From 8f6fd7ef5d0ee729aaea4b2b3e71f86b4a2060ea Mon Sep 17 00:00:00 2001
From: github-openapi-bot <security+github-openapi-bot@github.com>
Date: Tue, 15 Dec 2020 16:11:07 +0000
Subject: [PATCH] Add decorated OpenAPI schema files

---
 lib/rest/static/decorated/api.github.com.json | 51 ++++++++++++-------
 lib/rest/static/decorated/ghes-2.20.json      | 16 +++---
 lib/rest/static/decorated/ghes-2.21.json      | 16 +++---
 lib/rest/static/decorated/ghes-2.22.json      | 51 ++++++++++++-------
 lib/rest/static/decorated/github.ae.json      | 16 +++---
 5 files changed, 90 insertions(+), 60 deletions(-)

diff --git a/lib/rest/static/decorated/api.github.com.json b/lib/rest/static/decorated/api.github.com.json
index dc05a83d45..dd3961a4df 100644
--- a/lib/rest/static/decorated/api.github.com.json
+++ b/lib/rest/static/decorated/api.github.com.json
@@ -1461,7 +1461,7 @@
       }
     ],
     "summary": "Revoke a grant for an application",
-    "description": "**Deprecation Notice:** GitHub will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub](https://github.com/settings/applications#authorized).",
+    "description": "**Deprecation Notice:** GitHub will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub](https://github.com/settings/applications#authorized).",
     "tags": [
       "apps"
     ],
@@ -1494,7 +1494,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub</a>.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub</a>.</p>"
   },
   {
     "verb": "post",
@@ -1834,7 +1834,7 @@
       }
     ],
     "summary": "Check an authorization",
-    "description": "**Deprecation Notice:** GitHub will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -1860,7 +1860,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -1912,7 +1912,7 @@
       }
     ],
     "summary": "Reset an authorization",
-    "description": "**Deprecation Notice:** GitHub will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -1938,7 +1938,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -1985,7 +1985,7 @@
       }
     ],
     "summary": "Revoke an authorization for an application",
-    "description": "**Deprecation Notice:** GitHub will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
+    "description": "**Deprecation Notice:** GitHub will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
     "tags": [
       "apps"
     ],
@@ -2018,7 +2018,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
   },
   {
     "verb": "get",
@@ -40968,7 +40968,7 @@
       }
     ],
     "summary": "List code scanning alerts for a repository",
-    "description": "Lists all open code scanning alerts for the default branch (usually `main` or `master`). For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` read permission to use this endpoint.",
+    "description": "Lists all open code scanning alerts for the default branch (usually `main` or `master`). You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` read permission to use this endpoint.",
     "tags": [
       "code-scanning"
     ],
@@ -40989,7 +40989,7 @@
     "categoryLabel": "Code scanning",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Lists all open code scanning alerts for the default branch (usually <code>main</code> or <code>master</code>). For private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>Lists all open code scanning alerts for the default branch (usually <code>main</code> or <code>master</code>). You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -40997,6 +40997,11 @@
         "description": "Default response",
         "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">4</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-02-13T12:29:18Z\"</span>,\n    <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/repos/github/hello-world/code-scanning/alerts/4\"</span>,\n    <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/github/hello-world/code-scanning/4\"</span>,\n    <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"open\"</span>,\n    <span class=\"hljs-attr\">\"dismissed_by\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"dismissed_at\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"dismissed_reason\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"rule\"</span>: {\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-string\">\"js/zipslip\"</span>,\n      <span class=\"hljs-attr\">\"severity\"</span>: <span class=\"hljs-string\">\"error\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"Arbitrary file write during zip extraction\"</span>\n    },\n    <span class=\"hljs-attr\">\"tool\"</span>: {\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n      <span class=\"hljs-attr\">\"version\"</span>: <span class=\"hljs-literal\">null</span>\n    }\n  },\n  {\n    <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">3</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-02-13T12:29:18Z\"</span>,\n    <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/repos/github/hello-world/code-scanning/alerts/3\"</span>,\n    <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/github/hello-world/code-scanning/3\"</span>,\n    <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"dismissed\"</span>,\n    <span class=\"hljs-attr\">\"dismissed_by\"</span>: {\n      <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"octocat\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1</span>,\n      <span class=\"hljs-attr\">\"node_id\"</span>: <span class=\"hljs-string\">\"MDQ6VXNlcjE=\"</span>,\n      <span class=\"hljs-attr\">\"avatar_url\"</span>: <span class=\"hljs-string\">\"https://github.com/images/error/octocat_happy.gif\"</span>,\n      <span class=\"hljs-attr\">\"gravatar_id\"</span>: <span class=\"hljs-string\">\"\"</span>,\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat\"</span>,\n      <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/octocat\"</span>,\n      <span class=\"hljs-attr\">\"followers_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/followers\"</span>,\n      <span class=\"hljs-attr\">\"following_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/following{/other_user}\"</span>,\n      <span class=\"hljs-attr\">\"gists_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/gists{/gist_id}\"</span>,\n      <span class=\"hljs-attr\">\"starred_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/starred{/owner}{/repo}\"</span>,\n      <span class=\"hljs-attr\">\"subscriptions_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/subscriptions\"</span>,\n      <span class=\"hljs-attr\">\"organizations_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/orgs\"</span>,\n      <span class=\"hljs-attr\">\"repos_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/repos\"</span>,\n      <span class=\"hljs-attr\">\"events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/events{/privacy}\"</span>,\n      <span class=\"hljs-attr\">\"received_events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/received_events\"</span>,\n      <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"User\"</span>,\n      <span class=\"hljs-attr\">\"site_admin\"</span>: <span class=\"hljs-literal\">false</span>\n    },\n    <span class=\"hljs-attr\">\"dismissed_at\"</span>: <span class=\"hljs-string\">\"2020-02-14T12:29:18Z\"</span>,\n    <span class=\"hljs-attr\">\"dismissed_reason\"</span>: <span class=\"hljs-string\">\"false positive\"</span>,\n    <span class=\"hljs-attr\">\"rule\"</span>: {\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-string\">\"js/zipslip\"</span>,\n      <span class=\"hljs-attr\">\"severity\"</span>: <span class=\"hljs-string\">\"error\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"Arbitrary file write during zip extraction\"</span>\n    },\n    <span class=\"hljs-attr\">\"tool\"</span>: {\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n      <span class=\"hljs-attr\">\"version\"</span>: <span class=\"hljs-literal\">null</span>\n    }\n  }\n]\n</code></pre>"
       },
+      {
+        "httpStatusCode": "403",
+        "httpStatusMessage": "Forbidden",
+        "description": "Response if git hub advanced security is not enabled for this repository"
+      },
       {
         "httpStatusCode": "404",
         "httpStatusMessage": "Not Found",
@@ -41084,6 +41089,11 @@
         "description": "Default response",
         "payload": "<pre><code class=\"hljs language-json\">{\n  <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">42</span>,\n  <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-06-19T11:21:34Z\"</span>,\n  <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/repos/github/hello-world/code-scanning/alerts/42\"</span>,\n  <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/github/hello-world/code-scanning/42\"</span>,\n  <span class=\"hljs-attr\">\"instances\"</span>: [\n    {\n      <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/heads/main\"</span>,\n      <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/codeql-analysis.yml:CodeQL-Build\"</span>,\n      <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"\"</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"fixed\"</span>\n    },\n    {\n      <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/pull/3740/head\"</span>,\n      <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/codeql-analysis.yml:CodeQL-Build\"</span>,\n      <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"\"</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"dismissed\"</span>\n    }\n  ],\n  <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"dismissed\"</span>,\n  <span class=\"hljs-attr\">\"dismissed_by\"</span>: {\n    <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"octocat\"</span>,\n    <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1</span>,\n    <span class=\"hljs-attr\">\"node_id\"</span>: <span class=\"hljs-string\">\"MDQ6VXNlcjE=\"</span>,\n    <span class=\"hljs-attr\">\"avatar_url\"</span>: <span class=\"hljs-string\">\"https://github.com/images/error/octocat_happy.gif\"</span>,\n    <span class=\"hljs-attr\">\"gravatar_id\"</span>: <span class=\"hljs-string\">\"\"</span>,\n    <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat\"</span>,\n    <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/octocat\"</span>,\n    <span class=\"hljs-attr\">\"followers_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/followers\"</span>,\n    <span class=\"hljs-attr\">\"following_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/following{/other_user}\"</span>,\n    <span class=\"hljs-attr\">\"gists_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/gists{/gist_id}\"</span>,\n    <span class=\"hljs-attr\">\"starred_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/starred{/owner}{/repo}\"</span>,\n    <span class=\"hljs-attr\">\"subscriptions_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/subscriptions\"</span>,\n    <span class=\"hljs-attr\">\"organizations_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/orgs\"</span>,\n    <span class=\"hljs-attr\">\"repos_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/repos\"</span>,\n    <span class=\"hljs-attr\">\"events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/events{/privacy}\"</span>,\n    <span class=\"hljs-attr\">\"received_events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/received_events\"</span>,\n    <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"User\"</span>,\n    <span class=\"hljs-attr\">\"site_admin\"</span>: <span class=\"hljs-literal\">false</span>\n  },\n  <span class=\"hljs-attr\">\"dismissed_at\"</span>: <span class=\"hljs-string\">\"2020-02-14T12:29:18Z\"</span>,\n  <span class=\"hljs-attr\">\"dismissed_reason\"</span>: <span class=\"hljs-string\">\"false positive\"</span>,\n  <span class=\"hljs-attr\">\"rule\"</span>: {\n    <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-string\">\"js/polynomial-redos\"</span>,\n    <span class=\"hljs-attr\">\"severity\"</span>: <span class=\"hljs-string\">\"warning\"</span>,\n    <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"Polynomial regular expression used on uncontrolled data\"</span>\n  },\n  <span class=\"hljs-attr\">\"tool\"</span>: {\n    <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n    <span class=\"hljs-attr\">\"version\"</span>: <span class=\"hljs-literal\">null</span>\n  }\n}\n</code></pre>"
       },
+      {
+        "httpStatusCode": "403",
+        "httpStatusMessage": "Forbidden",
+        "description": "Response if git hub advanced security is not enabled for this repository"
+      },
       {
         "httpStatusCode": "404",
         "httpStatusMessage": "Not Found",
@@ -41146,7 +41156,7 @@
       }
     ],
     "summary": "Update a code scanning alert",
-    "description": "Updates the status of a single code scanning alert. For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes.\nGitHub Apps must have the `security_events` write permission to use this endpoint.",
+    "description": "Updates the status of a single code scanning alert. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.",
     "operationId": "code-scanning/update-alert",
     "tags": [
       "code-scanning"
@@ -41220,7 +41230,7 @@
     "category": "code-scanning",
     "categoryLabel": "Code scanning",
     "notes": [],
-    "descriptionHTML": "<p>Updates the status of a single code scanning alert. For private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes.\nGitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>Updates the status of a single code scanning alert. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
     "bodyParameters": [
       {
         "description": "<p><strong>Required</strong>. Sets the state of the code scanning alert. Can be one of <code>open</code> or <code>dismissed</code>. You must provide <code>dismissed_reason</code> when you set the state to <code>dismissed</code>.</p>",
@@ -41270,7 +41280,7 @@
       {
         "httpStatusCode": "403",
         "httpStatusMessage": "Forbidden",
-        "description": "Response if the repository is archived"
+        "description": "Response if the repository is archived or if git hub advanced security is not enabled for this repository"
       },
       {
         "httpStatusCode": "503",
@@ -41338,7 +41348,7 @@
       }
     ],
     "summary": "List recent code scanning analyses for a repository",
-    "description": "List the details of recent code scanning analyses for a repository. For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` read permission to use this endpoint.",
+    "description": "List the details of recent code scanning analyses for a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` read permission to use this endpoint.",
     "operationId": "code-scanning/list-recent-analyses",
     "tags": [
       "code-scanning"
@@ -41358,13 +41368,18 @@
     "categoryLabel": "Code scanning",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p>List the details of recent code scanning analyses for a repository. For private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>List the details of recent code scanning analyses for a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
         "httpStatusMessage": "OK",
         "description": "Default response",
         "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/heads/master\"</span>,\n    <span class=\"hljs-attr\">\"commit_sha\"</span>: <span class=\"hljs-string\">\"d99612c3e1f2970085cfbaeadf8f010ef69bad83\"</span>,\n    <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/codeql-analysis.yml:analyze\"</span>,\n    <span class=\"hljs-attr\">\"tool_name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n    <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"{}\"</span>,\n    <span class=\"hljs-attr\">\"error\"</span>: <span class=\"hljs-string\">\"\"</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-08-27T15:05:21Z\"</span>\n  },\n  {\n    <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/heads/my-branch\"</span>,\n    <span class=\"hljs-attr\">\"commit_sha\"</span>: <span class=\"hljs-string\">\"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\"</span>,\n    <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/shiftleft.yml:build\"</span>,\n    <span class=\"hljs-attr\">\"tool_name\"</span>: <span class=\"hljs-string\">\"Python Security Analysis\"</span>,\n    <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"{}\"</span>,\n    <span class=\"hljs-attr\">\"error\"</span>: <span class=\"hljs-string\">\"\"</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-08-31T22:46:44Z\"</span>\n  }\n]\n</code></pre>"
+      },
+      {
+        "httpStatusCode": "403",
+        "httpStatusMessage": "Forbidden",
+        "description": "Response if git hub advanced security is not enabled for this repository"
       }
     ]
   },
@@ -41405,7 +41420,7 @@
       }
     ],
     "summary": "Upload a SARIF file",
-    "description": "Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository.\nFor private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` write permission to use this endpoint.",
+    "description": "Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.",
     "operationId": "code-scanning/upload-sarif",
     "tags": [
       "code-scanning"
@@ -41521,7 +41536,7 @@
       {
         "httpStatusCode": "403",
         "httpStatusMessage": "Forbidden",
-        "description": "Response if the repository is archived"
+        "description": "Response if the repository is archived or if git hub advanced security is not enabled for this repository"
       },
       {
         "httpStatusCode": "404",
@@ -41534,7 +41549,7 @@
         "description": "Response if the sarif field is too large"
       }
     ],
-    "descriptionHTML": "<p>Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository.\nFor private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
     "bodyParameters": [
       {
         "description": "<p><strong>Required</strong>. The commit SHA of the code scanning analysis file.</p>",
diff --git a/lib/rest/static/decorated/ghes-2.20.json b/lib/rest/static/decorated/ghes-2.20.json
index 7212ad4f3f..d75ffcb7a9 100644
--- a/lib/rest/static/decorated/ghes-2.20.json
+++ b/lib/rest/static/decorated/ghes-2.20.json
@@ -4632,7 +4632,7 @@
       }
     ],
     "summary": "Revoke a grant for an application",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server](https://github.com/settings/applications#authorized).",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server](https://github.com/settings/applications#authorized).",
     "tags": [
       "apps"
     ],
@@ -4665,7 +4665,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server</a>.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server</a>.</p>"
   },
   {
     "verb": "post",
@@ -5005,7 +5005,7 @@
       }
     ],
     "summary": "Check an authorization",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -5031,7 +5031,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -5083,7 +5083,7 @@
       }
     ],
     "summary": "Reset an authorization",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -5109,7 +5109,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -5156,7 +5156,7 @@
       }
     ],
     "summary": "Revoke an authorization for an application",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
     "tags": [
       "apps"
     ],
@@ -5189,7 +5189,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/enterprise-server@2.20/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
   },
   {
     "verb": "get",
diff --git a/lib/rest/static/decorated/ghes-2.21.json b/lib/rest/static/decorated/ghes-2.21.json
index c305a65fd1..eb371fa562 100644
--- a/lib/rest/static/decorated/ghes-2.21.json
+++ b/lib/rest/static/decorated/ghes-2.21.json
@@ -4626,7 +4626,7 @@
       }
     ],
     "summary": "Revoke a grant for an application",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server](https://github.com/settings/applications#authorized).",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server](https://github.com/settings/applications#authorized).",
     "tags": [
       "apps"
     ],
@@ -4659,7 +4659,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server</a>.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server</a>.</p>"
   },
   {
     "verb": "post",
@@ -4999,7 +4999,7 @@
       }
     ],
     "summary": "Check an authorization",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -5025,7 +5025,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -5077,7 +5077,7 @@
       }
     ],
     "summary": "Reset an authorization",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -5103,7 +5103,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -5150,7 +5150,7 @@
       }
     ],
     "summary": "Revoke an authorization for an application",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
     "tags": [
       "apps"
     ],
@@ -5183,7 +5183,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/enterprise-server@2.21/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
   },
   {
     "verb": "get",
diff --git a/lib/rest/static/decorated/ghes-2.22.json b/lib/rest/static/decorated/ghes-2.22.json
index 5b4f9ed054..b4d19acad9 100644
--- a/lib/rest/static/decorated/ghes-2.22.json
+++ b/lib/rest/static/decorated/ghes-2.22.json
@@ -4578,7 +4578,7 @@
       }
     ],
     "summary": "Revoke a grant for an application",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server](https://github.com/settings/applications#authorized).",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server](https://github.com/settings/applications#authorized).",
     "tags": [
       "apps"
     ],
@@ -4611,7 +4611,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server</a>.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub Enterprise Server</a>.</p>"
   },
   {
     "verb": "post",
@@ -4951,7 +4951,7 @@
       }
     ],
     "summary": "Check an authorization",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -4977,7 +4977,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -5029,7 +5029,7 @@
       }
     ],
     "summary": "Reset an authorization",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -5055,7 +5055,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -5102,7 +5102,7 @@
       }
     ],
     "summary": "Revoke an authorization for an application",
-    "description": "**Deprecation Notice:** GitHub Enterprise Server will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
+    "description": "**Deprecation Notice:** GitHub Enterprise Server will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
     "tags": [
       "apps"
     ],
@@ -5135,7 +5135,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub Enterprise Server will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/enterprise-server@2.22/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
   },
   {
     "verb": "get",
@@ -38621,7 +38621,7 @@
       }
     ],
     "summary": "List code scanning alerts for a repository",
-    "description": "Lists all open code scanning alerts for the default branch (usually `main` or `master`). For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` read permission to use this endpoint.",
+    "description": "Lists all open code scanning alerts for the default branch (usually `main` or `master`). You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` read permission to use this endpoint.",
     "tags": [
       "code-scanning"
     ],
@@ -38642,7 +38642,7 @@
     "categoryLabel": "Code scanning",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Lists all open code scanning alerts for the default branch (usually <code>main</code> or <code>master</code>). For private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>Lists all open code scanning alerts for the default branch (usually <code>main</code> or <code>master</code>). You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -38650,6 +38650,11 @@
         "description": "Default response",
         "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">4</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-02-13T12:29:18Z\"</span>,\n    <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/repos/github/hello-world/code-scanning/alerts/4\"</span>,\n    <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/github/hello-world/code-scanning/4\"</span>,\n    <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"open\"</span>,\n    <span class=\"hljs-attr\">\"dismissed_by\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"dismissed_at\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"dismissed_reason\"</span>: <span class=\"hljs-literal\">null</span>,\n    <span class=\"hljs-attr\">\"rule\"</span>: {\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-string\">\"js/zipslip\"</span>,\n      <span class=\"hljs-attr\">\"severity\"</span>: <span class=\"hljs-string\">\"error\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"Arbitrary file write during zip extraction\"</span>\n    },\n    <span class=\"hljs-attr\">\"tool\"</span>: {\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n      <span class=\"hljs-attr\">\"version\"</span>: <span class=\"hljs-literal\">null</span>\n    }\n  },\n  {\n    <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">3</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-02-13T12:29:18Z\"</span>,\n    <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/repos/github/hello-world/code-scanning/alerts/3\"</span>,\n    <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/github/hello-world/code-scanning/3\"</span>,\n    <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"dismissed\"</span>,\n    <span class=\"hljs-attr\">\"dismissed_by\"</span>: {\n      <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"octocat\"</span>,\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1</span>,\n      <span class=\"hljs-attr\">\"node_id\"</span>: <span class=\"hljs-string\">\"MDQ6VXNlcjE=\"</span>,\n      <span class=\"hljs-attr\">\"avatar_url\"</span>: <span class=\"hljs-string\">\"https://github.com/images/error/octocat_happy.gif\"</span>,\n      <span class=\"hljs-attr\">\"gravatar_id\"</span>: <span class=\"hljs-string\">\"\"</span>,\n      <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat\"</span>,\n      <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/octocat\"</span>,\n      <span class=\"hljs-attr\">\"followers_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/followers\"</span>,\n      <span class=\"hljs-attr\">\"following_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/following{/other_user}\"</span>,\n      <span class=\"hljs-attr\">\"gists_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/gists{/gist_id}\"</span>,\n      <span class=\"hljs-attr\">\"starred_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/starred{/owner}{/repo}\"</span>,\n      <span class=\"hljs-attr\">\"subscriptions_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/subscriptions\"</span>,\n      <span class=\"hljs-attr\">\"organizations_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/orgs\"</span>,\n      <span class=\"hljs-attr\">\"repos_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/repos\"</span>,\n      <span class=\"hljs-attr\">\"events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/events{/privacy}\"</span>,\n      <span class=\"hljs-attr\">\"received_events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/received_events\"</span>,\n      <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"User\"</span>,\n      <span class=\"hljs-attr\">\"site_admin\"</span>: <span class=\"hljs-literal\">false</span>\n    },\n    <span class=\"hljs-attr\">\"dismissed_at\"</span>: <span class=\"hljs-string\">\"2020-02-14T12:29:18Z\"</span>,\n    <span class=\"hljs-attr\">\"dismissed_reason\"</span>: <span class=\"hljs-string\">\"false positive\"</span>,\n    <span class=\"hljs-attr\">\"rule\"</span>: {\n      <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-string\">\"js/zipslip\"</span>,\n      <span class=\"hljs-attr\">\"severity\"</span>: <span class=\"hljs-string\">\"error\"</span>,\n      <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"Arbitrary file write during zip extraction\"</span>\n    },\n    <span class=\"hljs-attr\">\"tool\"</span>: {\n      <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n      <span class=\"hljs-attr\">\"version\"</span>: <span class=\"hljs-literal\">null</span>\n    }\n  }\n]\n</code></pre>"
       },
+      {
+        "httpStatusCode": "403",
+        "httpStatusMessage": "Forbidden",
+        "description": "Response if git hub advanced security is not enabled for this repository"
+      },
       {
         "httpStatusCode": "404",
         "httpStatusMessage": "Not Found",
@@ -38737,6 +38742,11 @@
         "description": "Default response",
         "payload": "<pre><code class=\"hljs language-json\">{\n  <span class=\"hljs-attr\">\"number\"</span>: <span class=\"hljs-number\">42</span>,\n  <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-06-19T11:21:34Z\"</span>,\n  <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/repos/github/hello-world/code-scanning/alerts/42\"</span>,\n  <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/github/hello-world/code-scanning/42\"</span>,\n  <span class=\"hljs-attr\">\"instances\"</span>: [\n    {\n      <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/heads/main\"</span>,\n      <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/codeql-analysis.yml:CodeQL-Build\"</span>,\n      <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"\"</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"fixed\"</span>\n    },\n    {\n      <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/pull/3740/head\"</span>,\n      <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/codeql-analysis.yml:CodeQL-Build\"</span>,\n      <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"\"</span>,\n      <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"dismissed\"</span>\n    }\n  ],\n  <span class=\"hljs-attr\">\"state\"</span>: <span class=\"hljs-string\">\"dismissed\"</span>,\n  <span class=\"hljs-attr\">\"dismissed_by\"</span>: {\n    <span class=\"hljs-attr\">\"login\"</span>: <span class=\"hljs-string\">\"octocat\"</span>,\n    <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-number\">1</span>,\n    <span class=\"hljs-attr\">\"node_id\"</span>: <span class=\"hljs-string\">\"MDQ6VXNlcjE=\"</span>,\n    <span class=\"hljs-attr\">\"avatar_url\"</span>: <span class=\"hljs-string\">\"https://github.com/images/error/octocat_happy.gif\"</span>,\n    <span class=\"hljs-attr\">\"gravatar_id\"</span>: <span class=\"hljs-string\">\"\"</span>,\n    <span class=\"hljs-attr\">\"url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat\"</span>,\n    <span class=\"hljs-attr\">\"html_url\"</span>: <span class=\"hljs-string\">\"https://github.com/octocat\"</span>,\n    <span class=\"hljs-attr\">\"followers_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/followers\"</span>,\n    <span class=\"hljs-attr\">\"following_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/following{/other_user}\"</span>,\n    <span class=\"hljs-attr\">\"gists_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/gists{/gist_id}\"</span>,\n    <span class=\"hljs-attr\">\"starred_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/starred{/owner}{/repo}\"</span>,\n    <span class=\"hljs-attr\">\"subscriptions_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/subscriptions\"</span>,\n    <span class=\"hljs-attr\">\"organizations_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/orgs\"</span>,\n    <span class=\"hljs-attr\">\"repos_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/repos\"</span>,\n    <span class=\"hljs-attr\">\"events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/events{/privacy}\"</span>,\n    <span class=\"hljs-attr\">\"received_events_url\"</span>: <span class=\"hljs-string\">\"https://api.github.com/users/octocat/received_events\"</span>,\n    <span class=\"hljs-attr\">\"type\"</span>: <span class=\"hljs-string\">\"User\"</span>,\n    <span class=\"hljs-attr\">\"site_admin\"</span>: <span class=\"hljs-literal\">false</span>\n  },\n  <span class=\"hljs-attr\">\"dismissed_at\"</span>: <span class=\"hljs-string\">\"2020-02-14T12:29:18Z\"</span>,\n  <span class=\"hljs-attr\">\"dismissed_reason\"</span>: <span class=\"hljs-string\">\"false positive\"</span>,\n  <span class=\"hljs-attr\">\"rule\"</span>: {\n    <span class=\"hljs-attr\">\"id\"</span>: <span class=\"hljs-string\">\"js/polynomial-redos\"</span>,\n    <span class=\"hljs-attr\">\"severity\"</span>: <span class=\"hljs-string\">\"warning\"</span>,\n    <span class=\"hljs-attr\">\"description\"</span>: <span class=\"hljs-string\">\"Polynomial regular expression used on uncontrolled data\"</span>\n  },\n  <span class=\"hljs-attr\">\"tool\"</span>: {\n    <span class=\"hljs-attr\">\"name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n    <span class=\"hljs-attr\">\"version\"</span>: <span class=\"hljs-literal\">null</span>\n  }\n}\n</code></pre>"
       },
+      {
+        "httpStatusCode": "403",
+        "httpStatusMessage": "Forbidden",
+        "description": "Response if git hub advanced security is not enabled for this repository"
+      },
       {
         "httpStatusCode": "404",
         "httpStatusMessage": "Not Found",
@@ -38799,7 +38809,7 @@
       }
     ],
     "summary": "Update a code scanning alert",
-    "description": "Updates the status of a single code scanning alert. For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes.\nGitHub Apps must have the `security_events` write permission to use this endpoint.",
+    "description": "Updates the status of a single code scanning alert. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.",
     "operationId": "code-scanning/update-alert",
     "tags": [
       "code-scanning"
@@ -38873,7 +38883,7 @@
     "category": "code-scanning",
     "categoryLabel": "Code scanning",
     "notes": [],
-    "descriptionHTML": "<p>Updates the status of a single code scanning alert. For private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes.\nGitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>Updates the status of a single code scanning alert. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
     "bodyParameters": [
       {
         "description": "<p><strong>Required</strong>. Sets the state of the code scanning alert. Can be one of <code>open</code> or <code>dismissed</code>. You must provide <code>dismissed_reason</code> when you set the state to <code>dismissed</code>.</p>",
@@ -38923,7 +38933,7 @@
       {
         "httpStatusCode": "403",
         "httpStatusMessage": "Forbidden",
-        "description": "Response if the repository is archived"
+        "description": "Response if the repository is archived or if git hub advanced security is not enabled for this repository"
       },
       {
         "httpStatusCode": "503",
@@ -38991,7 +39001,7 @@
       }
     ],
     "summary": "List recent code scanning analyses for a repository",
-    "description": "List the details of recent code scanning analyses for a repository. For private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` read permission to use this endpoint.",
+    "description": "List the details of recent code scanning analyses for a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` read permission to use this endpoint.",
     "operationId": "code-scanning/list-recent-analyses",
     "tags": [
       "code-scanning"
@@ -39011,13 +39021,18 @@
     "categoryLabel": "Code scanning",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p>List the details of recent code scanning analyses for a repository. For private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>List the details of recent code scanning analyses for a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
         "httpStatusMessage": "OK",
         "description": "Default response",
         "payload": "<pre><code class=\"hljs language-json\">[\n  {\n    <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/heads/master\"</span>,\n    <span class=\"hljs-attr\">\"commit_sha\"</span>: <span class=\"hljs-string\">\"d99612c3e1f2970085cfbaeadf8f010ef69bad83\"</span>,\n    <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/codeql-analysis.yml:analyze\"</span>,\n    <span class=\"hljs-attr\">\"tool_name\"</span>: <span class=\"hljs-string\">\"CodeQL command-line toolchain\"</span>,\n    <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"{}\"</span>,\n    <span class=\"hljs-attr\">\"error\"</span>: <span class=\"hljs-string\">\"\"</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-08-27T15:05:21Z\"</span>\n  },\n  {\n    <span class=\"hljs-attr\">\"ref\"</span>: <span class=\"hljs-string\">\"refs/heads/my-branch\"</span>,\n    <span class=\"hljs-attr\">\"commit_sha\"</span>: <span class=\"hljs-string\">\"c8cff6510d4d084fb1b4aa13b64b97ca12b07321\"</span>,\n    <span class=\"hljs-attr\">\"analysis_key\"</span>: <span class=\"hljs-string\">\".github/workflows/shiftleft.yml:build\"</span>,\n    <span class=\"hljs-attr\">\"tool_name\"</span>: <span class=\"hljs-string\">\"Python Security Analysis\"</span>,\n    <span class=\"hljs-attr\">\"environment\"</span>: <span class=\"hljs-string\">\"{}\"</span>,\n    <span class=\"hljs-attr\">\"error\"</span>: <span class=\"hljs-string\">\"\"</span>,\n    <span class=\"hljs-attr\">\"created_at\"</span>: <span class=\"hljs-string\">\"2020-08-31T22:46:44Z\"</span>\n  }\n]\n</code></pre>"
+      },
+      {
+        "httpStatusCode": "403",
+        "httpStatusMessage": "Forbidden",
+        "description": "Response if git hub advanced security is not enabled for this repository"
       }
     ]
   },
@@ -39058,7 +39073,7 @@
       }
     ],
     "summary": "Upload a SARIF file",
-    "description": "Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository.\nFor private repos, you must use an access token with the `repo` scope. For public repos, you must use an access token with `public_repo` and `repo:security_events` scopes. GitHub Apps must have the `security_events` write permission to use this endpoint.",
+    "description": "Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the `security_events` scope to use this endpoint. GitHub Apps must have the `security_events` write permission to use this endpoint.",
     "operationId": "code-scanning/upload-sarif",
     "tags": [
       "code-scanning"
@@ -39174,7 +39189,7 @@
       {
         "httpStatusCode": "403",
         "httpStatusMessage": "Forbidden",
-        "description": "Response if the repository is archived"
+        "description": "Response if the repository is archived or if git hub advanced security is not enabled for this repository"
       },
       {
         "httpStatusCode": "404",
@@ -39187,7 +39202,7 @@
         "description": "Response if the sarif field is too large"
       }
     ],
-    "descriptionHTML": "<p>Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository.\nFor private repos, you must use an access token with the <code>repo</code> scope. For public repos, you must use an access token with <code>public_repo</code> and <code>repo:security_events</code> scopes. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
+    "descriptionHTML": "<p>Upload a SARIF file containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>",
     "bodyParameters": [
       {
         "description": "<p><strong>Required</strong>. The commit SHA of the code scanning analysis file.</p>",
diff --git a/lib/rest/static/decorated/github.ae.json b/lib/rest/static/decorated/github.ae.json
index 09c762b704..4b169ad48b 100644
--- a/lib/rest/static/decorated/github.ae.json
+++ b/lib/rest/static/decorated/github.ae.json
@@ -3391,7 +3391,7 @@
       }
     ],
     "summary": "Revoke a grant for an application",
-    "description": "**Deprecation Notice:** GitHub AE will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub AE](https://github.com/settings/applications#authorized).",
+    "description": "**Deprecation Notice:** GitHub AE will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a grant for their OAuth application and a specific user. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. You must also provide a valid token as `:access_token` and the grant for the token's owner will be deleted.\n\nDeleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on [the Applications settings page under \"Authorized OAuth Apps\" on GitHub AE](https://github.com/settings/applications#authorized).",
     "tags": [
       "apps"
     ],
@@ -3424,7 +3424,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub AE</a>.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a grant for their OAuth application and a specific user. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. You must also provide a valid token as <code>:access_token</code> and the grant for the token's owner will be deleted.</p>\n<p>Deleting an OAuth application's grant will also delete all OAuth tokens associated with the application for the user. Once deleted, the application will have no access to the user's account and will no longer be listed on <a href=\"https://github.com/settings/applications#authorized\">the Applications settings page under \"Authorized OAuth Apps\" on GitHub AE</a>.</p>"
   },
   {
     "verb": "post",
@@ -3764,7 +3764,7 @@
       }
     ],
     "summary": "Check an authorization",
-    "description": "**Deprecation Notice:** GitHub AE will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub AE will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -3790,7 +3790,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use a special API method for checking OAuth token validity without exceeding the normal rate limits for failed login attempts. Authentication works differently with this particular endpoint. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -3842,7 +3842,7 @@
       }
     ],
     "summary": "Reset an authorization",
-    "description": "**Deprecation Notice:** GitHub AE will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
+    "description": "**Deprecation Notice:** GitHub AE will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.",
     "tags": [
       "apps"
     ],
@@ -3868,7 +3868,7 @@
     "subcategoryLabel": "Oauth applications",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth applications can use this API method to reset a valid OAuth token without end-user involvement. Applications must save the \"token\" property in the response because changes take effect immediately. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password. Invalid tokens will return <code>404 NOT FOUND</code>.</p>",
     "responses": [
       {
         "httpStatusCode": "200",
@@ -3915,7 +3915,7 @@
       }
     ],
     "summary": "Revoke an authorization for an application",
-    "description": "**Deprecation Notice:** GitHub AE will replace and discontinue OAuth endpoints containing `access_token` in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using `access_token` as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
+    "description": "**Deprecation Notice:** GitHub AE will discontinue OAuth endpoints that contain `access_token` in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving `access_token` to the request body. For more information, see the [blog post](https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/).\n\nOAuth application owners can revoke a single token for an OAuth application. You must use [Basic Authentication](https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password.",
     "tags": [
       "apps"
     ],
@@ -3948,7 +3948,7 @@
       }
     ],
     "bodyParameters": [],
-    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will replace and discontinue OAuth endpoints containing <code>access_token</code> in the path parameter. We are introducing new endpoints that allow you to securely manage tokens for OAuth Apps by using <code>access_token</code> as an input parameter. The OAuth Application API will be removed on May 5, 2021. For more information, including scheduled brownouts, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
+    "descriptionHTML": "<p><strong>Deprecation Notice:</strong> GitHub AE will discontinue OAuth endpoints that contain <code>access_token</code> in the path parameter. We have introduced new endpoints that allow you to securely manage tokens for OAuth Apps by moving <code>access_token</code> to the request body. For more information, see the <a href=\"https://developer.github.com/changes/2020-02-14-deprecating-oauth-app-endpoint/\">blog post</a>.</p>\n<p>OAuth application owners can revoke a single token for an OAuth application. You must use <a href=\"https://docs.github.com/github-ae@latest/rest/overview/other-authentication-methods#basic-authentication\">Basic Authentication</a> when accessing this endpoint, using the OAuth application's <code>client_id</code> and <code>client_secret</code> as the username and password.</p>"
   },
   {
     "verb": "get",