From c5b9e93a404b45a619f37c3f882811928000c8e3 Mon Sep 17 00:00:00 2001 From: Laura Coursen Date: Thu, 12 Jan 2023 14:03:30 -0600 Subject: [PATCH 1/2] Enterprise bug fixes for the week of December 19, 2022 (#33689) Co-authored-by: Sarah Edwards --- ...or-security-settings-in-your-enterprise.md | 4 +- lib/webhooks/static/decorated/ghes-3.3.json | 270 ++++++++++++++++++ lib/webhooks/static/decorated/ghes-3.4.json | 270 ++++++++++++++++++ lib/webhooks/static/decorated/ghes-3.5.json | 270 ++++++++++++++++++ lib/webhooks/static/decorated/ghes-3.6.json | 270 ++++++++++++++++++ 5 files changed, 1082 insertions(+), 2 deletions(-) diff --git a/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md b/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md index 6c0ed9c1c5..57b9c273bd 100644 --- a/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md +++ b/content/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise.md @@ -25,13 +25,13 @@ shortTitle: Policies for security settings ## About policies for security settings in your enterprise -You can enforce policies to control the security settings for organizations owned by your enterprise on {% data variables.product.product_name %}. By default, organization owners can manage security settings. +You can enforce policies to control the security settings for organizations owned by your enterprise on {% data variables.product.product_name %}. By default, organization owners can manage security settings. {% ifversion ghec or ghes %} ## Requiring two-factor authentication for organizations in your enterprise -Enterprise owners can require that organization members, billing managers, and outside collaborators in all organizations owned by an enterprise use two-factor authentication to secure their user accounts. +{% ifversion ghes%}If {% data variables.location.product_location %} uses LDAP or built-in authentication, enterprise{% else %}Enterprise{% endif %} owners can require that organization members, billing managers, and outside collaborators in all organizations owned by an enterprise use two-factor authentication to secure their user accounts. Before you can require 2FA for all organizations owned by your enterprise, you must enable two-factor authentication for your own account. For more information, see "[Securing your account with two-factor authentication (2FA)](/articles/securing-your-account-with-two-factor-authentication-2fa/)." diff --git a/lib/webhooks/static/decorated/ghes-3.3.json b/lib/webhooks/static/decorated/ghes-3.3.json index 3d4a9cb396..06e742fe06 100644 --- a/lib/webhooks/static/decorated/ghes-3.3.json +++ b/lib/webhooks/static/decorated/ghes-3.3.json @@ -9047,6 +9047,276 @@ } } }, + "repository_vulnerability_alert": { + "create": { + "descriptionHtml": "

A repository vulnerability alert was created.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "create" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "Repository webhooks", + "Organization webhooks" + ], + "action": "create", + "category": "repository_vulnerability_alert" + }, + "dismiss": { + "descriptionHtml": "

A repository vulnerability alert was dismissed.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "dismiss" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "Repository webhooks", + "Organization webhooks" + ], + "action": "dismiss", + "category": "repository_vulnerability_alert" + }, + "reopen": { + "descriptionHtml": "

A previously dismissed or resolved repository vulnerability alert was reopened.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "reopen" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "Repository webhooks", + "Organization webhooks" + ], + "action": "reopen", + "category": "repository_vulnerability_alert" + }, + "resolve": { + "descriptionHtml": "

A repository vulnerability alert was marked as resolved.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "resolve" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "Repository webhooks", + "Organization webhooks" + ], + "action": "resolve", + "category": "repository_vulnerability_alert" + } + }, "secret_scanning_alert": { "reopened": { "category": "secret_scanning_alert", diff --git a/lib/webhooks/static/decorated/ghes-3.4.json b/lib/webhooks/static/decorated/ghes-3.4.json index 501cbafe23..9bf5ba0c99 100644 --- a/lib/webhooks/static/decorated/ghes-3.4.json +++ b/lib/webhooks/static/decorated/ghes-3.4.json @@ -9304,6 +9304,276 @@ } } }, + "repository_vulnerability_alert": { + "create": { + "descriptionHtml": "

A repository vulnerability alert was created.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "create" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "create", + "category": "repository_vulnerability_alert" + }, + "dismiss": { + "descriptionHtml": "

A repository vulnerability alert was dismissed.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "dismiss" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "dismiss", + "category": "repository_vulnerability_alert" + }, + "reopen": { + "descriptionHtml": "

A previously dismissed or resolved repository vulnerability alert was reopened.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "reopen" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "reopen", + "category": "repository_vulnerability_alert" + }, + "resolve": { + "descriptionHtml": "

A repository vulnerability alert was marked as resolved.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "resolve" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "resolve", + "category": "repository_vulnerability_alert" + } + }, "secret_scanning_alert": { "reopened": { "category": "secret_scanning_alert", diff --git a/lib/webhooks/static/decorated/ghes-3.5.json b/lib/webhooks/static/decorated/ghes-3.5.json index 91316b2ad1..bb7ef6db78 100644 --- a/lib/webhooks/static/decorated/ghes-3.5.json +++ b/lib/webhooks/static/decorated/ghes-3.5.json @@ -9304,6 +9304,276 @@ } } }, + "repository_vulnerability_alert": { + "create": { + "descriptionHtml": "

A repository vulnerability alert was created.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "create" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "create", + "category": "repository_vulnerability_alert" + }, + "dismiss": { + "descriptionHtml": "

A repository vulnerability alert was dismissed.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "dismiss" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "dismiss", + "category": "repository_vulnerability_alert" + }, + "reopen": { + "descriptionHtml": "

A previously dismissed or resolved repository vulnerability alert was reopened.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "reopen" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "reopen", + "category": "repository_vulnerability_alert" + }, + "resolve": { + "descriptionHtml": "

A repository vulnerability alert was marked as resolved.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "resolve" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "resolve", + "category": "repository_vulnerability_alert" + } + }, "secret_scanning_alert": { "reopened": { "category": "secret_scanning_alert", diff --git a/lib/webhooks/static/decorated/ghes-3.6.json b/lib/webhooks/static/decorated/ghes-3.6.json index 76edd7acad..7b50144e6e 100644 --- a/lib/webhooks/static/decorated/ghes-3.6.json +++ b/lib/webhooks/static/decorated/ghes-3.6.json @@ -9304,6 +9304,276 @@ } } }, + "repository_vulnerability_alert": { + "create": { + "descriptionHtml": "

A repository vulnerability alert was created.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "create" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "create", + "category": "repository_vulnerability_alert" + }, + "dismiss": { + "descriptionHtml": "

A repository vulnerability alert was dismissed.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "dismiss" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "dismiss", + "category": "repository_vulnerability_alert" + }, + "reopen": { + "descriptionHtml": "

A previously dismissed or resolved repository vulnerability alert was reopened.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "reopen" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "reopen", + "category": "repository_vulnerability_alert" + }, + "resolve": { + "descriptionHtml": "

A repository vulnerability alert was marked as resolved.

", + "summaryHtml": "

This event occurs when there is activity relating to a security vulnerability alert in a repository.

\n

Note: This event is deprecated. Use the dependabot_alert event instead.

", + "bodyParameters": [ + { + "type": "string", + "name": "action", + "in": "body", + "description": "", + "isRequired": true, + "enum": [ + "resolve" + ], + "childParamsGroups": [] + }, + { + "type": "", + "name": "alert", + "in": "body", + "description": "", + "isRequired": true + }, + { + "type": "object", + "name": "enterprise", + "in": "body", + "description": "

An enterprise on GitHub.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "installation", + "in": "body", + "description": "

The GitHub App installation. This property is included when the event is configured for and sent to a GitHub App.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "organization", + "in": "body", + "description": "

A GitHub organization.

", + "childParamsGroups": [] + }, + { + "type": "object", + "name": "repository", + "in": "body", + "description": "

A repository on GitHub.

", + "isRequired": true, + "childParamsGroups": [] + }, + { + "type": "object", + "name": "sender", + "in": "body", + "description": "

A GitHub user.

", + "isRequired": true, + "childParamsGroups": [] + } + ], + "availability": [ + "repository", + "organization" + ], + "action": "resolve", + "category": "repository_vulnerability_alert" + } + }, "secret_scanning_alert": { "reopened": { "category": "secret_scanning_alert", From b83009ce59988b4aa4cb9938a898d54734ac0c97 Mon Sep 17 00:00:00 2001 From: Peter Bengtsson Date: Thu, 12 Jan 2023 21:18:29 +0100 Subject: [PATCH 2/2] max 10 pages of pagination on dedicated search page (#33915) --- components/search/SearchResults.tsx | 2 +- middleware/api/search.js | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/components/search/SearchResults.tsx b/components/search/SearchResults.tsx index 1af43cb9f8..33f929db60 100644 --- a/components/search/SearchResults.tsx +++ b/components/search/SearchResults.tsx @@ -139,7 +139,7 @@ function ResultsPagination({ page, totalPages }: { page: number; totalPages: num return ( { diff --git a/middleware/api/search.js b/middleware/api/search.js index 9f5bfa96ad..12b1118fca 100644 --- a/middleware/api/search.js +++ b/middleware/api/search.js @@ -25,6 +25,7 @@ const MAX_SIZE = 50 // How much you return has a strong impact on performance const DEFAULT_PAGE = 1 const POSSIBLE_SORTS = ['best', 'relevance'] const DEFAULT_SORT = POSSIBLE_SORTS[0] +const MAX_PAGE = 10 // If someone searches for `...&version=3.5` what they actually mean // is `ghes-3.5`. This is because of legacy formatting with the old search. @@ -185,7 +186,7 @@ const validationMiddleware = (req, res, next) => { key: 'page', default_: DEFAULT_PAGE, cast: (v) => parseInt(v, 10), - validate: (v) => v >= 1 && v <= 10, + validate: (v) => v >= 1 && v <= MAX_PAGE, }, { key: 'sort', default_: DEFAULT_SORT, validate: (v) => POSSIBLE_SORTS.includes(v) }, {