diff --git a/assets/images/help/repository/add-required-workflow-dialog.png b/assets/images/help/repository/add-required-workflow-dialog.png new file mode 100644 index 0000000000..1d8ae5f467 Binary files /dev/null and b/assets/images/help/repository/add-required-workflow-dialog.png differ diff --git a/content/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions.md b/content/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions.md index 31ed44cb14..f24626c0e2 100644 --- a/content/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions.md +++ b/content/actions/security-guides/using-githubs-security-features-to-secure-your-use-of-github-actions.md @@ -61,6 +61,10 @@ For more information about dependency review, see "[AUTOTITLE](/code-security/su {% data reusables.dependency-review.about-dependency-review-action %} +![Screenshot of a workflow run that uses the dependency review action.](/assets/images/help/graphs/dependency-review-action.png) + +{% data reusables.dependency-review.about-dependency-review-action2 %} + ## Keeping the actions in your workflows secure and up to date {% data reusables.actions.dependabot-version-updates-for-actions %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md index 9a66c3ebe2..6392376758 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review.md @@ -47,10 +47,16 @@ The dependency review feature becomes available when you enable the dependency g The action is available for all {% ifversion fpt or ghec %}public repositories, as well as private {% endif %}repositories that have {% data variables.product.prodname_GH_advanced_security %} enabled. +{% data reusables.dependency-review.org-level-enforcement %} + {% data reusables.dependency-review.action-enterprise %} {% data reusables.dependency-review.about-dependency-review-action %} +![Screenshot of a workflow run that uses the dependency review action.](/assets/images/help/graphs/dependency-review-action.png) + +{% data reusables.dependency-review.about-dependency-review-action2 %} + The action uses the dependency review REST API to get the diff of dependency changes between the base commit and head commit. You can use the dependency review API to get the diff of dependency changes, including vulnerability data, between any two commits on a repository. For more information, see "[AUTOTITLE](/rest/dependency-graph/dependency-review)."{% ifversion dependency-review-submission-api %} The action also considers dependencies submitted via the {% data variables.dependency-submission-api.name %}. For more information about the {% data variables.dependency-submission-api.name %}, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api)." {% data reusables.dependency-review.works-with-submission-api-beta %} diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md index 683eb437e1..920db9d719 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review.md @@ -51,6 +51,8 @@ Dependency review is available when dependency graph is enabled for {% data vari {% data reusables.dependency-review.dependency-review-action-overview %} +{% data reusables.dependency-review.org-level-enforcement %} + Here is a list of common configuration options. For more information, and a full list of options, see [Dependency Review](https://github.com/marketplace/actions/dependency-review) on the {% data variables.product.prodname_marketplace %}. | Option | Required | Usage | diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/enforcing-dependency-review-across-an-organization.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/enforcing-dependency-review-across-an-organization.md new file mode 100644 index 0000000000..771fb769a2 --- /dev/null +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/enforcing-dependency-review-across-an-organization.md @@ -0,0 +1,45 @@ +--- +title: Enforcing dependency review across an organization +intro: 'Dependency review lets you catch insecure dependencies before you introduce them to your environment. You can enforce the use of the {% data variables.dependency-review.action_name %} across your organization.' +product: '{% data reusables.gated-features.dependency-review %}' +shortTitle: Enforce dependency review +permissions: 'Organization owners can enforce use of the {% data variables.dependency-review.action_name %} in repositories within their organization.' +versions: + feature: repo-rules +type: overview +topics: + - Advanced Security + - Dependency review + - Vulnerabilities + - Dependencies + - Pull requests +--- + +## About dependency review enforcement + +{% data reusables.dependency-review.action-enterprise %} + +{% data reusables.dependency-review.about-dependency-review-action %} For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)." + +You can enforce the use of the {% data variables.dependency-review.action_name %} in your organization by setting up a repository ruleset that will require the `dependency-review-action` workflow to pass before pull requests can be merged. Repository rulesets are rule settings that allow you to control how users can interact with selected branches and tags in your repositories. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets)" and "[Require workflows to pass before merging](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-workflows-to-pass-before-merging)." + +## Prerequisites + +You need to add the {% data variables.dependency-review.action_name %} to one of the repositories in your organization, and configure the action. For more information, see "[Configuring the dependency review action](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#configuring-the-dependency-review-action)." + +## Enforcing dependency review for your organization + +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +{% data reusables.organizations.access-ruleset-settings %} +1. Click **New branch ruleset**. +1. Set **Enforcement status** to {% octicon "play" aria-hidden="true" %} **Active**. +1. Optionally, you can target specific repositories in your organization. For more information, see "[Choosing which repositories to target in your organization](/organizations/managing-organization-settings/creating-rulesets-for-repositories-in-your-organization#choosing-which-repositories-to-target-in-your-organization)." +1. In the "Rules" section, select the "Require workflows to pass before merging" option. +1. In "Workflow configurations", click **Add workflow**. +1. In the dialog, select the repository that you added the {% data variables.dependency-review.action_name %} to. For more information, see "[Prerequisites](#prerequisites)." +1. Select a branch and the workflow file for dependency review in the enhanced dialog. + + ![Screenshot of the Add required workflow dialog. You need to specify a repository, branch, and workflow.](/assets/images/help/repository/add-required-workflow-dialog.png) + +1. Click **Create**. diff --git a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md index 0b6ab8751d..b4b062040c 100644 --- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md +++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/index.md @@ -17,6 +17,7 @@ children: - /using-the-dependency-submission-api - /about-dependency-review - /configuring-dependency-review + - /enforcing-dependency-review-across-an-organization - /exploring-the-dependencies-of-a-repository - /troubleshooting-the-dependency-graph --- diff --git a/data/release-notes/enterprise-server/3-10/14.yml b/data/release-notes/enterprise-server/3-10/15.yml similarity index 96% rename from data/release-notes/enterprise-server/3-10/14.yml rename to data/release-notes/enterprise-server/3-10/15.yml index 8e95d8b644..f7c8ebdb10 100644 --- a/data/release-notes/enterprise-server/3-10/14.yml +++ b/data/release-notes/enterprise-server/3-10/15.yml @@ -1,5 +1,8 @@ -date: '2024-07-10' +date: '2024-07-19' intro: | + + >[!NOTE] Due to a bug that caused hotpatch upgrades to fail for instances on Microsoft Azure, the previous patch release in this series (**3.10.14**) is not available for download. The following release notes include the updates introduced in that release. + {% warning %} **Warning**: A change to MySQL in GitHub Enterprise Server 3.9 and later may impact the performance of your instance. Before you upgrade, make sure you've read the "[Known issues](#3.10.14-known-issues)" section of these release notes. @@ -32,6 +35,8 @@ sections: - | Packages have been updated to the latest security versions. bugs: + - | + When an instance hosted on Azure was upgraded with a hotpatch, the upgrade failed with an `rsync` error. - | On an instance with GitHub Actions enabled, remote blob storage could fill up with large amounts of data because cleanup jobs were skipped on old hosts. - | diff --git a/data/release-notes/enterprise-server/3-11/12.yml b/data/release-notes/enterprise-server/3-11/13.yml similarity index 97% rename from data/release-notes/enterprise-server/3-11/12.yml rename to data/release-notes/enterprise-server/3-11/13.yml index 1d672b047a..a8ac4e3fd8 100644 --- a/data/release-notes/enterprise-server/3-11/12.yml +++ b/data/release-notes/enterprise-server/3-11/13.yml @@ -1,4 +1,7 @@ -date: '2024-07-10' +date: '2024-07-19' +intro: | + + >[!NOTE] Due to a bug that caused hotpatch upgrades to fail for instances on Microsoft Azure, the previous patch release in this series (**3.11.12**) is not available for download. The following release notes include the updates introduced in that release. sections: security_fixes: - | @@ -24,6 +27,8 @@ sections: - | Packages have been updated to the latest security versions. bugs: + - | + When an instance hosted on Azure was upgraded with a hotpatch, the upgrade failed with an `rsync` error. - | On an instance with GitHub Actions enabled, remote blob storage could fill up with large amounts of data because cleanup jobs were skipped on old hosts. - | diff --git a/data/release-notes/enterprise-server/3-12/6.yml b/data/release-notes/enterprise-server/3-12/7.yml similarity index 97% rename from data/release-notes/enterprise-server/3-12/6.yml rename to data/release-notes/enterprise-server/3-12/7.yml index 3d39072d3a..588327ada2 100644 --- a/data/release-notes/enterprise-server/3-12/6.yml +++ b/data/release-notes/enterprise-server/3-12/7.yml @@ -1,4 +1,7 @@ -date: '2024-07-10' +date: '2024-07-19' +intro: | + + >[!NOTE] Due to a bug that caused hotpatch upgrades to fail for instances on Microsoft Azure, the previous patch release in this series (**3.12.6**) is not available for download. The following release notes include the updates introduced in that release. sections: security_fixes: - | @@ -24,6 +27,8 @@ sections: - | Packages have been updated to the latest security versions. bugs: + - | + When an instance hosted on Azure was upgraded with a hotpatch, the upgrade failed with an `rsync` error. - | On an instance with GitHub Actions enabled, remote blob storage could fill up with large amounts of data because cleanup jobs were skipped on old hosts. - | diff --git a/data/release-notes/enterprise-server/3-13/1.yml b/data/release-notes/enterprise-server/3-13/2.yml similarity index 95% rename from data/release-notes/enterprise-server/3-13/1.yml rename to data/release-notes/enterprise-server/3-13/2.yml index 380211bbae..cd9076f242 100644 --- a/data/release-notes/enterprise-server/3-13/1.yml +++ b/data/release-notes/enterprise-server/3-13/2.yml @@ -1,4 +1,7 @@ -date: '2024-07-10' +date: '2024-07-19' +intro: | + + >[!NOTE] Due to a bug that caused hotpatch upgrades to fail for instances on Microsoft Azure, the previous patch release in this series (**3.13.1**) is not available for download. The following release notes include the updates introduced in that release. sections: security_fixes: - | @@ -26,6 +29,8 @@ sections: - | Packages have been updated to the latest security versions. bugs: + - | + When an instance hosted on Azure was upgraded with a hotpatch, the upgrade failed with an `rsync` error. - | On an instance with GitHub Actions enabled, remote blob storage could fill up with large amounts of data because cleanup jobs were skipped on old hosts. - | @@ -135,7 +140,7 @@ sections: To avoid excessive log volume and associated disk pressure, requests for `GetCacheKey` are no longer logged. Previously, the high frequency of these requests caused significant log accumulation. known_issues: - | - TODO: Add finalized release note for https://github.com/github/ghes/issues/9451. + When restoring data originally backed up from a 3.13 appliance onto a 3.13 appliance, the Elasticsearch indices need to be reindexed before some data will appear. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. - | Custom firewall rules are removed during the upgrade process. - | diff --git a/data/release-notes/enterprise-server/3-9/17.yml b/data/release-notes/enterprise-server/3-9/18.yml similarity index 96% rename from data/release-notes/enterprise-server/3-9/17.yml rename to data/release-notes/enterprise-server/3-9/18.yml index 440a3a9d61..25a0d07205 100644 --- a/data/release-notes/enterprise-server/3-9/17.yml +++ b/data/release-notes/enterprise-server/3-9/18.yml @@ -1,5 +1,8 @@ -date: '2024-07-10' +date: '2024-07-19' intro: | + + >[!NOTE] Due to a bug that caused hotpatch upgrades to fail for instances on Microsoft Azure, the previous patch release in this series (**3.9.17**) is not available for download. The following release notes include the updates introduced in that release. + {% warning %} **Warning**: A change to MySQL in GitHub Enterprise Server 3.9 and later may impact the performance of your instance. Before you upgrade, make sure you've read the "[Known issues](#3.9.17-known-issues)" section of these release notes. @@ -26,6 +29,8 @@ sections: - | Firewall port 9199, which linked to a static maintenance page used when enabling maintenance mode with an IP exception list, was opened unnecessarily. bugs: + - | + When an instance hosted on Azure was upgraded with a hotpatch, the upgrade failed with an `rsync` error. - | On an instance with GitHub Actions enabled, remote blob storage could fill up with large amounts of data because cleanup jobs were skipped on old hosts. - | diff --git a/data/reusables/dependency-review/about-dependency-review-action.md b/data/reusables/dependency-review/about-dependency-review-action.md index d65c99a425..0cd8fa7e0f 100644 --- a/data/reusables/dependency-review/about-dependency-review-action.md +++ b/data/reusables/dependency-review/about-dependency-review-action.md @@ -1,5 +1 @@ You can use the [`dependency-review-action`](https://github.com/actions/dependency-review-action) in your repository to enforce dependency reviews on your pull requests. The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, and warns you about the associated security vulnerabilities. This gives you better visibility of what's changing in a pull request, and helps prevent vulnerabilities being added to your repository. - -![Screenshot of a workflow run that uses the Dependency review action.](/assets/images/help/graphs/dependency-review-action.png) - -By default, the {% data variables.dependency-review.action_name %} check will fail if it discovers any vulnerable packages. A failed check blocks a pull request from being merged when the repository owner requires the dependency review check to pass. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging)." diff --git a/data/reusables/dependency-review/about-dependency-review-action2.md b/data/reusables/dependency-review/about-dependency-review-action2.md new file mode 100644 index 0000000000..09a9ec45ea --- /dev/null +++ b/data/reusables/dependency-review/about-dependency-review-action2.md @@ -0,0 +1 @@ +By default, the {% data variables.dependency-review.action_name %} check will fail if it discovers any vulnerable packages. A failed check blocks a pull request from being merged when the repository owner requires the dependency review check to pass. For more information, see "[AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging)." diff --git a/data/reusables/dependency-review/org-level-enforcement.md b/data/reusables/dependency-review/org-level-enforcement.md new file mode 100644 index 0000000000..724247407a --- /dev/null +++ b/data/reusables/dependency-review/org-level-enforcement.md @@ -0,0 +1,5 @@ +{% ifversion repo-rules %} + +Organization owners can roll out dependency review at scale by enforcing the use of the {% data variables.dependency-review.action_name %} across repositories in the organization. This involves the use of repository rulesets for which you'll set the {% data variables.dependency-review.action_name %} as a required workflow, which means that pull requests can only be merged once the workflow passes all the required checks. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/enforcing-dependency-review-across-an-organization)." + +{% endif %} diff --git a/src/audit-logs/data/fpt/organization.json b/src/audit-logs/data/fpt/organization.json index 2d2647cec4..fca24968bf 100644 --- a/src/audit-logs/data/fpt/organization.json +++ b/src/audit-logs/data/fpt/organization.json @@ -1534,6 +1534,21 @@ "description": "Push protection for secret scanning was enabled for all new repositories in the organization.", "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations" }, + { + "action": "org.security_center_export_coverage", + "description": "A CSV export was requested on the Coverage page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_overview_dashboard", + "description": "A CSV export was requested on the Overview Dashboard page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_risk", + "description": "A CSV export was requested on the Risk page.", + "docs_reference_links": "N/A" + }, { "action": "org.self_hosted_runner_offline", "description": "The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", diff --git a/src/audit-logs/data/fpt/user.json b/src/audit-logs/data/fpt/user.json index 15d52f8ef8..e6ebdc40cf 100644 --- a/src/audit-logs/data/fpt/user.json +++ b/src/audit-logs/data/fpt/user.json @@ -669,6 +669,21 @@ "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.", "docs_reference_links": "N/A" }, + { + "action": "org.security_center_export_coverage", + "description": "A CSV export was requested on the Coverage page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_overview_dashboard", + "description": "A CSV export was requested on the Overview Dashboard page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_risk", + "description": "A CSV export was requested on the Risk page.", + "docs_reference_links": "N/A" + }, { "action": "org.set_actions_fork_pr_approvals_policy", "description": "The setting for requiring approvals for workflows from public forks was changed for an organization.", diff --git a/src/audit-logs/data/ghec/enterprise.json b/src/audit-logs/data/ghec/enterprise.json index b889741655..92285c4ee7 100644 --- a/src/audit-logs/data/ghec/enterprise.json +++ b/src/audit-logs/data/ghec/enterprise.json @@ -494,6 +494,11 @@ "description": "Secret scanning was enabled for new repositories in your enterprise.", "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise" }, + { + "action": "business_secret_scanning_generic_secrets.disabled", + "description": "Generic secrets have been disabled at the business level", + "docs_reference_links": "N/A" + }, { "action": "business_secret_scanning_generic_secrets.enabled", "description": "Generic secrets have been enabled at the business level", diff --git a/src/audit-logs/data/ghec/organization.json b/src/audit-logs/data/ghec/organization.json index 2d2647cec4..fca24968bf 100644 --- a/src/audit-logs/data/ghec/organization.json +++ b/src/audit-logs/data/ghec/organization.json @@ -1534,6 +1534,21 @@ "description": "Push protection for secret scanning was enabled for all new repositories in the organization.", "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations" }, + { + "action": "org.security_center_export_coverage", + "description": "A CSV export was requested on the Coverage page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_overview_dashboard", + "description": "A CSV export was requested on the Overview Dashboard page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_risk", + "description": "A CSV export was requested on the Risk page.", + "docs_reference_links": "N/A" + }, { "action": "org.self_hosted_runner_offline", "description": "The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", diff --git a/src/audit-logs/data/ghec/user.json b/src/audit-logs/data/ghec/user.json index 15d52f8ef8..e6ebdc40cf 100644 --- a/src/audit-logs/data/ghec/user.json +++ b/src/audit-logs/data/ghec/user.json @@ -669,6 +669,21 @@ "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.", "docs_reference_links": "N/A" }, + { + "action": "org.security_center_export_coverage", + "description": "A CSV export was requested on the Coverage page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_overview_dashboard", + "description": "A CSV export was requested on the Overview Dashboard page.", + "docs_reference_links": "N/A" + }, + { + "action": "org.security_center_export_risk", + "description": "A CSV export was requested on the Risk page.", + "docs_reference_links": "N/A" + }, { "action": "org.set_actions_fork_pr_approvals_policy", "description": "The setting for requiring approvals for workflows from public forks was changed for an organization.", diff --git a/src/audit-logs/data/ghes-3.10/enterprise.json b/src/audit-logs/data/ghes-3.10/enterprise.json index b516f58bcb..2c91c2ab64 100644 --- a/src/audit-logs/data/ghes-3.10/enterprise.json +++ b/src/audit-logs/data/ghes-3.10/enterprise.json @@ -39,6 +39,26 @@ "description": "A workflow run artifact was manually deleted.", "docs_reference_links": "N/A" }, + { + "action": "audit_log_streaming.check", + "description": "A manual check of the endpoint configured for audit log streaming was performed.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.create", + "description": "An endpoint was added for audit log streaming.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.destroy", + "description": "An audit log streaming endpoint was deleted.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.update", + "description": "An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.", + "docs_reference_links": "N/A" + }, { "action": "billing.change_billing_type", "description": "The way the account pays for GitHub was changed.", diff --git a/src/audit-logs/data/ghes-3.11/enterprise.json b/src/audit-logs/data/ghes-3.11/enterprise.json index a78220fb7e..91b7b95464 100644 --- a/src/audit-logs/data/ghes-3.11/enterprise.json +++ b/src/audit-logs/data/ghes-3.11/enterprise.json @@ -39,6 +39,26 @@ "description": "A workflow run artifact was manually deleted.", "docs_reference_links": "N/A" }, + { + "action": "audit_log_streaming.check", + "description": "A manual check of the endpoint configured for audit log streaming was performed.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.create", + "description": "An endpoint was added for audit log streaming.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.destroy", + "description": "An audit log streaming endpoint was deleted.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.update", + "description": "An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.", + "docs_reference_links": "N/A" + }, { "action": "billing.change_billing_type", "description": "The way the account pays for GitHub was changed.", diff --git a/src/audit-logs/data/ghes-3.12/enterprise.json b/src/audit-logs/data/ghes-3.12/enterprise.json index a3fb1b924c..68842f004c 100644 --- a/src/audit-logs/data/ghes-3.12/enterprise.json +++ b/src/audit-logs/data/ghes-3.12/enterprise.json @@ -39,6 +39,26 @@ "description": "A workflow run artifact was manually deleted.", "docs_reference_links": "N/A" }, + { + "action": "audit_log_streaming.check", + "description": "A manual check of the endpoint configured for audit log streaming was performed.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.create", + "description": "An endpoint was added for audit log streaming.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.destroy", + "description": "An audit log streaming endpoint was deleted.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.update", + "description": "An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.", + "docs_reference_links": "N/A" + }, { "action": "billing.change_billing_type", "description": "The way the account pays for GitHub was changed.", diff --git a/src/audit-logs/data/ghes-3.13/enterprise.json b/src/audit-logs/data/ghes-3.13/enterprise.json index a61c0f60e2..3d93a8b1fa 100644 --- a/src/audit-logs/data/ghes-3.13/enterprise.json +++ b/src/audit-logs/data/ghes-3.13/enterprise.json @@ -39,6 +39,26 @@ "description": "A workflow run artifact was manually deleted.", "docs_reference_links": "N/A" }, + { + "action": "audit_log_streaming.check", + "description": "A manual check of the endpoint configured for audit log streaming was performed.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.create", + "description": "An endpoint was added for audit log streaming.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.destroy", + "description": "An audit log streaming endpoint was deleted.", + "docs_reference_links": "N/A" + }, + { + "action": "audit_log_streaming.update", + "description": "An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.", + "docs_reference_links": "N/A" + }, { "action": "billing.change_billing_type", "description": "The way the account pays for GitHub was changed.", diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json index bb426866dc..8d62ed987f 100644 --- a/src/audit-logs/lib/config.json +++ b/src/audit-logs/lib/config.json @@ -3,5 +3,5 @@ "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", "apiRequestEvent": "This event is only available via audit log streaming." }, - "sha": "2c44efa5301a678da66dfc2ef6646642ddfc3c1e" + "sha": "ade3f07f6be41a3c708b0a7e1d1afc565309f1aa" } \ No newline at end of file diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json index c5fe636f26..d43a4a616f 100644 --- a/src/secret-scanning/lib/config.json +++ b/src/secret-scanning/lib/config.json @@ -1,3 +1,3 @@ { - "sha": "44240be9486b0bffa65fbc451b37ae3775858699" + "sha": "d9929cf86fbe567f045f18e66b874cc451447db9" } \ No newline at end of file