Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: enable and disable automated security features #1705

Merged
merged 1 commit into from
Jul 24, 2024
+757 −0
Merged

feat: enable and disable automated security features #1705

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 43 additions & 0 deletions lib/octokit/client/repositories.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -774,6 +774,49 @@ def enable_vulnerability_alerts(repo, options = {})
def disable_vulnerability_alerts(repo, options = {})
boolean_from_response(:delete, "#{Repository.path repo}/vulnerability-alerts", options)
end

# Check to see if automated security fixes are enabled for a repository
#
# The authenticated user must have admin access to the repository.
#
# @param repo [Integer, String, Hash, Repository] A GitHub repository.
# @return [Boolean] True if automated security fixes are enabled, false otherwise.
# @see https://docs.github.com/en/rest/reference/repos#check-if-automated-security-fixes-are-enabled-for-a-repository
#
# @example
# @client.automated_security_fixes_enabled?("octokit/octokit.rb")
def automated_security_fixes_enabled?(repo, options = {})
response = get "#{Repository.path repo}/automated-security-fixes", options
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not a boolean_from_response capable endpoint; it always returns 200 with an object:

https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#check-if-automated-security-fixes-are-enabled-for-a-repository

Note that unlike the docs, it does not return 404 if not enabled, it always returns the object (with enabled: false).

return response[:enabled] if @last_response.status == 200

false
end

# Enable automated security fixes for a repository
#
# @param repo [Integer, String, Hash, Repository] A GitHub repository.
# @param options [Hash]
#
# @return [Boolean] True if vulnerability alerts enabled, false otherwise.
# @see https://docs.github.com/en/rest/reference/repos#automated-security-fixes
# @example Enable automated security fixes for a repository
# @client.enable_automated_security_fixes("octokit/octokit.rb")
def enable_automated_security_fixes(repo, options = {})
boolean_from_response(:put, "#{Repository.path repo}/automated-security-fixes", options)
end

# Disable automated security fixes for a repository
#
# @param repo [Integer, String, Hash, Repository] A GitHub repository.
# @param options [Hash]
#
# @return [Boolean] True if vulnerability alerts disabled, false otherwise.
# @see https://docs.github.com/en/rest/reference/repos#automated-security-fixes
# @example Disable automated security fixes for a repository
# @client.disable_automated_security_fixes("octokit/octokit.rb")
def disable_automated_security_fixes(repo, options = {})
boolean_from_response(:delete, "#{Repository.path repo}/automated-security-fixes", options)
end
end
end
end
229 changes: 229 additions & 0 deletions ...tomated_security_fixes_enabled_/returns_false_with_automated_security_fixes_disabled.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,229 @@
{
"http_interactions": [
{
"request": {
"method": "delete",
"uri": "https://api.github.com/repos/<GITHUB_LOGIN>/<GITHUB_TEST_REPOSITORY>/automated-security-fixes",
"body": {
"encoding": "UTF-8",
"base64_string": "e30=\n"
},
"headers": {
"Accept": [
"application/vnd.github.v3+json"
],
"User-Agent": [
"Octokit Ruby Gem 9.1.0"
],
"Content-Type": [
"application/json"
],
"Authorization": [
"token <<ACCESS_TOKEN>>"
],
"Accept-Encoding": [
"gzip;q=1.0,deflate;q=0.6,identity;q=0.3"
]
}
},
"response": {
"status": {
"code": 204,
"message": "No Content"
},
"headers": {
"Date": [
"Thu, 18 Jul 2024 13:41:54 GMT"
],
"X-Oauth-Scopes": [
"admin:public_key, codespace, gist, read:org, repo"
],
"X-Accepted-Oauth-Scopes": [
"repo"
],
"X-Oauth-Client-Id": [
"178c6fc778ccc68e1d6a"
],
"X-Github-Media-Type": [
"github.v3; format=json"
],
"X-Github-Api-Version-Selected": [
"2022-11-28"
],
"X-Ratelimit-Limit": [
"5000"
],
"X-Ratelimit-Remaining": [
"4894"
],
"X-Ratelimit-Reset": [
"1721311964"
],
"X-Ratelimit-Used": [
"106"
],
"X-Ratelimit-Resource": [
"core"
],
"Access-Control-Expose-Headers": [
"ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset"
],
"Access-Control-Allow-Origin": [
"*"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubdomains; preload"
],
"X-Frame-Options": [
"deny"
],
"X-Content-Type-Options": [
"nosniff"
],
"X-Xss-Protection": [
"0"
],
"Referrer-Policy": [
"origin-when-cross-origin, strict-origin-when-cross-origin"
],
"Content-Security-Policy": [
"default-src 'none'"
],
"Vary": [
"Accept-Encoding, Accept, X-Requested-With"
],
"X-Github-Request-Id": [
"DA10:39DB3F:20F911E:3DE6752:66991BA1"
],
"Server": [
"github.com"
]
},
"body": {
"encoding": "UTF-8",
"base64_string": ""
}
},
"recorded_at": "Thu, 18 Jul 2024 13:41:54 GMT"
},
{
"request": {
"method": "get",
"uri": "https://api.github.com/repos/<GITHUB_LOGIN>/<GITHUB_TEST_REPOSITORY>/automated-security-fixes",
"body": {
"encoding": "US-ASCII",
"base64_string": ""
},
"headers": {
"Accept": [
"application/vnd.github.v3+json"
],
"User-Agent": [
"Octokit Ruby Gem 9.1.0"
],
"Content-Type": [
"application/json"
],
"Authorization": [
"token <<ACCESS_TOKEN>>"
],
"Accept-Encoding": [
"gzip;q=1.0,deflate;q=0.6,identity;q=0.3"
]
}
},
"response": {
"status": {
"code": 200,
"message": "OK"
},
"headers": {
"Date": [
"Thu, 18 Jul 2024 13:41:54 GMT"
],
"Content-Type": [
"application/json; charset=utf-8"
],
"Cache-Control": [
"private, max-age=60, s-maxage=60"
],
"Vary": [
"Accept, Authorization, Cookie, X-GitHub-OTP,Accept-Encoding, Accept, X-Requested-With"
],
"Etag": [
"W/\"7a86f4321c1d0f17a11c8d0a1c1105f6bda69697bfd035b8d50a6cda1e17c5a6\""
],
"X-Oauth-Scopes": [
"admin:public_key, codespace, gist, read:org, repo"
],
"X-Accepted-Oauth-Scopes": [
"repo"
],
"X-Oauth-Client-Id": [
"178c6fc778ccc68e1d6a"
],
"X-Github-Media-Type": [
"github.v3; format=json"
],
"X-Github-Api-Version-Selected": [
"2022-11-28"
],
"X-Ratelimit-Limit": [
"5000"
],
"X-Ratelimit-Remaining": [
"4891"
],
"X-Ratelimit-Reset": [
"1721311964"
],
"X-Ratelimit-Used": [
"109"
],
"X-Ratelimit-Resource": [
"core"
],
"Access-Control-Expose-Headers": [
"ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset"
],
"Access-Control-Allow-Origin": [
"*"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubdomains; preload"
],
"X-Frame-Options": [
"deny"
],
"X-Content-Type-Options": [
"nosniff"
],
"X-Xss-Protection": [
"0"
],
"Referrer-Policy": [
"origin-when-cross-origin, strict-origin-when-cross-origin"
],
"Content-Security-Policy": [
"default-src 'none'"
],
"Transfer-Encoding": [
"chunked"
],
"X-Github-Request-Id": [
"DA13:209DFA:411CDC6:78D2A89:66991BA2"
],
"Server": [
"github.com"
]
},
"body": {
"encoding": "ASCII-8BIT",
"base64_string": "eyJlbmFibGVkIjpmYWxzZSwicGF1c2VkIjpmYWxzZX0=\n"
}
},
"recorded_at": "Thu, 18 Jul 2024 13:41:54 GMT"
}
],
"recorded_with": "VCR 6.2.0"
}
Loading