + "nullable": true, + "readOnly": true, + "enum": [ + "development", + "runtime" + ] + } + }, + { + "name": "sort", + "description": "The property by which to sort the results.\n`created` means when the alert was created.\n`updated` means when the alert's state last changed.", + "in": "query", + "required": false, + "schema": { + "type": "string", + "enum": [ + "created", + "updated" + ], + "default": "created" + } + }, + { + "name": "direction", + "description": "The direction to sort the results by.", + "in": "query", + "required": false, + "schema": { + "type": "string", + "enum": [ + "asc", + "desc" + ], + "default": "desc" + } + }, + { + "name": "page", + "description": "Page number of the results to fetch.", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "The number of results per page (max 100).", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "properties": { + "number": { + "type": "integer", + "description": "The security alert number.", + "readOnly": true + }, + "state": { + "type": "string", + "description": "State of a Dependabot alert.", + "enum": [ + "dismissed", + "fixed", + "open" + ] + }, + "dependency": { + "type": "object", + "readOnly": true, + "properties": { + "package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "manifest_path": { + "type": "string", + "description": "The path to the manifest filename.", + "readOnly": true + }, + "scope": { + "type": "string", + "description": "The scope of the vulnerable dependency.", + "nullable": true, + "readOnly": true, + "enum": [ + "development", + "runtime" + ] + } + } + }, + "security_advisory": { + "type": "object", + "description": "The details of the security advisory, including summary, description, and severity.", + "readOnly": true, + "properties": { + "ghsa_id": { + "type": "string" + }, + "cve_id": { + "type": "string", + "nullable": true + }, + "summary": { + "type": "string" + }, + "description": { + "type": "string" + }, + "severity": { + "type": "string", + "enum": [ + "low", + "medium", + "high", + "critical" + ] + }, + "identifiers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GHSA", + "CVE" + ] + }, + "value": { + "type": "string" + } + }, + "required": [ + "value", + "type" + ], + "additionalProperties": false + } + }, + "references": { + "type": "array", + "items": { + "type": "object", + "properties": { + "url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "url" + ], + "additionalProperties": false + } + }, + "cvss": { + "type": "object", + "properties": { + "score": { + "type": "number" + }, + "vector_string": { + "type": "string", + "nullable": true + } + }, + "required": [ + "vector_string", + "score" + ], + "additionalProperties": false + }, + "cwes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "cwe_id": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "cwe_id", + "name" + ], + "additionalProperties": false + } + }, + "published_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "vulnerabilities": { + "type": "array", + "items": { + "type": "object", + "properties": { + "first_patched_version": { + "type": "object", + "nullable": true, + "properties": { + "identifier": { + "type": "string" + } + }, + "required": [ + "identifier" + ], + "additionalProperties": false + }, + "package": { + "type": "object", + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "ecosystem", + "name" + ], + "additionalProperties": false + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + } + }, + "required": [ + "package", + "severity", + "vulnerable_version_range", + "first_patched_version" + ], + "additionalProperties": false + } + }, + "withdrawn_at": { + "type": "string", + "format": "date-time", + "nullable": true + } + }, + "required": [ + "cvss", + "cwes", + "ghsa_id", + "summary", + "description", + "severity", + "identifiers", + "references", + "published_at", + "updated_at", + "withdrawn_at", + "vulnerabilities" + ], + "additionalProperties": false + }, + "security_vulnerability": { + "type": "object", + "description": "The details of the vulnerability of a security advisory.", + "readOnly": true, + "properties": { + "package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + }, + "first_patched_version": { + "type": "object", + "properties": { + "identifier": { + "type": "string" + } + } + } + } + }, + "created_at": { + "type": "string", + "description": "The time that the alert was created in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + }, + "updated_at": { + "type": "string", + "description": "The time that the alert was last updated in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + }, + "url": { + "type": "string", + "description": "The REST API URL of the alert resource.", + "format": "uri", + "readOnly": true + }, + "html_url": { + "type": "string", + "description": "The GitHub URL of the alert resource.", + "format": "uri", + "readOnly": true + }, + "dismissed_at": { + "type": "string", + "description": "The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + }, + "dismissed_by": { + "title": "Simple User", + "description": "Simple User", + "type": "object", + "properties": { + "name": { + "nullable": true, + "type": "string" + }, + "email": { + "nullable": true, + "type": "string" + }, + "login": { + "type": "string", + "example": "octocat" + }, + "id": { + "type": "integer", + "example": 1 + }, + "node_id": { + "type": "string", + "example": "MDQ6VXNlcjE=" + }, + "avatar_url": { + "type": "string", + "format": "uri", + "example": "https://github.com/images/error/octocat_happy.gif" + }, + "gravatar_id": { + "type": "string", + "example": "41d064eb2195891e12d0413f63227ea7", + "nullable": true + }, + "url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat" + }, + "html_url": { + "type": "string", + "format": "uri", + "example": "https://github.com/octocat" + }, + "followers_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/followers" + }, + "following_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/following{/other_user}" + }, + "gists_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/gists{/gist_id}" + }, + "starred_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/starred{/owner}{/repo}" + }, + "subscriptions_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/subscriptions" + }, + "organizations_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/orgs" + }, + "repos_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/repos" + }, + "events_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/events{/privacy}" + }, + "received_events_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/received_events" + }, + "type": { + "type": "string", + "example": "User" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string", + "example": "\"2020-07-09T00:17:55Z\"" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ], + "nullable": true + }, + "dismissed_reason": { + "type": "string", + "description": "**Required when the `state` is `dismissed`.** The reason for dismissing the Dependabot alert.", + "nullable": true, + "enum": [ + "fix_started", + "inaccurate", + "no_bandwidth", + "not_used", + "tolerable_risk" + ] + }, + "dismissed_comment": { + "type": "string", + "description": "An optional comment associated with the alert's dismissal. The maximum size is 280 characters.", + "nullable": true, + "maxLength": 280 + }, + "fixed_at": { + "type": "string", + "description": "The time that the alert was no longer detected and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + } + }, + "required": [ + "number", + "state", + "dependency", + "security_advisory", + "security_vulnerability", + "url", + "html_url", + "dismissed_at", + "dismissed_by", + "dismissed_reason", + "dismissed_comment", + "fixed_at", + "created_at", + "updated_at" + ] + } + }, + "examples": { + "default": { + "value": [ + { + "number": 2, + "state": "dismissed", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-rf4j-j272-fj86", + "cve_id": "CVE-2018-6188", + "summary": "Django allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive", + "description": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.", + "severity": "high", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-rf4j-j272-fj86" + }, + { + "type": "CVE", + "value": "CVE-2018-6188" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6188" + }, + { + "url": "https://github.com/advisories/GHSA-rf4j-j272-fj86" + }, + { + "url": "https://usn.ubuntu.com/3559-1/" + }, + { + "url": "https://www.djangoproject.com/weblog/2018/feb/01/security-releases/" + }, + { + "url": "http://www.securitytracker.com/id/1040422" + } + ], + "published_at": "2018-10-03T21:13:54Z", + "updated_at": "2022-04-26T18:35:37Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 1.11.8, < 1.11.10", + "first_patched_version": { + "identifier": "1.11.10" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "score": 7.5 + }, + "cwes": [ + { + "cwe_id": "CWE-200", + "name": "Exposure of Sensitive Information to an Unauthorized Actor" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/2", + "created_at": "2022-06-15T07:43:03Z", + "updated_at": "2022-08-23T14:29:47Z", + "dismissed_at": "2022-08-23T14:29:47Z", + "dismissed_by": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "dismissed_reason": "tolerable_risk", + "dismissed_comment": "This alert is accurate but we use a sanitizer.", + "fixed_at": null + }, + { + "number": 1, + "state": "open", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-8f4m-hccc-8qph", + "cve_id": "CVE-2021-20191", + "summary": "Insertion of Sensitive Information into Log File in ansible", + "description": "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", + "severity": "medium", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-8f4m-hccc-8qph" + }, + { + "type": "CVE", + "value": "CVE-2021-20191" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20191" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2021-20191" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916813" + } + ], + "published_at": "2021-06-01T17:38:00Z", + "updated_at": "2021-08-12T23:06:00Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.9.0, < 2.9.18", + "first_patched_version": { + "identifier": "2.9.18" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.10.0, < 2.10.7", + "first_patched_version": { + "identifier": "2.10.7" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "score": 5.5 + }, + "cwes": [ + { + "cwe_id": "CWE-532", + "name": "Insertion of Sensitive Information into Log File" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/1", + "created_at": "2022-06-14T15:21:52Z", + "updated_at": "2022-06-14T15:21:52Z", + "dismissed_at": null, + "dismissed_by": null, + "dismissed_reason": null, + "dismissed_comment": null, + "fixed_at": null + } + ] + } + } + } + } + }, + "304": { + "description": "Not modified" + }, + "403": { + "description": "Forbidden", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + }, + "404": { + "description": "Resource not found", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + }, + "422": { + "description": "Validation failed", + "content": { + "application/json": { + "schema": { + "title": "Validation Error Simple", + "description": "Validation Error Simple", + "type": "object", + "required": [ + "message", + "documentation_url" + ], + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "errors": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "previews": [ + + ], + "category": "dependabot", + "subcategory": "alerts" + } + } + }, + "/repos/{owner}/{repo}/dependabot/alerts/{alert_number}": { + "get": { + "summary": "Get a Dependabot alert", + "description": "You must use an access token with the `security_events` scope to use this endpoint with private repositories.\nYou can also use tokens with the `public_repo` scope for public repositories only.\nGitHub Apps must have **Dependabot alerts** read permission to use this endpoint.", + "tags": [ + "dependabot" + ], + "operationId": "dependabot/get-alert", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/dependabot#get-a-dependabot-alert" + }, + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository. The name is not case sensitive.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "alert_number", + "in": "path", + "description": "The number that identifies a Dependabot alert in its repository. You can find this at the end of the URL for a Dependabot alert within GitHub, or in `number` fields in the response from the `GET /repos/{owner}/{repo}/dependabot/alerts` operation.", + "required": true, + "schema": { + "type": "integer", + "description": "The security alert number.", + "readOnly": true + } + } + ], + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "number": { + "type": "integer", + "description": "The security alert number.", + "readOnly": true + }, + "state": { + "type": "string", + "description": "State of a Dependabot alert.", + "enum": [ + "dismissed", + "fixed", + "open" + ] + }, + "dependency": { + "type": "object", + "readOnly": true, + "properties": { + "package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "manifest_path": { + "type": "string", + "description": "The path to the manifest filename.", + "readOnly": true + }, + "scope": { + "type": "string", + "description": "The scope of the vulnerable dependency.", + "nullable": true, + "readOnly": true, + "enum": [ + "development", + "runtime" + ] + } + } + }, + "security_advisory": { + "type": "object", + "description": "The details of the security advisory, including summary, description, and severity.", + "readOnly": true, + "properties": { + "ghsa_id": { + "type": "string" + }, + "cve_id": { + "type": "string", + "nullable": true + }, + "summary": { + "type": "string" + }, + "description": { + "type": "string" + }, + "severity": { + "type": "string", + "enum": [ + "low", + "medium", + "high", + "critical" + ] + }, + "identifiers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GHSA", + "CVE" + ] + }, + "value": { + "type": "string" + } + }, + "required": [ + "value", + "type" + ], + "additionalProperties": false + } + }, + "references": { + "type": "array", + "items": { + "type": "object", + "properties": { + "url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "url" + ], + "additionalProperties": false + } + }, + "cvss": { + "type": "object", + "properties": { + "score": { + "type": "number" + }, + "vector_string": { + "type": "string", + "nullable": true + } + }, + "required": [ + "vector_string", + "score" + ], + "additionalProperties": false + }, + "cwes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "cwe_id": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "cwe_id", + "name" + ], + "additionalProperties": false + } + }, + "published_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "vulnerabilities": { + "type": "array", + "items": { + "type": "object", + "properties": { + "first_patched_version": { + "type": "object", + "nullable": true, + "properties": { + "identifier": { + "type": "string" + } + }, + "required": [ + "identifier" + ], + "additionalProperties": false + }, + "package": { + "type": "object", + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "ecosystem", + "name" + ], + "additionalProperties": false + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + } + }, + "required": [ + "package", + "severity", + "vulnerable_version_range", + "first_patched_version" + ], + "additionalProperties": false + } + }, + "withdrawn_at": { + "type": "string", + "format": "date-time", + "nullable": true + } + }, + "required": [ + "cvss", + "cwes", + "ghsa_id", + "summary", + "description", + "severity", + "identifiers", + "references", + "published_at", + "updated_at", + "withdrawn_at", + "vulnerabilities" + ], + "additionalProperties": false + }, + "security_vulnerability": { + "type": "object", + "description": "The details of the vulnerability of a security advisory.", + "readOnly": true, + "properties": { + "package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + }, + "first_patched_version": { + "type": "object", + "properties": { + "identifier": { + "type": "string" + } + } + } + } + }, + "created_at": { + "type": "string", + "description": "The time that the alert was created in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + }, + "updated_at": { + "type": "string", + "description": "The time that the alert was last updated in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + }, + "url": { + "type": "string", + "description": "The REST API URL of the alert resource.", + "format": "uri", + "readOnly": true + }, + "html_url": { + "type": "string", + "description": "The GitHub URL of the alert resource.", + "format": "uri", + "readOnly": true + }, + "dismissed_at": { + "type": "string", + "description": "The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + }, + "dismissed_by": { + "title": "Simple User", + "description": "Simple User", + "type": "object", + "properties": { + "name": { + "nullable": true, + "type": "string" + }, + "email": { + "nullable": true, + "type": "string" + }, + "login": { + "type": "string", + "example": "octocat" + }, + "id": { + "type": "integer", + "example": 1 + }, + "node_id": { + "type": "string", + "example": "MDQ6VXNlcjE=" + }, + "avatar_url": { + "type": "string", + "format": "uri", + "example": "https://github.com/images/error/octocat_happy.gif" + }, + "gravatar_id": { + "type": "string", + "example": "41d064eb2195891e12d0413f63227ea7", + "nullable": true + }, + "url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat" + }, + "html_url": { + "type": "string", + "format": "uri", + "example": "https://github.com/octocat" + }, + "followers_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/followers" + }, + "following_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/following{/other_user}" + }, + "gists_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/gists{/gist_id}" + }, + "starred_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/starred{/owner}{/repo}" + }, + "subscriptions_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/subscriptions" + }, + "organizations_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/orgs" + }, + "repos_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/repos" + }, + "events_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/events{/privacy}" + }, + "received_events_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/received_events" + }, + "type": { + "type": "string", + "example": "User" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string", + "example": "\"2020-07-09T00:17:55Z\"" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ], + "nullable": true + }, + "dismissed_reason": { + "type": "string", + "description": "**Required when the `state` is `dismissed`.** The reason for dismissing the Dependabot alert.", + "nullable": true, + "enum": [ + "fix_started", + "inaccurate", + "no_bandwidth", + "not_used", + "tolerable_risk" + ] + }, + "dismissed_comment": { + "type": "string", + "description": "An optional comment associated with the alert's dismissal. The maximum size is 280 characters.", + "nullable": true, + "maxLength": 280 + }, + "fixed_at": { + "type": "string", + "description": "The time that the alert was no longer detected and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + } + }, + "required": [ + "number", + "state", + "dependency", + "security_advisory", + "security_vulnerability", + "url", + "html_url", + "dismissed_at", + "dismissed_by", + "dismissed_reason", + "dismissed_comment", + "fixed_at", + "created_at", + "updated_at" + ] + }, + "examples": { + "default": { + "value": { + "number": 1, + "state": "open", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-8f4m-hccc-8qph", + "cve_id": "CVE-2021-20191", + "summary": "Insertion of Sensitive Information into Log File in ansible", + "description": "A flaw was found in ansible. Credentials, such as secrets, are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality.", + "severity": "medium", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-8f4m-hccc-8qph" + }, + { + "type": "CVE", + "value": "CVE-2021-20191" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20191" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2021-20191" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916813" + } + ], + "published_at": "2021-06-01T17:38:00Z", + "updated_at": "2021-08-12T23:06:00Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.9.0, < 2.9.18", + "first_patched_version": { + "identifier": "2.9.18" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": ">= 2.10.0, < 2.10.7", + "first_patched_version": { + "identifier": "2.10.7" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "score": 5.5 + }, + "cwes": [ + { + "cwe_id": "CWE-532", + "name": "Insertion of Sensitive Information into Log File" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "ansible" + }, + "severity": "medium", + "vulnerable_version_range": "< 2.8.19", + "first_patched_version": { + "identifier": "2.8.19" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/1", + "created_at": "2022-06-14T15:21:52Z", + "updated_at": "2022-06-14T15:21:52Z", + "dismissed_at": null, + "dismissed_by": null, + "dismissed_reason": null, + "dismissed_comment": null, + "fixed_at": null + } + } + } + } + } + }, + "304": { + "description": "Not modified" + }, + "403": { + "description": "Forbidden", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + }, + "404": { + "description": "Resource not found", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "previews": [ + + ], + "category": "dependabot", + "subcategory": "alerts" + } + }, + "patch": { + "summary": "Update a Dependabot alert", + "description": "You must use an access token with the `security_events` scope to use this endpoint with private repositories.\nYou can also use tokens with the `public_repo` scope for public repositories only.\nGitHub Apps must have **Dependabot alerts** write permission to use this endpoint.", + "tags": [ + "dependabot" + ], + "operationId": "dependabot/update-alert", + "externalDocs": { + "description": "API method documentation", + "url": "https://docs.github.com/rest/reference/dependabot#update-a-dependabot-alert" + }, + "parameters": [ + { + "name": "owner", + "description": "The account owner of the repository. The name is not case sensitive.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "The name of the repository. The name is not case sensitive.", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "alert_number", + "in": "path", + "description": "The number that identifies a Dependabot alert in its repository. You can find this at the end of the URL for a Dependabot alert within GitHub, or in `number` fields in the response from the `GET /repos/{owner}/{repo}/dependabot/alerts` operation.", + "required": true, + "schema": { + "type": "integer", + "description": "The security alert number.", + "readOnly": true + } + } + ], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "state": { + "description": "Sets the status of the dependabot alert. You must provide `dismissed_reason` when you set the state to `dismissed`.", + "type": "string", + "enum": [ + "dismissed", + "open" + ] + }, + "dismissed_reason": { + "type": "string", + "description": "**Required when the `state` is `dismissed`.** The reason for dismissing the Dependabot alert.", + "nullable": true, + "enum": [ + "fix_started", + "inaccurate", + "no_bandwidth", + "not_used", + "tolerable_risk" + ] + }, + "dismissed_comment": { + "type": "string", + "description": "An optional comment associated with the alert's dismissal. The maximum size is 280 characters.", + "nullable": true, + "maxLength": 280 + } + }, + "required": [ + "state" + ], + "additionalProperties": false + }, + "examples": { + "default": { + "value": { + "state": "dismissed", + "dismissed_reason": "tolerable_risk", + "dismissed_comment": "This alert is accurate but we use a sanitizer." + } + } + } + } + } + }, + "responses": { + "200": { + "description": "Response", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "number": { + "type": "integer", + "description": "The security alert number.", + "readOnly": true + }, + "state": { + "type": "string", + "description": "State of a Dependabot alert.", + "enum": [ + "dismissed", + "fixed", + "open" + ] + }, + "dependency": { + "type": "object", + "readOnly": true, + "properties": { + "package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "manifest_path": { + "type": "string", + "description": "The path to the manifest filename.", + "readOnly": true + }, + "scope": { + "type": "string", + "description": "The scope of the vulnerable dependency.", + "nullable": true, + "readOnly": true, + "enum": [ + "development", + "runtime" + ] + } + } + }, + "security_advisory": { + "type": "object", + "description": "The details of the security advisory, including summary, description, and severity.", + "readOnly": true, + "properties": { + "ghsa_id": { + "type": "string" + }, + "cve_id": { + "type": "string", + "nullable": true + }, + "summary": { + "type": "string" + }, + "description": { + "type": "string" + }, + "severity": { + "type": "string", + "enum": [ + "low", + "medium", + "high", + "critical" + ] + }, + "identifiers": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GHSA", + "CVE" + ] + }, + "value": { + "type": "string" + } + }, + "required": [ + "value", + "type" + ], + "additionalProperties": false + } + }, + "references": { + "type": "array", + "items": { + "type": "object", + "properties": { + "url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "url" + ], + "additionalProperties": false + } + }, + "cvss": { + "type": "object", + "properties": { + "score": { + "type": "number" + }, + "vector_string": { + "type": "string", + "nullable": true + } + }, + "required": [ + "vector_string", + "score" + ], + "additionalProperties": false + }, + "cwes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "cwe_id": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "cwe_id", + "name" + ], + "additionalProperties": false + } + }, + "published_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "vulnerabilities": { + "type": "array", + "items": { + "type": "object", + "properties": { + "first_patched_version": { + "type": "object", + "nullable": true, + "properties": { + "identifier": { + "type": "string" + } + }, + "required": [ + "identifier" + ], + "additionalProperties": false + }, + "package": { + "type": "object", + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + }, + "required": [ + "ecosystem", + "name" + ], + "additionalProperties": false + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + } + }, + "required": [ + "package", + "severity", + "vulnerable_version_range", + "first_patched_version" + ], + "additionalProperties": false + } + }, + "withdrawn_at": { + "type": "string", + "format": "date-time", + "nullable": true + } + }, + "required": [ + "cvss", + "cwes", + "ghsa_id", + "summary", + "description", + "severity", + "identifiers", + "references", + "published_at", + "updated_at", + "withdrawn_at", + "vulnerabilities" + ], + "additionalProperties": false + }, + "security_vulnerability": { + "type": "object", + "description": "The details of the vulnerability of a security advisory.", + "readOnly": true, + "properties": { + "package": { + "type": "object", + "description": "The details of the vulnerable package.", + "readOnly": true, + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + } + } + }, + "severity": { + "type": "string" + }, + "vulnerable_version_range": { + "type": "string" + }, + "first_patched_version": { + "type": "object", + "properties": { + "identifier": { + "type": "string" + } + } + } + } + }, + "created_at": { + "type": "string", + "description": "The time that the alert was created in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + }, + "updated_at": { + "type": "string", + "description": "The time that the alert was last updated in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true + }, + "url": { + "type": "string", + "description": "The REST API URL of the alert resource.", + "format": "uri", + "readOnly": true + }, + "html_url": { + "type": "string", + "description": "The GitHub URL of the alert resource.", + "format": "uri", + "readOnly": true + }, + "dismissed_at": { + "type": "string", + "description": "The time that the alert was dismissed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + }, + "dismissed_by": { + "title": "Simple User", + "description": "Simple User", + "type": "object", + "properties": { + "name": { + "nullable": true, + "type": "string" + }, + "email": { + "nullable": true, + "type": "string" + }, + "login": { + "type": "string", + "example": "octocat" + }, + "id": { + "type": "integer", + "example": 1 + }, + "node_id": { + "type": "string", + "example": "MDQ6VXNlcjE=" + }, + "avatar_url": { + "type": "string", + "format": "uri", + "example": "https://github.com/images/error/octocat_happy.gif" + }, + "gravatar_id": { + "type": "string", + "example": "41d064eb2195891e12d0413f63227ea7", + "nullable": true + }, + "url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat" + }, + "html_url": { + "type": "string", + "format": "uri", + "example": "https://github.com/octocat" + }, + "followers_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/followers" + }, + "following_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/following{/other_user}" + }, + "gists_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/gists{/gist_id}" + }, + "starred_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/starred{/owner}{/repo}" + }, + "subscriptions_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/subscriptions" + }, + "organizations_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/orgs" + }, + "repos_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/repos" + }, + "events_url": { + "type": "string", + "example": "https://api.github.com/users/octocat/events{/privacy}" + }, + "received_events_url": { + "type": "string", + "format": "uri", + "example": "https://api.github.com/users/octocat/received_events" + }, + "type": { + "type": "string", + "example": "User" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string", + "example": "\"2020-07-09T00:17:55Z\"" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ], + "nullable": true + }, + "dismissed_reason": { + "type": "string", + "description": "**Required when the `state` is `dismissed`.** The reason for dismissing the Dependabot alert.", + "nullable": true, + "enum": [ + "fix_started", + "inaccurate", + "no_bandwidth", + "not_used", + "tolerable_risk" + ] + }, + "dismissed_comment": { + "type": "string", + "description": "An optional comment associated with the alert's dismissal. The maximum size is 280 characters.", + "nullable": true, + "maxLength": 280 + }, + "fixed_at": { + "type": "string", + "description": "The time that the alert was no longer detected and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.", + "format": "date-time", + "readOnly": true, + "nullable": true + } + }, + "required": [ + "number", + "state", + "dependency", + "security_advisory", + "security_vulnerability", + "url", + "html_url", + "dismissed_at", + "dismissed_by", + "dismissed_reason", + "dismissed_comment", + "fixed_at", + "created_at", + "updated_at" + ] + }, + "examples": { + "default": { + "value": { + "number": 2, + "state": "dismissed", + "dependency": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "manifest_path": "path/to/requirements.txt", + "scope": "runtime" + }, + "security_advisory": { + "ghsa_id": "GHSA-rf4j-j272-fj86", + "cve_id": "CVE-2018-6188", + "summary": "Django allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive", + "description": "django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.", + "severity": "high", + "identifiers": [ + { + "type": "GHSA", + "value": "GHSA-rf4j-j272-fj86" + }, + { + "type": "CVE", + "value": "CVE-2018-6188" + } + ], + "references": [ + { + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6188" + }, + { + "url": "https://github.com/advisories/GHSA-rf4j-j272-fj86" + }, + { + "url": "https://usn.ubuntu.com/3559-1/" + }, + { + "url": "https://www.djangoproject.com/weblog/2018/feb/01/security-releases/" + }, + { + "url": "http://www.securitytracker.com/id/1040422" + } + ], + "published_at": "2018-10-03T21:13:54Z", + "updated_at": "2022-04-26T18:35:37Z", + "withdrawn_at": null, + "vulnerabilities": [ + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 1.11.8, < 1.11.10", + "first_patched_version": { + "identifier": "1.11.10" + } + } + ], + "cvss": { + "vector_string": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "score": 7.5 + }, + "cwes": [ + { + "cwe_id": "CWE-200", + "name": "Exposure of Sensitive Information to an Unauthorized Actor" + } + ] + }, + "security_vulnerability": { + "package": { + "ecosystem": "pip", + "name": "django" + }, + "severity": "high", + "vulnerable_version_range": ">= 2.0.0, < 2.0.2", + "first_patched_version": { + "identifier": "2.0.2" + } + }, + "url": "https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2", + "html_url": "https://github.com/octocat/hello-world/security/dependabot/2", + "created_at": "2022-06-15T07:43:03Z", + "updated_at": "2022-08-23T14:29:47Z", + "dismissed_at": "2022-08-23T14:29:47Z", + "dismissed_by": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "dismissed_reason": "tolerable_risk", + "dismissed_comment": "This alert is accurate but we use a sanitizer.", + "fixed_at": null + } + } + } + } + } + }, + "304": { + "description": "Not modified" + }, + "400": { + "description": "Bad Request", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + }, + "application/scim+json": { + "schema": { + "title": "Scim Error", + "description": "Scim Error", + "type": "object", + "properties": { + "message": { + "type": "string", + "nullable": true + }, + "documentation_url": { + "type": "string", + "nullable": true + }, + "detail": { + "type": "string", + "nullable": true + }, + "status": { + "type": "integer" + }, + "scimType": { + "type": "string", + "nullable": true + }, + "schemas": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + }, + "403": { + "description": "Forbidden", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + }, + "404": { + "description": "Resource not found", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + }, + "409": { + "description": "Conflict", + "content": { + "application/json": { + "schema": { + "title": "Basic Error", + "description": "Basic Error", + "type": "object", + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "url": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } + } + }, + "422": { + "description": "Validation failed", + "content": { + "application/json": { + "schema": { + "title": "Validation Error Simple", + "description": "Validation Error Simple", + "type": "object", + "required": [ + "message", + "documentation_url" + ], + "properties": { + "message": { + "type": "string" + }, + "documentation_url": { + "type": "string" + }, + "errors": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + } + } + }, + "x-github": { + "githubCloudOnly": false, + "enabledForGitHubApps": true, + "previews": [ + + ], + "category": "dependabot", + "subcategory": "alerts" + } + } + }, "/repos/{owner}/{repo}/dependabot/secrets": { "get": { "summary": "List repository secrets", diff --git a/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml b/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml index cebd48de0..7c8f121b2 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml +++ b/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml @@ -8465,14 +8465,14 @@ paths: format: uri description: The REST API URL of the code locations for this alert. - state: &415 + state: &421 description: Sets the state of the secret scanning alert. You must provide `resolution` when you set the state to `resolved`. type: string enum: - open - resolved - resolution: &416 + resolution: &422 type: string description: "**Required when the `state` is `resolved`.** The reason for resolving the alert." @@ -8911,7 +8911,7 @@ paths: description: Issues are a great way to keep track of tasks, enhancements, and bugs for your projects. type: object - properties: &353 + properties: &359 id: type: integer node_id: @@ -9232,7 +9232,7 @@ paths: - hooray - eyes - rocket - required: &354 + required: &360 - assignee - closed_at - comments @@ -9254,7 +9254,7 @@ paths: - author_association - created_at - updated_at - comment: &351 + comment: &357 title: Issue Comment description: Comments provide a way for people to collaborate on an issue. @@ -9798,7 +9798,7 @@ paths: url: type: string format: uri - user: &442 + user: &448 title: Public User description: Public User type: object @@ -12816,7 +12816,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/activity#list-notifications-for-the-authenticated-user parameters: - - &382 + - &388 name: all description: If `true`, show notifications marked as read. in: query @@ -12824,7 +12824,7 @@ paths: schema: type: boolean default: false - - &383 + - &389 name: participating description: If `true`, only shows notifications in which the user is directly participating or mentioned. @@ -12834,7 +12834,7 @@ paths: type: boolean default: false - *71 - - &384 + - &390 name: before description: 'Only show notifications updated before the given time. This is a timestamp in [ISO 8601](https://en.wikipedia.org/wiki/ISO_8601) format: @@ -13237,7 +13237,7 @@ paths: - url - subscription_url examples: - default: &385 + default: &391 value: - id: '1' repository: @@ -13757,7 +13757,7 @@ paths: type: array items: *42 examples: - default: &461 + default: &467 value: - login: github id: 1 @@ -15369,7 +15369,7 @@ paths: type: array items: *47 examples: - default: &455 + default: &461 value: total_count: 1 repositories: @@ -16139,7 +16139,7 @@ paths: type: array items: *103 examples: - default: &446 + default: &452 value: total_count: 1 repositories: @@ -17963,7 +17963,7 @@ paths: - pulls_url - recent_folders examples: - default: &444 + default: &450 value: total_count: 3 codespaces: @@ -18736,7 +18736,7 @@ paths: description: Response content: application/json: - schema: &315 + schema: &321 title: DependabotPublicKey description: The public key used for setting Dependabot Secrets. type: object @@ -18753,7 +18753,7 @@ paths: - key_id - key examples: - default: &316 + default: &322 value: key_id: '012345678912345678' key: 2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234 @@ -19928,7 +19928,7 @@ paths: application/json: schema: *15 examples: - default: &347 + default: &353 value: id: 1 account: @@ -20148,7 +20148,7 @@ paths: required: true content: application/json: - schema: &348 + schema: &354 title: Interaction Restrictions description: Limit interactions to a specific type of user for a specified duration @@ -21932,7 +21932,7 @@ paths: parameters: - *100 - *158 - - &460 + - &466 name: repo_name description: repo_name parameter in: path @@ -22259,7 +22259,7 @@ paths: - nuget - container - *100 - - &462 + - &468 name: visibility description: The selected visibility of the packages. Only `container` package_types currently support `internal` visibility properly. For other ecosystems `internal` @@ -23446,7 +23446,7 @@ paths: application/json: schema: *47 examples: - default: &464 + default: &470 value: id: 1296269 node_id: MDEwOlJlcG9zaXRvcnkxMjk2MjY5 @@ -23602,7 +23602,7 @@ paths: - *55 - *32 - *12 - - &413 + - &419 name: before description: A cursor, as given in the [Link header](https://docs.github.com/rest/overview/resources-in-the-rest-api#link-header). If specified, the query only searches for events before this cursor. To @@ -23612,7 +23612,7 @@ paths: required: false schema: type: string - - &414 + - &420 name: after description: A cursor, as given in the [Link header](https://docs.github.com/rest/overview/resources-in-the-rest-api#link-header). If specified, the query only searches for events after this cursor. To @@ -23665,7 +23665,7 @@ paths: application/json: schema: type: array - items: &392 + items: &398 title: Team Simple description: Groups of organization members that gives permissions on specified repositories. @@ -23764,7 +23764,7 @@ paths: description: Response content: application/json: - schema: &474 + schema: &480 type: object properties: total_minutes_used: @@ -23831,7 +23831,7 @@ paths: - included_minutes - minutes_used_breakdown examples: - default: &475 + default: &481 value: total_minutes_used: 305 total_paid_minutes_used: 0 @@ -23902,7 +23902,7 @@ paths: description: Response content: application/json: - schema: &476 + schema: &482 type: object properties: total_gigabytes_bandwidth_used: @@ -23920,7 +23920,7 @@ paths: - total_paid_gigabytes_bandwidth_used - included_gigabytes_bandwidth examples: - default: &477 + default: &483 value: total_gigabytes_bandwidth_used: 50 total_paid_gigabytes_bandwidth_used: 40 @@ -23952,7 +23952,7 @@ paths: description: Response content: application/json: - schema: &478 + schema: &484 type: object properties: days_left_in_billing_cycle: @@ -23970,7 +23970,7 @@ paths: - estimated_paid_storage_for_month - estimated_storage_for_month examples: - default: &479 + default: &485 value: days_left_in_billing_cycle: 20 estimated_paid_storage_for_month: 15 @@ -24710,7 +24710,7 @@ paths: - updated_at - url examples: - default: &432 + default: &438 value: - author: login: octocat @@ -24949,7 +24949,7 @@ paths: application/json: schema: *183 examples: - default: &433 + default: &439 value: author: login: octocat @@ -25126,7 +25126,7 @@ paths: - updated_at - url examples: - default: &434 + default: &440 value: - author: login: octocat @@ -25343,7 +25343,7 @@ paths: application/json: schema: *186 examples: - default: &435 + default: &441 value: author: login: octocat @@ -25932,7 +25932,7 @@ paths: - state - url examples: - response-if-user-is-a-team-maintainer: &436 + response-if-user-is-a-team-maintainer: &442 summary: Response if user is a team maintainer value: url: https://api.github.com/teams/1/memberships/octocat @@ -25995,7 +25995,7 @@ paths: application/json: schema: *193 examples: - response-if-users-membership-with-team-is-now-pending: &437 + response-if-users-membership-with-team-is-now-pending: &443 summary: Response if user's membership with team is now pending value: url: https://api.github.com/teams/1/memberships/octocat @@ -26134,7 +26134,7 @@ paths: - updated_at - permissions examples: - default: &438 + default: &444 value: - owner_url: https://api.github.com/orgs/octocat url: https://api.github.com/projects/1002605 @@ -26210,7 +26210,7 @@ paths: application/json: schema: *194 examples: - default: &439 + default: &445 value: owner_url: https://api.github.com/orgs/octocat url: https://api.github.com/projects/1002605 @@ -26407,7 +26407,7 @@ paths: description: Alternative response with repository permissions content: application/json: - schema: &440 + schema: &446 title: Team Repository description: A team's access to a repository. type: object @@ -27188,7 +27188,7 @@ paths: type: array items: *180 examples: - response-if-child-teams-exist: &441 + response-if-child-teams-exist: &447 value: - id: 2 node_id: MDQ6VGVhbTI= @@ -29838,7 +29838,7 @@ paths: application/json: schema: *208 examples: - default: &334 + default: &340 value: id: 1296269 node_id: MDEwOlJlcG9zaXRvcnkxMjk2MjY5 @@ -33412,7 +33412,7 @@ paths: items: type: object properties: - type: &324 + type: &330 type: string description: The type of reviewer. enum: @@ -33543,7 +33543,7 @@ paths: application/json: schema: type: array - items: &319 + items: &325 title: Deployment description: A request for a specific ref(branch,sha,tag) to be deployed @@ -33648,7 +33648,7 @@ paths: - created_at - updated_at examples: - default: &320 + default: &326 value: - url: https://api.github.com/repos/octocat/example/deployments/1 id: 1 @@ -33969,7 +33969,7 @@ paths: - created_at - updated_at examples: - default: &427 + default: &433 value: total_count: 2 secrets: @@ -34040,7 +34040,7 @@ paths: application/json: schema: *232 examples: - default: &428 + default: &434 value: name: GH_TOKEN created_at: '2019-08-10T14:59:22Z' @@ -35453,7 +35453,7 @@ paths: required: - sha - url - verification: &338 + verification: &344 title: Verification type: object properties: @@ -42372,14 +42372,14 @@ paths: type: integer machines: type: array - items: &449 + items: &455 type: object title: Codespace machine description: A description of the machine powering a codespace. properties: *287 required: *288 examples: - default: &450 + default: &456 value: total_count: 2 machines: @@ -43034,7 +43034,7 @@ paths: description: Response when a new invitation is created content: application/json: - schema: &350 + schema: &356 title: Repository Invitation description: Repository invitations let you manage who you collaborate with. @@ -43810,7 +43810,7 @@ paths: type: array items: *298 examples: - default: &400 + default: &406 value: - url: https://api.github.com/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e sha: 6dcb09b5b57875f334f61aebed695e2e4193db5e @@ -44081,7 +44081,7 @@ paths: application/json: schema: type: array - items: &390 + items: &396 title: Pull Request Simple description: Pull Request Simple type: object @@ -44309,7 +44309,7 @@ paths: - review_comment - self author_association: *68 - auto_merge: &393 + auto_merge: &399 title: Auto merge description: The status of auto merging a pull request. type: object @@ -44372,7 +44372,7 @@ paths: - author_association - auto_merge examples: - default: &391 + default: &397 value: - url: https://api.github.com/repos/octocat/Hello-World/pulls/1347 id: 1 @@ -44920,7 +44920,7 @@ paths: application/json: schema: *298 examples: - default: &378 + default: &384 value: url: https://api.github.com/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e sha: 6dcb09b5b57875f334f61aebed695e2e4193db5e @@ -45551,7 +45551,7 @@ paths: application/json: schema: type: array - items: &420 + items: &426 title: Status description: The status of a commit. type: object @@ -46427,7 +46427,7 @@ paths: - size - type - url - - &405 + - &411 title: Content File description: Content File type: object @@ -47268,6 +47268,783 @@ paths: enabledForGitHubApps: true category: repos subcategory: + "/repos/{owner}/{repo}/dependabot/alerts": + get: + summary: List Dependabot alerts for a repository + description: |- + You must use an access token with the `security_events` scope to use this endpoint with private repositories. + You can also use tokens with the `public_repo` scope for public repositories only. + GitHub Apps must have **Dependabot alerts** read permission to use this endpoint. + tags: + - dependabot + operationId: dependabot/list-alerts-for-repo + externalDocs: + description: API method documentation + url: https://docs.github.com/rest/reference/dependabot#list-dependabot-alerts-for-a-repository + parameters: + - *196 + - *197 + - name: state + description: |- + A comma-separated list of states. If specified, only alerts with these states will be returned. + + Can be: `dismissed`, `fixed`, `open` + in: query + schema: + type: string + - name: severity + description: |- + A comma-separated list of severities. If specified, only alerts with these severities will be returned. + + Can be: `low`, `medium`, `high`, `critical` + in: query + schema: + type: string + - name: ecosystem + description: |- + A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned. + + Can be: `composer`, `go`, `maven`, `npm`, `nuget`, `pip`, `rubygems`, `rust` + in: query + schema: + type: string + - name: package + description: A comma-separated list of package names. If specified, only alerts + for these packages will be returned. + in: query + schema: + type: string + - name: manifest + description: A comma-separated list of full manifest paths. If specified, + only alerts for these manifests will be returned. + in: query + schema: + type: string + - name: scope + description: Scope of the dependency on a Dependabot alert. + in: query + schema: &315 + type: string + description: The scope of the vulnerable dependency. + nullable: true + readOnly: true + enum: + - development + - runtime + - name: sort + description: |- + The property by which to sort the results. + `created` means when the alert was created. + `updated` means when the alert's state last changed. + in: query + required: false + schema: + type: string + enum: + - created + - updated + default: created + - *55 + - *32 + - *12 + responses: + '200': + description: Response + content: + application/json: + schema: + type: array + items: &317 + type: object + properties: + number: *58 + state: + type: string + description: State of a Dependabot alert. + enum: + - dismissed + - fixed + - open + dependency: + type: object + readOnly: true + properties: + package: &316 + type: object + description: The details of the vulnerable package. + readOnly: true + properties: + ecosystem: + type: string + name: + type: string + manifest_path: + type: string + description: The path to the manifest filename. + readOnly: true + scope: *315 + security_advisory: + type: object + description: The details of the security advisory, including + summary, description, and severity. + readOnly: true + properties: + ghsa_id: + type: string + cve_id: + type: string + nullable: true + summary: + type: string + description: + type: string + severity: + type: string + enum: + - low + - medium + - high + - critical + identifiers: + type: array + items: + type: object + properties: + type: + type: string + enum: + - GHSA + - CVE + value: + type: string + required: + - value + - type + additionalProperties: false + references: + type: array + items: + type: object + properties: + url: + type: string + format: uri + required: + - url + additionalProperties: false + cvss: + type: object + properties: + score: + type: number + vector_string: + type: string + nullable: true + required: + - vector_string + - score + additionalProperties: false + cwes: + type: array + items: + type: object + properties: + cwe_id: + type: string + name: + type: string + required: + - cwe_id + - name + additionalProperties: false + published_at: + type: string + format: date-time + updated_at: + type: string + format: date-time + vulnerabilities: + type: array + items: + type: object + properties: + first_patched_version: + type: object + nullable: true + properties: + identifier: + type: string + required: + - identifier + additionalProperties: false + package: + type: object + properties: + ecosystem: + type: string + name: + type: string + required: + - ecosystem + - name + additionalProperties: false + severity: + type: string + vulnerable_version_range: + type: string + required: + - package + - severity + - vulnerable_version_range + - first_patched_version + additionalProperties: false + withdrawn_at: + type: string + format: date-time + nullable: true + required: + - cvss + - cwes + - ghsa_id + - summary + - description + - severity + - identifiers + - references + - published_at + - updated_at + - withdrawn_at + - vulnerabilities + additionalProperties: false + security_vulnerability: + type: object + description: The details of the vulnerability of a security + advisory. + readOnly: true + properties: + package: *316 + severity: + type: string + vulnerable_version_range: + type: string + first_patched_version: + type: object + properties: + identifier: + type: string + created_at: *59 + updated_at: *268 + url: *60 + html_url: *61 + dismissed_at: + type: string + description: 'The time that the alert was dismissed in ISO 8601 + format: `YYYY-MM-DDTHH:MM:SSZ`.' + format: date-time + readOnly: true + nullable: true + dismissed_by: + title: Simple User + description: Simple User + type: object + properties: *13 + required: *14 + nullable: true + dismissed_reason: &319 + type: string + description: "**Required when the `state` is `dismissed`.** + The reason for dismissing the Dependabot alert." + nullable: true + enum: + - fix_started + - inaccurate + - no_bandwidth + - not_used + - tolerable_risk + dismissed_comment: &320 + type: string + description: An optional comment associated with the alert's + dismissal. The maximum size is 280 characters. + nullable: true + maxLength: 280 + fixed_at: + type: string + description: 'The time that the alert was no longer detected + and was considered fixed in ISO 8601 format: `YYYY-MM-DDTHH:MM:SSZ`.' + format: date-time + readOnly: true + nullable: true + required: + - number + - state + - dependency + - security_advisory + - security_vulnerability + - url + - html_url + - dismissed_at + - dismissed_by + - dismissed_reason + - dismissed_comment + - fixed_at + - created_at + - updated_at + examples: + default: + value: + - number: 2 + state: dismissed + dependency: + package: + ecosystem: pip + name: django + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-rf4j-j272-fj86 + cve_id: CVE-2018-6188 + summary: Django allows remote attackers to obtain potentially + sensitive information by leveraging data exposure from the + confirm_login_allowed() method, as demonstrated by discovering + whether a user account is inactive + description: django.contrib.auth.forms.AuthenticationForm in + Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote + attackers to obtain potentially sensitive information by leveraging + data exposure from the confirm_login_allowed() method, as + demonstrated by discovering whether a user account is inactive. + severity: high + identifiers: + - type: GHSA + value: GHSA-rf4j-j272-fj86 + - type: CVE + value: CVE-2018-6188 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2018-6188 + - url: https://github.com/advisories/GHSA-rf4j-j272-fj86 + - url: https://usn.ubuntu.com/3559-1/ + - url: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/ + - url: http://www.securitytracker.com/id/1040422 + published_at: '2018-10-03T21:13:54Z' + updated_at: '2022-04-26T18:35:37Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 1.11.8, < 1.11.10" + first_patched_version: + identifier: 1.11.10 + cvss: + vector_string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + score: 7.5 + cwes: + - cwe_id: CWE-200 + name: Exposure of Sensitive Information to an Unauthorized + Actor + security_vulnerability: + package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2 + html_url: https://github.com/octocat/hello-world/security/dependabot/2 + created_at: '2022-06-15T07:43:03Z' + updated_at: '2022-08-23T14:29:47Z' + dismissed_at: '2022-08-23T14:29:47Z' + dismissed_by: + login: octocat + id: 1 + node_id: MDQ6VXNlcjE= + avatar_url: https://github.com/images/error/octocat_happy.gif + gravatar_id: '' + url: https://api.github.com/users/octocat + html_url: https://github.com/octocat + followers_url: https://api.github.com/users/octocat/followers + following_url: https://api.github.com/users/octocat/following{/other_user} + gists_url: https://api.github.com/users/octocat/gists{/gist_id} + starred_url: https://api.github.com/users/octocat/starred{/owner}{/repo} + subscriptions_url: https://api.github.com/users/octocat/subscriptions + organizations_url: https://api.github.com/users/octocat/orgs + repos_url: https://api.github.com/users/octocat/repos + events_url: https://api.github.com/users/octocat/events{/privacy} + received_events_url: https://api.github.com/users/octocat/received_events + type: User + site_admin: false + dismissed_reason: tolerable_risk + dismissed_comment: This alert is accurate but we use a sanitizer. + fixed_at: + - number: 1 + state: open + dependency: + package: + ecosystem: pip + name: ansible + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-8f4m-hccc-8qph + cve_id: CVE-2021-20191 + summary: Insertion of Sensitive Information into Log File in + ansible + description: A flaw was found in ansible. Credentials, such + as secrets, are being disclosed in console log by default + and not protected by no_log feature when using those modules. + An attacker can take advantage of this information to steal + those credentials. The highest threat from this vulnerability + is to data confidentiality. + severity: medium + identifiers: + - type: GHSA + value: GHSA-8f4m-hccc-8qph + - type: CVE + value: CVE-2021-20191 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2021-20191 + - url: https://access.redhat.com/security/cve/cve-2021-20191 + - url: https://bugzilla.redhat.com/show_bug.cgi?id=1916813 + published_at: '2021-06-01T17:38:00Z' + updated_at: '2021-08-12T23:06:00Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.9.0, < 2.9.18" + first_patched_version: + identifier: 2.9.18 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.10.0, < 2.10.7" + first_patched_version: + identifier: 2.10.7 + cvss: + vector_string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + score: 5.5 + cwes: + - cwe_id: CWE-532 + name: Insertion of Sensitive Information into Log File + security_vulnerability: + package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1 + html_url: https://github.com/octocat/hello-world/security/dependabot/1 + created_at: '2022-06-14T15:21:52Z' + updated_at: '2022-06-14T15:21:52Z' + dismissed_at: + dismissed_by: + dismissed_reason: + dismissed_comment: + fixed_at: + '304': *27 + '403': *24 + '404': *16 + '422': *51 + x-github: + githubCloudOnly: false + enabledForGitHubApps: true + previews: [] + category: dependabot + subcategory: alerts + "/repos/{owner}/{repo}/dependabot/alerts/{alert_number}": + get: + summary: Get a Dependabot alert + description: |- + You must use an access token with the `security_events` scope to use this endpoint with private repositories. + You can also use tokens with the `public_repo` scope for public repositories only. + GitHub Apps must have **Dependabot alerts** read permission to use this endpoint. + tags: + - dependabot + operationId: dependabot/get-alert + externalDocs: + description: API method documentation + url: https://docs.github.com/rest/reference/dependabot#get-a-dependabot-alert + parameters: + - *196 + - *197 + - &318 + name: alert_number + in: path + description: The number that identifies a Dependabot alert in its repository. + You can find this at the end of the URL for a Dependabot alert within GitHub, + or in `number` fields in the response from the `GET /repos/{owner}/{repo}/dependabot/alerts` + operation. + required: true + schema: *58 + responses: + '200': + description: Response + content: + application/json: + schema: *317 + examples: + default: + value: + number: 1 + state: open + dependency: + package: + ecosystem: pip + name: ansible + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-8f4m-hccc-8qph + cve_id: CVE-2021-20191 + summary: Insertion of Sensitive Information into Log File in + ansible + description: A flaw was found in ansible. Credentials, such + as secrets, are being disclosed in console log by default + and not protected by no_log feature when using those modules. + An attacker can take advantage of this information to steal + those credentials. The highest threat from this vulnerability + is to data confidentiality. + severity: medium + identifiers: + - type: GHSA + value: GHSA-8f4m-hccc-8qph + - type: CVE + value: CVE-2021-20191 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2021-20191 + - url: https://access.redhat.com/security/cve/cve-2021-20191 + - url: https://bugzilla.redhat.com/show_bug.cgi?id=1916813 + published_at: '2021-06-01T17:38:00Z' + updated_at: '2021-08-12T23:06:00Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.9.0, < 2.9.18" + first_patched_version: + identifier: 2.9.18 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + - package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: ">= 2.10.0, < 2.10.7" + first_patched_version: + identifier: 2.10.7 + cvss: + vector_string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + score: 5.5 + cwes: + - cwe_id: CWE-532 + name: Insertion of Sensitive Information into Log File + security_vulnerability: + package: + ecosystem: pip + name: ansible + severity: medium + vulnerable_version_range: "< 2.8.19" + first_patched_version: + identifier: 2.8.19 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/1 + html_url: https://github.com/octocat/hello-world/security/dependabot/1 + created_at: '2022-06-14T15:21:52Z' + updated_at: '2022-06-14T15:21:52Z' + dismissed_at: + dismissed_by: + dismissed_reason: + dismissed_comment: + fixed_at: + '304': *27 + '403': *24 + '404': *16 + x-github: + githubCloudOnly: false + enabledForGitHubApps: true + previews: [] + category: dependabot + subcategory: alerts + patch: + summary: Update a Dependabot alert + description: |- + You must use an access token with the `security_events` scope to use this endpoint with private repositories. + You can also use tokens with the `public_repo` scope for public repositories only. + GitHub Apps must have **Dependabot alerts** write permission to use this endpoint. + tags: + - dependabot + operationId: dependabot/update-alert + externalDocs: + description: API method documentation + url: https://docs.github.com/rest/reference/dependabot#update-a-dependabot-alert + parameters: + - *196 + - *197 + - *318 + requestBody: + required: true + content: + application/json: + schema: + type: object + properties: + state: + description: Sets the status of the dependabot alert. You must provide + `dismissed_reason` when you set the state to `dismissed`. + type: string + enum: + - dismissed + - open + dismissed_reason: *319 + dismissed_comment: *320 + required: + - state + additionalProperties: false + examples: + default: + value: + state: dismissed + dismissed_reason: tolerable_risk + dismissed_comment: This alert is accurate but we use a sanitizer. + responses: + '200': + description: Response + content: + application/json: + schema: *317 + examples: + default: + value: + number: 2 + state: dismissed + dependency: + package: + ecosystem: pip + name: django + manifest_path: path/to/requirements.txt + scope: runtime + security_advisory: + ghsa_id: GHSA-rf4j-j272-fj86 + cve_id: CVE-2018-6188 + summary: Django allows remote attackers to obtain potentially + sensitive information by leveraging data exposure from the + confirm_login_allowed() method, as demonstrated by discovering + whether a user account is inactive + description: django.contrib.auth.forms.AuthenticationForm in + Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote + attackers to obtain potentially sensitive information by leveraging + data exposure from the confirm_login_allowed() method, as + demonstrated by discovering whether a user account is inactive. + severity: high + identifiers: + - type: GHSA + value: GHSA-rf4j-j272-fj86 + - type: CVE + value: CVE-2018-6188 + references: + - url: https://nvd.nist.gov/vuln/detail/CVE-2018-6188 + - url: https://github.com/advisories/GHSA-rf4j-j272-fj86 + - url: https://usn.ubuntu.com/3559-1/ + - url: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/ + - url: http://www.securitytracker.com/id/1040422 + published_at: '2018-10-03T21:13:54Z' + updated_at: '2022-04-26T18:35:37Z' + withdrawn_at: + vulnerabilities: + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + - package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 1.11.8, < 1.11.10" + first_patched_version: + identifier: 1.11.10 + cvss: + vector_string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + score: 7.5 + cwes: + - cwe_id: CWE-200 + name: Exposure of Sensitive Information to an Unauthorized + Actor + security_vulnerability: + package: + ecosystem: pip + name: django + severity: high + vulnerable_version_range: ">= 2.0.0, < 2.0.2" + first_patched_version: + identifier: 2.0.2 + url: https://api.github.com/repos/octocat/hello-world/dependabot/alerts/2 + html_url: https://github.com/octocat/hello-world/security/dependabot/2 + created_at: '2022-06-15T07:43:03Z' + updated_at: '2022-08-23T14:29:47Z' + dismissed_at: '2022-08-23T14:29:47Z' + dismissed_by: + login: octocat + id: 1 + node_id: MDQ6VXNlcjE= + avatar_url: https://github.com/images/error/octocat_happy.gif + gravatar_id: '' + url: https://api.github.com/users/octocat + html_url: https://github.com/octocat + followers_url: https://api.github.com/users/octocat/followers + following_url: https://api.github.com/users/octocat/following{/other_user} + gists_url: https://api.github.com/users/octocat/gists{/gist_id} + starred_url: https://api.github.com/users/octocat/starred{/owner}{/repo} + subscriptions_url: https://api.github.com/users/octocat/subscriptions + organizations_url: https://api.github.com/users/octocat/orgs + repos_url: https://api.github.com/users/octocat/repos + events_url: https://api.github.com/users/octocat/events{/privacy} + received_events_url: https://api.github.com/users/octocat/received_events + type: User + site_admin: false + dismissed_reason: tolerable_risk + dismissed_comment: This alert is accurate but we use a sanitizer. + fixed_at: + '304': *27 + '400': *9 + '403': *24 + '404': *16 + '409': *228 + '422': *51 + x-github: + githubCloudOnly: false + enabledForGitHubApps: true + previews: [] + category: dependabot + subcategory: alerts "/repos/{owner}/{repo}/dependabot/secrets": get: summary: List repository secrets @@ -47301,7 +48078,7 @@ paths: type: integer secrets: type: array - items: &317 + items: &323 title: Dependabot Secret description: Set secrets for Dependabot. type: object @@ -47360,9 +48137,9 @@ paths: description: Response content: application/json: - schema: *315 + schema: *321 examples: - default: *316 + default: *322 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -47390,7 +48167,7 @@ paths: description: Response content: application/json: - schema: *317 + schema: *323 examples: default: value: @@ -47796,7 +48573,7 @@ paths: - version - url additionalProperties: false - metadata: &318 + metadata: &324 title: metadata description: User-defined metadata to store domain-specific information limited to 8 keys with scalar values. @@ -47829,7 +48606,7 @@ paths: the root of the Git repository. example: "/src/build/package-lock.json" additionalProperties: false - metadata: *318 + metadata: *324 resolved: type: object description: A collection of resolved package dependencies. @@ -47842,7 +48619,7 @@ paths: for more details. example: pkg:/npm/%40actions/http-client@1.0.11 pattern: "^pkg" - metadata: *318 + metadata: *324 relationship: type: string description: A notation of whether a dependency is requested @@ -48012,9 +48789,9 @@ paths: application/json: schema: type: array - items: *319 + items: *325 examples: - default: *320 + default: *326 headers: Link: *28 x-github: @@ -48159,7 +48936,7 @@ paths: description: Response content: application/json: - schema: *319 + schema: *325 examples: simple-example: summary: Simple example @@ -48234,7 +49011,7 @@ paths: parameters: - *196 - *197 - - &321 + - &327 name: deployment_id description: deployment_id parameter in: path @@ -48246,7 +49023,7 @@ paths: description: Response content: application/json: - schema: *319 + schema: *325 examples: default: value: @@ -48311,7 +49088,7 @@ paths: parameters: - *196 - *197 - - *321 + - *327 responses: '204': description: Response @@ -48335,7 +49112,7 @@ paths: parameters: - *196 - *197 - - *321 + - *327 - *12 - *32 responses: @@ -48345,7 +49122,7 @@ paths: application/json: schema: type: array - items: &322 + items: &328 title: Deployment Status description: The status of a deployment. type: object @@ -48506,7 +49283,7 @@ paths: parameters: - *196 - *197 - - *321 + - *327 requestBody: required: true content: @@ -48583,9 +49360,9 @@ paths: description: Response content: application/json: - schema: *322 + schema: *328 examples: - default: &323 + default: &329 value: url: https://api.github.com/repos/octocat/example/deployments/42/statuses/1 id: 1 @@ -48643,7 +49420,7 @@ paths: parameters: - *196 - *197 - - *321 + - *327 - name: status_id in: path required: true @@ -48654,9 +49431,9 @@ paths: description: Response content: application/json: - schema: *322 + schema: *328 examples: - default: *323 + default: *329 '404': *16 x-github: githubCloudOnly: false @@ -48755,7 +49532,7 @@ paths: type: integer environments: type: array - items: &325 + items: &331 title: Environment description: Details of a deployment environment type: object @@ -48804,7 +49581,7 @@ paths: type: type: string example: wait_timer - wait_timer: &327 + wait_timer: &333 type: integer example: 30 description: The amount of time to delay a job after @@ -48836,7 +49613,7 @@ paths: items: type: object properties: - type: *324 + type: *330 reviewer: anyOf: - *19 @@ -48860,7 +49637,7 @@ paths: - id - node_id - type - deployment_branch_policy: &328 + deployment_branch_policy: &334 type: object description: The type of deployment branch policy for this environment. To allow all branches to deploy, set to `null`. @@ -48975,7 +49752,7 @@ paths: parameters: - *196 - *197 - - &326 + - &332 name: environment_name in: path required: true @@ -48987,9 +49764,9 @@ paths: description: Response content: application/json: - schema: *325 + schema: *331 examples: - default: &329 + default: &335 value: id: 161088068 node_id: MDExOkVudmlyb25tZW50MTYxMDg4MDY4 @@ -49071,7 +49848,7 @@ paths: parameters: - *196 - *197 - - *326 + - *332 requestBody: required: false content: @@ -49080,7 +49857,7 @@ paths: type: object nullable: true properties: - wait_timer: *327 + wait_timer: *333 reviewers: type: array nullable: true @@ -49092,13 +49869,13 @@ paths: items: type: object properties: - type: *324 + type: *330 id: type: integer description: The id of the user or team who can review the deployment example: 4532992 - deployment_branch_policy: *328 + deployment_branch_policy: *334 additionalProperties: false examples: default: @@ -49117,9 +49894,9 @@ paths: description: Response content: application/json: - schema: *325 + schema: *331 examples: - default: *329 + default: *335 '422': description: Validation error when the environment name is invalid or when `protected_branches` and `custom_branch_policies` in `deployment_branch_policy` @@ -49145,7 +49922,7 @@ paths: parameters: - *196 - *197 - - *326 + - *332 responses: '204': description: Default response @@ -49170,7 +49947,7 @@ paths: parameters: - *196 - *197 - - *326 + - *332 - *12 - *32 responses: @@ -49188,7 +49965,7 @@ paths: example: 2 branch_policies: type: array - items: &330 + items: &336 title: Deployment branch policy description: Details of a deployment branch policy. type: object @@ -49239,12 +50016,12 @@ paths: parameters: - *196 - *197 - - *326 + - *332 requestBody: required: true content: application/json: - schema: &333 + schema: &339 title: Deployment branch policy name pattern type: object properties: @@ -49272,9 +50049,9 @@ paths: description: Response content: application/json: - schema: *330 + schema: *336 examples: - example-wildcard: &331 + example-wildcard: &337 value: id: 364662 node_id: MDE2OkdhdGVCcmFuY2hQb2xpY3kzNjQ2NjI= @@ -49310,8 +50087,8 @@ paths: parameters: - *196 - *197 - - *326 - - &332 + - *332 + - &338 name: branch_policy_id in: path required: true @@ -49323,9 +50100,9 @@ paths: description: Response content: application/json: - schema: *330 + schema: *336 examples: - default: *331 + default: *337 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -49346,13 +50123,13 @@ paths: parameters: - *196 - *197 - - *326 - *332 + - *338 requestBody: required: true content: application/json: - schema: *333 + schema: *339 examples: default: value: @@ -49362,9 +50139,9 @@ paths: description: Response content: application/json: - schema: *330 + schema: *336 examples: - default: *331 + default: *337 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -49385,8 +50162,8 @@ paths: parameters: - *196 - *197 - - *326 - *332 + - *338 responses: '204': description: Response @@ -49669,7 +50446,7 @@ paths: application/json: schema: *208 examples: - default: *334 + default: *340 '400': *9 '422': *10 '403': *24 @@ -49971,7 +50748,7 @@ paths: description: Response content: application/json: - schema: &335 + schema: &341 title: Git Commit description: Low-level Git commit operations within a repository type: object @@ -50184,7 +50961,7 @@ paths: description: Response content: application/json: - schema: *335 + schema: *341 examples: default: value: @@ -50253,7 +51030,7 @@ paths: application/json: schema: type: array - items: &336 + items: &342 title: Git Reference description: Git references within a repository type: object @@ -50340,9 +51117,9 @@ paths: description: Response content: application/json: - schema: *336 + schema: *342 examples: - default: &337 + default: &343 value: ref: refs/heads/featureA node_id: MDM6UmVmcmVmcy9oZWFkcy9mZWF0dXJlQQ== @@ -50403,9 +51180,9 @@ paths: description: Response content: application/json: - schema: *336 + schema: *342 examples: - default: *337 + default: *343 headers: Location: example: https://api.github.com/repos/octocat/Hello-World/git/refs/heads/featureA @@ -50468,9 +51245,9 @@ paths: description: Response content: application/json: - schema: *336 + schema: *342 examples: - default: *337 + default: *343 '422': *10 x-github: githubCloudOnly: false @@ -50614,7 +51391,7 @@ paths: description: Response content: application/json: - schema: &339 + schema: &345 title: Git Tag description: Metadata for a Git tag type: object @@ -50665,7 +51442,7 @@ paths: - sha - type - url - verification: *338 + verification: *344 required: - sha - url @@ -50675,7 +51452,7 @@ paths: - tag - message examples: - default: &340 + default: &346 value: node_id: MDM6VGFnOTQwYmQzMzYyNDhlZmFlMGY5ZWU1YmM3YjJkNWM5ODU4ODdiMTZhYw== tag: v0.0.1 @@ -50757,9 +51534,9 @@ paths: description: Response content: application/json: - schema: *339 + schema: *345 examples: - default: *340 + default: *346 '404': *16 x-github: githubCloudOnly: false @@ -50856,7 +51633,7 @@ paths: description: Response content: application/json: - schema: &341 + schema: &347 title: Git Tree description: The hierarchy between files in a Git repository. type: object @@ -50990,7 +51767,7 @@ paths: description: Response content: application/json: - schema: *341 + schema: *347 examples: default-response: summary: Default response @@ -51059,7 +51836,7 @@ paths: application/json: schema: type: array - items: &342 + items: &348 title: Webhook description: Webhooks for repositories. type: object @@ -51271,9 +52048,9 @@ paths: description: Response content: application/json: - schema: *342 + schema: *348 examples: - default: &343 + default: &349 value: type: Repository id: 12345678 @@ -51329,9 +52106,9 @@ paths: description: Response content: application/json: - schema: *342 + schema: *348 examples: - default: *343 + default: *349 '404': *16 x-github: githubCloudOnly: false @@ -51414,9 +52191,9 @@ paths: description: Response content: application/json: - schema: *342 + schema: *348 examples: - default: *343 + default: *349 '422': *10 '404': *16 x-github: @@ -51712,7 +52489,7 @@ paths: description: Response content: application/json: - schema: &344 + schema: &350 title: Import description: A repository import from an external source. type: object @@ -51811,7 +52588,7 @@ paths: - html_url - authors_url examples: - default: &346 + default: &352 value: vcs: subversion use_lfs: true @@ -51891,7 +52668,7 @@ paths: description: Response content: application/json: - schema: *344 + schema: *350 examples: default: value: @@ -51987,7 +52764,7 @@ paths: description: Response content: application/json: - schema: *344 + schema: *350 examples: example-1: summary: Example 1 @@ -52076,7 +52853,7 @@ paths: parameters: - *196 - *197 - - &470 + - &476 name: since description: A user ID. Only return users with an ID greater than this ID. in: query @@ -52090,7 +52867,7 @@ paths: application/json: schema: type: array - items: &345 + items: &351 title: Porter Author description: Porter Author type: object @@ -52192,7 +52969,7 @@ paths: description: Response content: application/json: - schema: *345 + schema: *351 examples: default: value: @@ -52310,9 +53087,9 @@ paths: description: Response content: application/json: - schema: *344 + schema: *350 examples: - default: *346 + default: *352 '422': *10 x-github: githubCloudOnly: false @@ -52342,7 +53119,7 @@ paths: application/json: schema: *15 examples: - default: *347 + default: *353 '301': *207 '404': *16 x-github: @@ -52377,7 +53154,7 @@ paths: properties: {} additionalProperties: false examples: - default: &349 + default: &355 value: limit: collaborators_only origin: repository @@ -52408,7 +53185,7 @@ paths: required: true content: application/json: - schema: *348 + schema: *354 examples: default: summary: Example request body @@ -52422,7 +53199,7 @@ paths: application/json: schema: *144 examples: - default: *349 + default: *355 '409': description: Response x-github: @@ -52479,9 +53256,9 @@ paths: application/json: schema: type: array - items: *350 + items: *356 examples: - default: &465 + default: &471 value: - id: 1 repository: @@ -52643,7 +53420,7 @@ paths: description: Response content: application/json: - schema: *350 + schema: *356 examples: default: value: @@ -53115,7 +53892,7 @@ paths: application/json: schema: *81 examples: - default: &356 + default: &362 value: id: 1 node_id: MDU6SXNzdWUx @@ -53310,9 +54087,9 @@ paths: application/json: schema: type: array - items: *351 + items: *357 examples: - default: &358 + default: &364 value: - id: 1 node_id: MDEyOklzc3VlQ29tbWVudDE= @@ -53370,9 +54147,9 @@ paths: description: Response content: application/json: - schema: *351 + schema: *357 examples: - default: &352 + default: &358 value: id: 1 node_id: MDEyOklzc3VlQ29tbWVudDE= @@ -53442,9 +54219,9 @@ paths: description: Response content: application/json: - schema: *351 + schema: *357 examples: - default: *352 + default: *358 '422': *10 x-github: githubCloudOnly: false @@ -53632,7 +54409,7 @@ paths: application/json: schema: type: array - items: &355 + items: &361 title: Issue Event description: Issue Event type: object @@ -53674,8 +54451,8 @@ paths: description: Issues are a great way to keep track of tasks, enhancements, and bugs for your projects. type: object - properties: *353 - required: *354 + properties: *359 + required: *360 nullable: true label: title: Issue Event Label @@ -53994,7 +54771,7 @@ paths: description: Response content: application/json: - schema: *355 + schema: *361 examples: default: value: @@ -54218,7 +54995,7 @@ paths: parameters: - *196 - *197 - - &357 + - &363 name: issue_number description: The number that identifies the issue. in: path @@ -54232,7 +55009,7 @@ paths: application/json: schema: *81 examples: - default: *356 + default: *362 '301': *207 '404': *16 '410': *205 @@ -54254,7 +55031,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: false content: @@ -54350,7 +55127,7 @@ paths: application/json: schema: *81 examples: - default: *356 + default: *362 '422': *10 '503': *63 '403': *24 @@ -54376,7 +55153,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: false content: @@ -54404,7 +55181,7 @@ paths: application/json: schema: *81 examples: - default: *356 + default: *362 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -54422,7 +55199,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: content: application/json: @@ -54449,7 +55226,7 @@ paths: application/json: schema: *81 examples: - default: *356 + default: *362 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -54468,7 +55245,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - *71 - *12 - *32 @@ -54479,9 +55256,9 @@ paths: application/json: schema: type: array - items: *351 + items: *357 examples: - default: *358 + default: *364 headers: Link: *28 '404': *16 @@ -54507,7 +55284,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: true content: @@ -54529,9 +55306,9 @@ paths: description: Response content: application/json: - schema: *351 + schema: *357 examples: - default: *352 + default: *358 headers: Location: example: https://api.github.com/repos/octocat/Hello-World/issues/comments/1 @@ -54560,7 +55337,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - *12 - *32 responses: @@ -54574,7 +55351,7 @@ paths: title: Issue Event for Issue description: Issue Event for Issue anyOf: - - &361 + - &367 title: Labeled Issue Event description: Labeled Issue Event type: object @@ -54628,7 +55405,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &362 + - &368 title: Unlabeled Issue Event description: Unlabeled Issue Event type: object @@ -54764,7 +55541,7 @@ paths: - performed_via_github_app - assignee - assigner - - &363 + - &369 title: Milestoned Issue Event description: Milestoned Issue Event type: object @@ -54815,7 +55592,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &364 + - &370 title: Demilestoned Issue Event description: Demilestoned Issue Event type: object @@ -54866,7 +55643,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &365 + - &371 title: Renamed Issue Event description: Renamed Issue Event type: object @@ -54920,7 +55697,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &366 + - &372 title: Review Requested Issue Event description: Review Requested Issue Event type: object @@ -54967,7 +55744,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &367 + - &373 title: Review Request Removed Issue Event description: Review Request Removed Issue Event type: object @@ -55014,7 +55791,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &368 + - &374 title: Review Dismissed Issue Event description: Review Dismissed Issue Event type: object @@ -55074,7 +55851,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &369 + - &375 title: Locked Issue Event description: Locked Issue Event type: object @@ -55122,7 +55899,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &370 + - &376 title: Added to Project Issue Event description: Added to Project Issue Event type: object @@ -55188,7 +55965,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &371 + - &377 title: Moved Column in Project Issue Event description: Moved Column in Project Issue Event type: object @@ -55254,7 +56031,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &372 + - &378 title: Removed from Project Issue Event description: Removed from Project Issue Event type: object @@ -55320,7 +56097,7 @@ paths: - commit_url - created_at - performed_via_github_app - - &373 + - &379 title: Converted Note to Issue Issue Event description: Converted Note to Issue Issue Event type: object @@ -55430,7 +56207,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - *12 - *32 responses: @@ -55440,7 +56217,7 @@ paths: application/json: schema: type: array - items: &359 + items: &365 title: Label description: Color-coded labels help you categorize and filter your issues (just like labels in Gmail). @@ -55483,7 +56260,7 @@ paths: - color - default examples: - default: &360 + default: &366 value: - id: 208045946 node_id: MDU6TGFiZWwyMDgwNDU5NDY= @@ -55521,7 +56298,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: false content: @@ -55580,9 +56357,9 @@ paths: application/json: schema: type: array - items: *359 + items: *365 examples: - default: *360 + default: *366 '301': *207 '404': *16 '410': *205 @@ -55604,7 +56381,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: false content: @@ -55664,9 +56441,9 @@ paths: application/json: schema: type: array - items: *359 + items: *365 examples: - default: *360 + default: *366 '301': *207 '404': *16 '410': *205 @@ -55688,7 +56465,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 responses: '204': description: Response @@ -55715,7 +56492,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - name: name in: path required: true @@ -55728,7 +56505,7 @@ paths: application/json: schema: type: array - items: *359 + items: *365 examples: default: value: @@ -55763,7 +56540,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: false content: @@ -55811,7 +56588,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 responses: '204': description: Response @@ -55835,7 +56612,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - name: content description: Returns a single [reaction type](https://docs.github.com/rest/reference/reactions#reaction-types). Omit this parameter to list all reactions to an issue. @@ -55887,7 +56664,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 requestBody: required: true content: @@ -55951,7 +56728,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - *192 responses: '204': @@ -55974,7 +56751,7 @@ paths: parameters: - *196 - *197 - - *357 + - *363 - *12 - *32 responses: @@ -55989,12 +56766,6 @@ paths: description: Timeline Event type: object anyOf: - - *361 - - *362 - - *363 - - *364 - - *365 - - *366 - *367 - *368 - *369 @@ -56002,6 +56773,12 @@ paths: - *371 - *372 - *373 + - *374 + - *375 + - *376 + - *377 + - *378 + - *379 - title: Timeline Comment Event description: Timeline Comment Event type: object @@ -56302,7 +57079,7 @@ paths: type: string comments: type: array - items: &394 + items: &400 title: Pull Request Review Comment description: Pull Request Review Comments are comments on a portion of the Pull Request's diff. @@ -56821,7 +57598,7 @@ paths: application/json: schema: type: array - items: &374 + items: &380 title: Deploy Key description: An SSH key granting access to a single repository. type: object @@ -56920,9 +57697,9 @@ paths: description: Response content: application/json: - schema: *374 + schema: *380 examples: - default: &375 + default: &381 value: id: 1 key: ssh-rsa AAA... @@ -56957,7 +57734,7 @@ paths: parameters: - *196 - *197 - - &376 + - &382 name: key_id description: The unique identifier of the key. in: path @@ -56969,9 +57746,9 @@ paths: description: Response content: application/json: - schema: *374 + schema: *380 examples: - default: *375 + default: *381 '404': *16 x-github: githubCloudOnly: false @@ -56991,7 +57768,7 @@ paths: parameters: - *196 - *197 - - *376 + - *382 responses: '204': description: Response @@ -57022,9 +57799,9 @@ paths: application/json: schema: type: array - items: *359 + items: *365 examples: - default: *360 + default: *366 headers: Link: *28 '404': *16 @@ -57080,9 +57857,9 @@ paths: description: Response content: application/json: - schema: *359 + schema: *365 examples: - default: &377 + default: &383 value: id: 208045946 node_id: MDU6TGFiZWwyMDgwNDU5NDY= @@ -57126,9 +57903,9 @@ paths: description: Response content: application/json: - schema: *359 + schema: *365 examples: - default: *377 + default: *383 '404': *16 x-github: githubCloudOnly: false @@ -57185,7 +57962,7 @@ paths: description: Response content: application/json: - schema: *359 + schema: *365 examples: default: value: @@ -57570,7 +58347,7 @@ paths: application/json: schema: *298 examples: - default: *378 + default: *384 '204': description: Response when already merged '404': @@ -57637,7 +58414,7 @@ paths: application/json: schema: type: array - items: &379 + items: &385 title: Milestone description: A collection of related issues and pull requests. type: object @@ -57739,9 +58516,9 @@ paths: description: Response content: application/json: - schema: *379 + schema: *385 examples: - default: &380 + default: &386 value: url: https://api.github.com/repos/octocat/Hello-World/milestones/1 html_url: https://github.com/octocat/Hello-World/milestones/v1.0 @@ -57802,7 +58579,7 @@ paths: parameters: - *196 - *197 - - &381 + - &387 name: milestone_number description: The number that identifies the milestone. in: path @@ -57814,9 +58591,9 @@ paths: description: Response content: application/json: - schema: *379 + schema: *385 examples: - default: *380 + default: *386 '404': *16 x-github: githubCloudOnly: false @@ -57835,7 +58612,7 @@ paths: parameters: - *196 - *197 - - *381 + - *387 requestBody: required: false content: @@ -57873,9 +58650,9 @@ paths: description: Response content: application/json: - schema: *379 + schema: *385 examples: - default: *380 + default: *386 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -57893,7 +58670,7 @@ paths: parameters: - *196 - *197 - - *381 + - *387 responses: '204': description: Response @@ -57916,7 +58693,7 @@ paths: parameters: - *196 - *197 - - *381 + - *387 - *12 - *32 responses: @@ -57926,9 +58703,9 @@ paths: application/json: schema: type: array - items: *359 + items: *365 examples: - default: *360 + default: *366 headers: Link: *28 x-github: @@ -57949,10 +58726,10 @@ paths: parameters: - *196 - *197 - - *382 - - *383 + - *388 + - *389 - *71 - - *384 + - *390 - *12 - *32 responses: @@ -57964,7 +58741,7 @@ paths: type: array items: *96 examples: - default: *385 + default: *391 headers: Link: *28 x-github: @@ -58043,7 +58820,7 @@ paths: description: Response content: application/json: - schema: &386 + schema: &392 title: GitHub Pages description: The configuration for GitHub Pages for a repository. type: object @@ -58168,7 +58945,7 @@ paths: - custom_404 - public examples: - default: &387 + default: &393 value: url: https://api.github.com/repos/github/developer.github.com/pages status: built @@ -58257,9 +59034,9 @@ paths: description: Response content: application/json: - schema: *386 + schema: *392 examples: - default: *387 + default: *393 '422': *10 '409': *228 x-github: @@ -58415,7 +59192,7 @@ paths: application/json: schema: type: array - items: &388 + items: &394 title: Page Build description: Page Build type: object @@ -58557,9 +59334,9 @@ paths: description: Response content: application/json: - schema: *388 + schema: *394 examples: - default: &389 + default: &395 value: url: https://api.github.com/repos/github/developer.github.com/pages/builds/5472601 status: built @@ -58615,9 +59392,9 @@ paths: description: Response content: application/json: - schema: *388 + schema: *394 examples: - default: *389 + default: *395 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -59188,9 +59965,9 @@ paths: application/json: schema: type: array - items: *390 + items: *396 examples: - default: *391 + default: *397 headers: Link: *28 '304': *27 @@ -59273,7 +60050,7 @@ paths: description: Response content: application/json: - schema: &396 + schema: &402 type: object title: Pull Request description: Pull requests let you tell others about changes you've @@ -59435,7 +60212,7 @@ paths: nullable: true requested_teams: type: array - items: *392 + items: *398 nullable: true head: type: object @@ -60357,7 +61134,7 @@ paths: - review_comment - self author_association: *68 - auto_merge: *393 + auto_merge: *399 draft: description: Indicates whether or not the pull request is a draft. example: false @@ -60449,7 +61226,7 @@ paths: - merged_by - review_comments examples: - default: &397 + default: &403 value: url: https://api.github.com/repos/octocat/Hello-World/pulls/1347 id: 1 @@ -60995,9 +61772,9 @@ paths: application/json: schema: type: array - items: *394 + items: *400 examples: - default: &399 + default: &405 value: - url: https://api.github.com/repos/octocat/Hello-World/pulls/comments/1 pull_request_review_id: 42 @@ -61074,9 +61851,9 @@ paths: description: Response content: application/json: - schema: *394 + schema: *400 examples: - default: &395 + default: &401 value: url: https://api.github.com/repos/octocat/Hello-World/pulls/comments/1 pull_request_review_id: 42 @@ -61167,9 +61944,9 @@ paths: description: Response content: application/json: - schema: *394 + schema: *400 examples: - default: *395 + default: *401 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -61363,7 +62140,7 @@ paths: parameters: - *196 - *197 - - &398 + - &404 name: pull_number description: The number that identifies the pull request. in: path @@ -61376,9 +62153,9 @@ paths: to fetch diff and patch formats. content: application/json: - schema: *396 + schema: *402 examples: - default: *397 + default: *403 '304': *27 '404': *16 '500': *152 @@ -61403,7 +62180,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: false content: @@ -61445,9 +62222,9 @@ paths: description: Response content: application/json: - schema: *396 + schema: *402 examples: - default: *397 + default: *403 '422': *10 '403': *24 x-github: @@ -61473,7 +62250,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: true content: @@ -61555,7 +62332,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 - *91 - name: direction description: The direction to sort results. Ignored without `sort` parameter. @@ -61576,9 +62353,9 @@ paths: application/json: schema: type: array - items: *394 + items: *400 examples: - default: *399 + default: *405 headers: Link: *28 x-github: @@ -61606,7 +62383,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: true content: @@ -61700,7 +62477,7 @@ paths: description: Response content: application/json: - schema: *394 + schema: *400 examples: example-for-a-multi-line-comment: value: @@ -61782,7 +62559,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 - *80 requestBody: required: true @@ -61805,7 +62582,7 @@ paths: description: Response content: application/json: - schema: *394 + schema: *400 examples: default: value: @@ -61886,7 +62663,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 - *12 - *32 responses: @@ -61898,7 +62675,7 @@ paths: type: array items: *298 examples: - default: *400 + default: *406 headers: Link: *28 x-github: @@ -61920,7 +62697,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 - *12 - *32 responses: @@ -61968,7 +62745,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 responses: '204': description: Response if pull request has been merged @@ -61995,7 +62772,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: false content: @@ -62104,7 +62881,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 responses: '200': description: Response @@ -62182,7 +62959,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: false content: @@ -62219,7 +62996,7 @@ paths: description: Response content: application/json: - schema: *390 + schema: *396 examples: default: value: @@ -62755,7 +63532,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: true content: @@ -62789,7 +63566,7 @@ paths: description: Response content: application/json: - schema: *390 + schema: *396 examples: default: value: @@ -63287,7 +64064,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 - *12 - *32 responses: @@ -63297,7 +64074,7 @@ paths: application/json: schema: type: array - items: &401 + items: &407 title: Pull Request Review description: Pull Request Reviews are reviews on pull requests. type: object @@ -63436,7 +64213,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: false content: @@ -63517,9 +64294,9 @@ paths: description: Response content: application/json: - schema: *401 + schema: *407 examples: - default: &403 + default: &409 value: id: 80 node_id: MDE3OlB1bGxSZXF1ZXN0UmV2aWV3ODA= @@ -63576,8 +64353,8 @@ paths: parameters: - *196 - *197 - - *398 - - &402 + - *404 + - &408 name: review_id description: The unique identifier of the review. in: path @@ -63589,9 +64366,9 @@ paths: description: Response content: application/json: - schema: *401 + schema: *407 examples: - default: &404 + default: &410 value: id: 80 node_id: MDE3OlB1bGxSZXF1ZXN0UmV2aWV3ODA= @@ -63644,8 +64421,8 @@ paths: parameters: - *196 - *197 - - *398 - - *402 + - *404 + - *408 requestBody: required: true content: @@ -63668,7 +64445,7 @@ paths: description: Response content: application/json: - schema: *401 + schema: *407 examples: default: value: @@ -63724,16 +64501,16 @@ paths: parameters: - *196 - *197 - - *398 - - *402 + - *404 + - *408 responses: '200': description: Response content: application/json: - schema: *401 + schema: *407 examples: - default: *403 + default: *409 '422': *51 '404': *16 x-github: @@ -63754,8 +64531,8 @@ paths: parameters: - *196 - *197 - - *398 - - *402 + - *404 + - *408 - *12 - *32 responses: @@ -63974,8 +64751,8 @@ paths: parameters: - *196 - *197 - - *398 - - *402 + - *404 + - *408 requestBody: required: true content: @@ -64003,7 +64780,7 @@ paths: description: Response content: application/json: - schema: *401 + schema: *407 examples: default: value: @@ -64062,8 +64839,8 @@ paths: parameters: - *196 - *197 - - *398 - - *402 + - *404 + - *408 requestBody: required: true content: @@ -64098,9 +64875,9 @@ paths: description: Response content: application/json: - schema: *401 + schema: *407 examples: - default: *404 + default: *410 '404': *16 '422': *51 '403': *24 @@ -64123,7 +64900,7 @@ paths: parameters: - *196 - *197 - - *398 + - *404 requestBody: required: false content: @@ -64197,9 +64974,9 @@ paths: description: Response content: application/json: - schema: *405 + schema: *411 examples: - default: &406 + default: &412 value: type: file encoding: base64 @@ -64258,9 +65035,9 @@ paths: description: Response content: application/json: - schema: *405 + schema: *411 examples: - default: *406 + default: *412 '404': *16 '422': *10 x-github: @@ -64293,7 +65070,7 @@ paths: application/json: schema: type: array - items: &407 + items: &413 title: Release description: A release. type: object @@ -64356,7 +65133,7 @@ paths: author: *19 assets: type: array - items: &408 + items: &414 title: Release Asset description: Data related to a release. type: object @@ -64602,9 +65379,9 @@ paths: description: Response content: application/json: - schema: *407 + schema: *413 examples: - default: &411 + default: &417 value: url: https://api.github.com/repos/octocat/Hello-World/releases/1 html_url: https://github.com/octocat/Hello-World/releases/v1.0.0 @@ -64707,7 +65484,7 @@ paths: parameters: - *196 - *197 - - &409 + - &415 name: asset_id description: The unique identifier of the asset. in: path @@ -64719,9 +65496,9 @@ paths: description: Response content: application/json: - schema: *408 + schema: *414 examples: - default: &410 + default: &416 value: url: https://api.github.com/repos/octocat/Hello-World/releases/assets/1 browser_download_url: https://github.com/octocat/Hello-World/releases/download/v1.0.0/example.zip @@ -64773,7 +65550,7 @@ paths: parameters: - *196 - *197 - - *409 + - *415 requestBody: required: false content: @@ -64801,9 +65578,9 @@ paths: description: Response content: application/json: - schema: *408 + schema: *414 examples: - default: *410 + default: *416 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -64821,7 +65598,7 @@ paths: parameters: - *196 - *197 - - *409 + - *415 responses: '204': description: Response @@ -64938,9 +65715,9 @@ paths: description: Response content: application/json: - schema: *407 + schema: *413 examples: - default: *411 + default: *417 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -64971,9 +65748,9 @@ paths: description: Response content: application/json: - schema: *407 + schema: *413 examples: - default: *411 + default: *417 '404': *16 x-github: githubCloudOnly: false @@ -64994,7 +65771,7 @@ paths: parameters: - *196 - *197 - - &412 + - &418 name: release_id description: The unique identifier of the release. in: path @@ -65007,9 +65784,9 @@ paths: the endpoint for uploading release assets. This key is a [hypermedia resource](https://docs.github.com/rest/overview/resources-in-the-rest-api#hypermedia)." content: application/json: - schema: *407 + schema: *413 examples: - default: *411 + default: *417 '404': *16 x-github: githubCloudOnly: false @@ -65028,7 +65805,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 requestBody: required: false content: @@ -65080,9 +65857,9 @@ paths: description: Response content: application/json: - schema: *407 + schema: *413 examples: - default: *411 + default: *417 '404': description: Not Found if the discussion category name is invalid content: @@ -65105,7 +65882,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 responses: '204': description: Response @@ -65127,7 +65904,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 - *12 - *32 responses: @@ -65137,7 +65914,7 @@ paths: application/json: schema: type: array - items: *408 + items: *414 examples: default: value: @@ -65217,7 +65994,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 - name: name in: query required: true @@ -65239,7 +66016,7 @@ paths: description: Response for successful upload content: application/json: - schema: *408 + schema: *414 examples: response-for-successful-upload: value: @@ -65295,7 +66072,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 - name: content description: Returns a single [reaction type](https://docs.github.com/rest/reference/reactions#reaction-types). Omit this parameter to list all reactions to a release. @@ -65344,7 +66121,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 requestBody: required: true content: @@ -65406,7 +66183,7 @@ paths: parameters: - *196 - *197 - - *412 + - *418 - *192 responses: '204': @@ -65441,8 +66218,8 @@ paths: - *55 - *32 - *12 - - *413 - - *414 + - *419 + - *420 responses: '200': description: Response @@ -65450,7 +66227,7 @@ paths: application/json: schema: type: array - items: &417 + items: &423 type: object properties: number: *58 @@ -65463,8 +66240,8 @@ paths: format: uri description: The REST API URL of the code locations for this alert. - state: *415 - resolution: *416 + state: *421 + resolution: *422 resolved_at: type: string format: date-time @@ -65616,7 +66393,7 @@ paths: description: Response content: application/json: - schema: *417 + schema: *423 examples: default: value: @@ -65671,8 +66448,8 @@ paths: schema: type: object properties: - state: *415 - resolution: *416 + state: *421 + resolution: *422 resolution_comment: description: Sets an optional comment when closing an alert. Must be null when changing `state` to `open`. @@ -65690,7 +66467,7 @@ paths: description: Response content: application/json: - schema: *417 + schema: *423 examples: default: value: @@ -66006,7 +66783,7 @@ paths: application/json: schema: type: array - items: &419 + items: &425 title: Code Frequency Stat description: Code Frequency Stat type: array @@ -66019,7 +66796,7 @@ paths: - 1124 - -435 '202': *142 - '204': &418 + '204': &424 description: A header with no content is returned. x-github: githubCloudOnly: false @@ -66088,7 +66865,7 @@ paths: total: 89 week: 1336280400 '202': *142 - '204': *418 + '204': *424 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -66187,7 +66964,7 @@ paths: d: 77 c: 10 '202': *142 - '204': *418 + '204': *424 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -66373,7 +67150,7 @@ paths: application/json: schema: type: array - items: *419 + items: *425 examples: default: value: @@ -66386,7 +67163,7 @@ paths: - - 0 - 2 - 21 - '204': *418 + '204': *424 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -66461,7 +67238,7 @@ paths: description: Response content: application/json: - schema: *420 + schema: *426 examples: default: value: @@ -66554,7 +67331,7 @@ paths: description: if you subscribe to the repository content: application/json: - schema: &421 + schema: &427 title: Repository Invitation description: Repository invitations let you manage who you collaborate with. @@ -66644,7 +67421,7 @@ paths: description: Response content: application/json: - schema: *421 + schema: *427 examples: default: value: @@ -66778,7 +67555,7 @@ paths: application/json: schema: type: array - items: &422 + items: &428 title: Tag protection description: Tag protection type: object @@ -66848,7 +67625,7 @@ paths: description: Response content: application/json: - schema: *422 + schema: *428 examples: default: value: @@ -66978,7 +67755,7 @@ paths: description: Response content: application/json: - schema: &423 + schema: &429 title: Topic description: A topic aggregates entities that are related to a subject. type: object @@ -66990,7 +67767,7 @@ paths: required: - names examples: - default: &424 + default: &430 value: names: - octocat @@ -67045,9 +67822,9 @@ paths: description: Response content: application/json: - schema: *423 + schema: *429 examples: - default: *424 + default: *430 '404': *16 '422': *51 x-github: @@ -67070,7 +67847,7 @@ paths: parameters: - *196 - *197 - - &425 + - &431 name: per description: The time frame to display results for. in: query @@ -67100,7 +67877,7 @@ paths: example: 128 clones: type: array - items: &426 + items: &432 title: Traffic type: object properties: @@ -67341,7 +68118,7 @@ paths: parameters: - *196 - *197 - - *425 + - *431 responses: '200': description: Response @@ -67360,7 +68137,7 @@ paths: example: 3782 views: type: array - items: *426 + items: *432 required: - uniques - count @@ -68124,7 +68901,7 @@ paths: url: https://docs.github.com/rest/reference/actions#list-environment-secrets parameters: - *111 - - *326 + - *332 - *12 - *32 responses: @@ -68144,7 +68921,7 @@ paths: type: array items: *232 examples: - default: *427 + default: *433 headers: Link: *28 x-github: @@ -68169,7 +68946,7 @@ paths: url: https://docs.github.com/rest/reference/actions#get-an-environment-public-key parameters: - *111 - - *326 + - *332 responses: '200': description: Response @@ -68198,7 +68975,7 @@ paths: url: https://docs.github.com/rest/reference/actions#get-an-environment-secret parameters: - *111 - - *326 + - *332 - *102 responses: '200': @@ -68207,7 +68984,7 @@ paths: application/json: schema: *232 examples: - default: *428 + default: *434 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -68299,7 +69076,7 @@ paths: url: https://docs.github.com/rest/reference/actions#create-or-update-an-environment-secret parameters: - *111 - - *326 + - *332 - *102 requestBody: required: true @@ -68355,7 +69132,7 @@ paths: url: https://docs.github.com/rest/reference/actions#delete-an-environment-secret parameters: - *111 - - *326 + - *332 - *102 responses: '204': @@ -68415,7 +69192,7 @@ paths: type: string enum: - indexed - - &429 + - &435 name: order description: Determines whether the first search result returned is the highest number of matches (`desc`) or lowest number of matches (`asc`). This parameter @@ -68486,7 +69263,7 @@ paths: example: - 73..77 - 77..78 - text_matches: &430 + text_matches: &436 title: Search Result Text Matches type: array items: @@ -68648,7 +69425,7 @@ paths: enum: - author-date - committer-date - - *429 + - *435 - *12 - *32 responses: @@ -68727,7 +69504,7 @@ paths: url: type: string format: uri - verification: *338 + verification: *344 required: - author - committer @@ -68764,7 +69541,7 @@ paths: type: number node_id: type: string - text_matches: *430 + text_matches: *436 required: - sha - node_id @@ -68955,7 +69732,7 @@ paths: - interactions - created - updated - - *429 + - *435 - *12 - *32 responses: @@ -69074,7 +69851,7 @@ paths: type: string format: date-time nullable: true - text_matches: *430 + text_matches: *436 pull_request: type: object properties: @@ -69298,7 +70075,7 @@ paths: enum: - created - updated - - *429 + - *435 - *12 - *32 responses: @@ -69342,7 +70119,7 @@ paths: nullable: true score: type: number - text_matches: *430 + text_matches: *436 required: - id - node_id @@ -69427,7 +70204,7 @@ paths: - forks - help-wanted-issues - updated - - *429 + - *435 - *12 - *32 responses: @@ -69664,7 +70441,7 @@ paths: - admin - pull - push - text_matches: *430 + text_matches: *436 temp_clone_token: type: string allow_merge_commit: @@ -69964,7 +70741,7 @@ paths: type: string format: uri nullable: true - text_matches: *430 + text_matches: *436 related: type: array nullable: true @@ -70153,7 +70930,7 @@ paths: - followers - repositories - joined - - *429 + - *435 - *12 - *32 responses: @@ -70256,7 +71033,7 @@ paths: hireable: type: boolean nullable: true - text_matches: *430 + text_matches: *436 blog: type: string nullable: true @@ -70334,7 +71111,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#get-a-team-legacy parameters: - - &431 + - &437 name: team_id description: The unique identifier of the team. in: path @@ -70373,7 +71150,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#update-a-team-legacy parameters: - - *431 + - *437 requestBody: required: true content: @@ -70461,7 +71238,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#delete-a-team-legacy parameters: - - *431 + - *437 responses: '204': description: Response @@ -70489,7 +71266,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#list-discussions-legacy parameters: - - *431 + - *437 - *55 - *12 - *32 @@ -70502,7 +71279,7 @@ paths: type: array items: *183 examples: - default: *432 + default: *438 headers: Link: *28 x-github: @@ -70528,7 +71305,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#create-a-discussion-legacy parameters: - - *431 + - *437 requestBody: required: true content: @@ -70588,7 +71365,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#get-a-discussion-legacy parameters: - - *431 + - *437 - *185 responses: '200': @@ -70619,7 +71396,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#update-a-discussion-legacy parameters: - - *431 + - *437 - *185 requestBody: required: false @@ -70645,7 +71422,7 @@ paths: application/json: schema: *183 examples: - default: *433 + default: *439 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -70667,7 +71444,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#delete-a-discussion-legacy parameters: - - *431 + - *437 - *185 responses: '204': @@ -70694,7 +71471,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#list-discussion-comments-legacy parameters: - - *431 + - *437 - *185 - *55 - *12 @@ -70708,7 +71485,7 @@ paths: type: array items: *186 examples: - default: *434 + default: *440 headers: Link: *28 x-github: @@ -70734,7 +71511,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#create-a-discussion-comment-legacy parameters: - - *431 + - *437 - *185 requestBody: required: true @@ -70783,7 +71560,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#get-a-discussion-comment-legacy parameters: - - *431 + - *437 - *185 - *188 responses: @@ -70815,7 +71592,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#update-a-discussion-comment-legacy parameters: - - *431 + - *437 - *185 - *188 requestBody: @@ -70841,7 +71618,7 @@ paths: application/json: schema: *186 examples: - default: *435 + default: *441 x-github: githubCloudOnly: false enabledForGitHubApps: true @@ -70863,7 +71640,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#delete-a-discussion-comment-legacy parameters: - - *431 + - *437 - *185 - *188 responses: @@ -70891,7 +71668,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/reactions/#list-reactions-for-a-team-discussion-comment-legacy parameters: - - *431 + - *437 - *185 - *188 - name: content @@ -70945,7 +71722,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/reactions/#create-reaction-for-a-team-discussion-comment-legacy parameters: - - *431 + - *437 - *185 - *188 requestBody: @@ -71004,7 +71781,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/reactions/#list-reactions-for-a-team-discussion-legacy parameters: - - *431 + - *437 - *185 - name: content description: Returns a single [reaction type](https://docs.github.com/rest/reference/reactions#reaction-types). @@ -71057,7 +71834,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/reactions/#create-reaction-for-a-team-discussion-legacy parameters: - - *431 + - *437 - *185 requestBody: required: true @@ -71115,7 +71892,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#list-pending-team-invitations-legacy parameters: - - *431 + - *437 - *12 - *32 responses: @@ -71152,7 +71929,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#list-team-members-legacy parameters: - - *431 + - *437 - name: role description: Filters members returned by their role in the team. in: query @@ -71203,7 +71980,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#get-team-member-legacy parameters: - - *431 + - *437 - *126 responses: '204': @@ -71239,7 +72016,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#add-team-member-legacy parameters: - - *431 + - *437 - *126 responses: '204': @@ -71278,7 +72055,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#remove-team-member-legacy parameters: - - *431 + - *437 - *126 responses: '204': @@ -71314,7 +72091,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#get-team-membership-for-a-user-legacy parameters: - - *431 + - *437 - *126 responses: '200': @@ -71323,7 +72100,7 @@ paths: application/json: schema: *193 examples: - response-if-user-is-a-team-maintainer: *436 + response-if-user-is-a-team-maintainer: *442 '404': *16 x-github: githubCloudOnly: false @@ -71354,7 +72131,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#add-or-update-team-membership-for-a-user-legacy parameters: - - *431 + - *437 - *126 requestBody: required: false @@ -71382,7 +72159,7 @@ paths: application/json: schema: *193 examples: - response-if-users-membership-with-team-is-now-pending: *437 + response-if-users-membership-with-team-is-now-pending: *443 '403': description: Forbidden if team synchronization is set up '422': @@ -71414,7 +72191,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams#remove-team-membership-for-a-user-legacy parameters: - - *431 + - *437 - *126 responses: '204': @@ -71443,7 +72220,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#list-team-projects-legacy parameters: - - *431 + - *437 - *12 - *32 responses: @@ -71455,7 +72232,7 @@ paths: type: array items: *194 examples: - default: *438 + default: *444 headers: Link: *28 '404': *16 @@ -71481,7 +72258,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#check-team-permissions-for-a-project-legacy parameters: - - *431 + - *437 - *195 responses: '200': @@ -71490,7 +72267,7 @@ paths: application/json: schema: *194 examples: - default: *439 + default: *445 '404': description: Not Found if project is not managed by this team x-github: @@ -71514,7 +72291,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#add-or-update-team-project-permissions-legacy parameters: - - *431 + - *437 - *195 requestBody: required: false @@ -71577,7 +72354,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#remove-a-project-from-a-team-legacy parameters: - - *431 + - *437 - *195 responses: '204': @@ -71606,7 +72383,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#list-team-repositories-legacy parameters: - - *431 + - *437 - *12 - *32 responses: @@ -71646,7 +72423,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#check-team-permissions-for-a-repository-legacy parameters: - - *431 + - *437 - *196 - *197 responses: @@ -71654,7 +72431,7 @@ paths: description: Alternative response with extra repository information content: application/json: - schema: *440 + schema: *446 examples: alternative-response-with-extra-repository-information: value: @@ -71923,7 +72700,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#add-or-update-team-repository-permissions-legacy parameters: - - *431 + - *437 - *196 - *197 requestBody: @@ -71969,7 +72746,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#remove-a-repository-from-a-team-legacy parameters: - - *431 + - *437 - *196 - *197 responses: @@ -71997,7 +72774,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/teams/#list-child-teams-legacy parameters: - - *431 + - *437 - *12 - *32 responses: @@ -72009,7 +72786,7 @@ paths: type: array items: *180 examples: - response-if-child-teams-exist: *441 + response-if-child-teams-exist: *447 headers: Link: *28 '404': *16 @@ -72044,7 +72821,7 @@ paths: application/json: schema: oneOf: - - &443 + - &449 title: Private User description: Private User type: object @@ -72243,7 +73020,7 @@ paths: - private_gists - total_private_repos - two_factor_authentication - - *442 + - *448 examples: response-with-public-and-private-profile-information: summary: Response with public and private profile information @@ -72390,7 +73167,7 @@ paths: description: Response content: application/json: - schema: *443 + schema: *449 examples: default: value: @@ -72592,7 +73369,7 @@ paths: type: array items: *154 examples: - default: *444 + default: *450 '304': *27 '500': *152 '401': *23 @@ -72764,7 +73541,7 @@ paths: type: integer secrets: type: array - items: &445 + items: &451 title: Codespaces Secret description: Secrets for a GitHub Codespace. type: object @@ -72880,7 +73657,7 @@ paths: description: Response content: application/json: - schema: *445 + schema: *451 examples: default: value: @@ -73095,7 +73872,7 @@ paths: type: array items: *103 examples: - default: *446 + default: *452 '401': *23 '403': *24 '404': *16 @@ -73361,7 +74138,7 @@ paths: description: Response content: application/json: - schema: &447 + schema: &453 type: object title: Fetches information about an export of a codespace. description: An export of a codespace. Also, latest export details @@ -73402,7 +74179,7 @@ paths: description: Web url for the exported branch example: https://github.com/octocat/hello-world/tree/:branch examples: - default: &448 + default: &454 value: state: succeeded completed_at: '2022-01-01T14:59:22Z' @@ -73446,9 +74223,9 @@ paths: description: Response content: application/json: - schema: *447 + schema: *453 examples: - default: *448 + default: *454 '404': *16 x-github: githubCloudOnly: false @@ -73487,9 +74264,9 @@ paths: type: integer machines: type: array - items: *449 + items: *455 examples: - default: *450 + default: *456 '304': *27 '500': *152 '401': *23 @@ -73614,7 +74391,7 @@ paths: application/json: schema: type: array - items: &451 + items: &457 title: Email description: Email type: object @@ -73676,9 +74453,9 @@ paths: application/json: schema: type: array - items: *451 + items: *457 examples: - default: &463 + default: &469 value: - email: octocat@github.com verified: true @@ -73752,7 +74529,7 @@ paths: application/json: schema: type: array - items: *451 + items: *457 examples: default: value: @@ -74004,7 +74781,7 @@ paths: application/json: schema: type: array - items: &452 + items: &458 title: GPG Key description: A unique encryption key type: object @@ -74128,7 +74905,7 @@ paths: - subkeys - revoked examples: - default: &471 + default: &477 value: - id: 3 name: Octocat's GPG Key @@ -74203,9 +74980,9 @@ paths: description: Response content: application/json: - schema: *452 + schema: *458 examples: - default: &453 + default: &459 value: id: 3 name: Octocat's GPG Key @@ -74261,7 +75038,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#get-a-gpg-key-for-the-authenticated-user parameters: - - &454 + - &460 name: gpg_key_id description: The unique identifier of the GPG key. in: path @@ -74273,9 +75050,9 @@ paths: description: Response content: application/json: - schema: *452 + schema: *458 examples: - default: *453 + default: *459 '404': *16 '304': *27 '403': *24 @@ -74297,7 +75074,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#delete-a-gpg-key-for-the-authenticated-user parameters: - - *454 + - *460 responses: '204': description: Response @@ -74492,7 +75269,7 @@ paths: type: array items: *47 examples: - default: *455 + default: *461 headers: Link: *28 '404': *16 @@ -74603,7 +75380,7 @@ paths: required: true content: application/json: - schema: *348 + schema: *354 responses: '200': description: Response @@ -74742,7 +75519,7 @@ paths: application/json: schema: type: array - items: &456 + items: &462 title: Key description: Key type: object @@ -74832,9 +75609,9 @@ paths: description: Response content: application/json: - schema: *456 + schema: *462 examples: - default: &457 + default: &463 value: key: 2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234 id: 2 @@ -74866,15 +75643,15 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#get-a-public-ssh-key-for-the-authenticated-user parameters: - - *376 + - *382 responses: '200': description: Response content: application/json: - schema: *456 + schema: *462 examples: - default: *457 + default: *463 '404': *16 '304': *27 '403': *24 @@ -74896,7 +75673,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#delete-a-public-ssh-key-for-the-authenticated-user parameters: - - *376 + - *382 responses: '204': description: Response @@ -74932,7 +75709,7 @@ paths: application/json: schema: type: array - items: &458 + items: &464 title: User Marketplace Purchase description: User Marketplace Purchase type: object @@ -75000,7 +75777,7 @@ paths: - account - plan examples: - default: &459 + default: &465 value: - billing_cycle: monthly next_billing_date: '2017-11-11T00:00:00Z' @@ -75065,9 +75842,9 @@ paths: application/json: schema: type: array - items: *458 + items: *464 examples: - default: *459 + default: *465 headers: Link: *28 '304': *27 @@ -76057,7 +76834,7 @@ paths: url: https://docs.github.com/rest/reference/migrations#unlock-a-user-repository parameters: - *158 - - *460 + - *466 responses: '204': description: Response @@ -76129,7 +76906,7 @@ paths: type: array items: *42 examples: - default: *461 + default: *467 headers: Link: *28 '304': *27 @@ -76172,7 +76949,7 @@ paths: - docker - nuget - container - - *462 + - *468 responses: '200': description: Response @@ -76182,7 +76959,7 @@ paths: type: array items: *161 examples: - default: &472 + default: &478 value: - id: 197 name: hello_docker @@ -76269,7 +77046,7 @@ paths: application/json: schema: *161 examples: - default: &473 + default: &479 value: id: 40201 name: octo-name @@ -76718,9 +77495,9 @@ paths: application/json: schema: type: array - items: *451 + items: *457 examples: - default: *463 + default: *469 headers: Link: *28 '304': *27 @@ -76807,7 +77584,7 @@ paths: - *12 - *32 - *71 - - *384 + - *390 responses: '200': description: Response @@ -76817,7 +77594,7 @@ paths: type: array items: *47 examples: - default: &469 + default: &475 summary: Default response value: - id: 1296269 @@ -77109,7 +77886,7 @@ paths: application/json: schema: *47 examples: - default: *464 + default: *470 headers: Location: example: https://api.github.com/repos/octocat/Hello-World @@ -77147,9 +77924,9 @@ paths: application/json: schema: type: array - items: *350 + items: *356 examples: - default: *465 + default: *471 headers: Link: *28 '304': *27 @@ -77231,7 +78008,7 @@ paths: application/json: schema: type: array - items: &466 + items: &472 title: SSH Signing Key description: A public SSH key used to sign Git commits type: object @@ -77251,7 +78028,7 @@ paths: - title - created_at examples: - default: &480 + default: &486 value: - key: 2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234 id: 2 @@ -77312,9 +78089,9 @@ paths: description: Response content: application/json: - schema: *466 + schema: *472 examples: - default: &467 + default: &473 value: key: 2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234 id: 2 @@ -77345,7 +78122,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#get-a-ssh-signing-key-for-the-authenticated-user parameters: - - &468 + - &474 name: ssh_signing_key_id description: The unique identifier of the SSH signing key. in: path @@ -77357,9 +78134,9 @@ paths: description: Response content: application/json: - schema: *466 + schema: *472 examples: - default: *467 + default: *473 '404': *16 '304': *27 '403': *24 @@ -77382,7 +78159,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#delete-a-ssh-signing-key-for-the-authenticated-user parameters: - - *468 + - *474 responses: '204': description: Response @@ -77422,11 +78199,11 @@ paths: type: array items: *47 examples: - default-response: *469 + default-response: *475 application/vnd.github.v3.star+json: schema: type: array - items: &481 + items: &487 title: Starred Repository description: Starred Repository type: object @@ -77778,7 +78555,7 @@ paths: description: API method documentation url: https://docs.github.com/rest/reference/users#list-users parameters: - - *470 + - *476 - *12 responses: '200': @@ -77827,8 +78604,8 @@ paths: application/json: schema: oneOf: - - *443 - - *442 + - *449 + - *448 examples: default-response: summary: Default response @@ -78299,9 +79076,9 @@ paths: application/json: schema: type: array - items: *452 + items: *458 examples: - default: *471 + default: *477 headers: Link: *28 x-github: @@ -78408,7 +79185,7 @@ paths: application/json: schema: *15 examples: - default: *347 + default: *353 x-github: githubCloudOnly: false enabledForGitHubApps: false @@ -78486,7 +79263,7 @@ paths: type: array items: *42 examples: - default: *461 + default: *467 headers: Link: *28 x-github: @@ -78526,7 +79303,7 @@ paths: - docker - nuget - container - - *462 + - *468 - *126 responses: '200': @@ -78537,7 +79314,7 @@ paths: type: array items: *161 examples: - default: *472 + default: *478 '403': *24 '401': *23 x-github: @@ -78570,7 +79347,7 @@ paths: application/json: schema: *161 examples: - default: *473 + default: *479 x-github: githubCloudOnly: false enabledForGitHubApps: false @@ -79161,9 +79938,9 @@ paths: description: Response content: application/json: - schema: *474 + schema: *480 examples: - default: *475 + default: *481 x-github: githubCloudOnly: false enabledForGitHubApps: false @@ -79191,9 +79968,9 @@ paths: description: Response content: application/json: - schema: *476 + schema: *482 examples: - default: *477 + default: *483 x-github: githubCloudOnly: false enabledForGitHubApps: false @@ -79221,9 +79998,9 @@ paths: description: Response content: application/json: - schema: *478 + schema: *484 examples: - default: *479 + default: *485 x-github: githubCloudOnly: false enabledForGitHubApps: false @@ -79251,9 +80028,9 @@ paths: application/json: schema: type: array - items: *466 + items: *472 examples: - default: *480 + default: *486 headers: Link: *28 x-github: @@ -79288,11 +80065,11 @@ paths: schema: anyOf: - type: array - items: *481 + items: *487 - type: array items: *47 examples: - default-response: *469 + default-response: *475 headers: Link: *28 x-github: |