diff --git a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md index 8345a2818043..db4b5df7f106 100644 --- a/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md +++ b/content/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits.md @@ -103,3 +103,16 @@ By default, the rate limit for {% data variables.product.prodname_actions %} is ``` 1. Wait for the configuration run to complete. + +## Controlling the rate for the live update service + +If the number of AJAX requests to your {% data variables.product.prodname_ghe_server %} instance causes problems, then you may need to edit the rate limit for the WebSockets controller used by these live updates. For details of how to view Alive requests, see [AUTOTITLE](/admin/monitoring-and-managing-your-instance/monitoring-your-instance/about-the-monitor-dashboards). + +By default, a maximum of 100 requests is allowed per minute for each IP address. Administrators with access to the administrative shell can use the [ghe-config](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-config) utility to set `app.github.web-sockets-rate-limit` with the number of requests allowed per minute for each IP address or disable this rate limit. Setting the limit to any value that is not a positive integer (for example, `0`, `-1`, `disabled`) disables rate limiting on the WebSockets controller for live updates. + +{% data reusables.github-connect.rate-limit-live-dotcom-requests %} + +> [!IMPORTANT] +> This rate limit will not apply until you also enable the global rate limiter using `ghe-config app.github.rate-limiting-enabled 1`. When you enable the global rate limiter, other {% data variables.product.github %} features may also experience rate limits. Monitor your instance closely to check for any unexpected request rejections. + +After you make any changes to the values of these settings, run [ghe-config-apply](/admin/administering-your-instance/administering-your-instance-from-the-command-line/command-line-utilities#ghe-config-apply) to apply the settings. diff --git a/data/release-notes/enterprise-server/3-13/14.yml b/data/release-notes/enterprise-server/3-13/14.yml index 1600d11b414b..de6ab133810b 100644 --- a/data/release-notes/enterprise-server/3-13/14.yml +++ b/data/release-notes/enterprise-server/3-13/14.yml @@ -1,8 +1,6 @@ date: '2025-04-17' sections: security_fixes: - - | - **HIGH**: An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available, such as during a hot patch upgrade. This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/cverecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | **MEDIUM:** An attacker could view private repository names, which the signed-in user is not authorized to see, in the GitHub Advanced Security Overview. This was due to a missing authorization check and occurred when filtering with _only_ `archived:`. GitHub has requested CVE ID [CVE-2025-3124](https://www.cve.org/CVERecord?id=CVE-2025-3124) for this vulnerability. bugs: diff --git a/data/release-notes/enterprise-server/3-13/16.yml b/data/release-notes/enterprise-server/3-13/16.yml new file mode 100644 index 000000000000..8ed9b3162f8a --- /dev/null +++ b/data/release-notes/enterprise-server/3-13/16.yml @@ -0,0 +1,44 @@ +date: '2025-06-18' +sections: + security_fixes: + - | + **HIGH:** An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available (for example, during a hot patch upgrade). This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. The initial fix for this issue was found to be incomplete, leaving the vulnerability exploitable in some cases. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/CVERecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). + - | + Packages have been updated to the latest security versions. + bugs: + - | + On an instance with GitHub Actions configured to connect to Azure OIDC storage through a proxy, Actions logs and artifacts would not be properly stored. + - | + Site administrators and auditors reviewing audit logs saw the `mc_actor` field was empty when a user signed out, because audit logging occurred after the user was removed from session state. + - | + During hotpatching, site administrators could encounter issues with the kernel partition table not updating correctly when running `ghe-partition-setup`. These users had to manually intervene in order to complete the upgrade process. + - | + Users of GitHub Actions could not view or manage Actions artifacts and logs if the global AWS STS endpoint was unavailable, because Actions did not use the configured regional STS endpoint. + - | + If an Enterprise Managed User (EMU) pushed to their personal repository with both secret scanning and push protection enabled, the custom patterns defined at enterprise level were not being applied during the push protection scan. + changes: + - | + Site administrators can now set rate limits for the WebSockets controller used for live updates, with `ghe-config app.github.web-sockets-rate-limit`. For more information, see [Controlling the rate for the live update service](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#controlling-the-rate-for-the-live-update-service). + known_issues: + - | + During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start. + - | + If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)." + - | + On an instance with the HTTP `X-Forwarded-For` header configured for use behind a load balancer, all client IP addresses in the instance's audit log erroneously appear as 127.0.0.1. + - | + For an instance in a cluster configuration and with GitHub Actions enabled, restoring a cluster from backup requires targeting the primary DB node. + - | + When following the steps for [Replacing the primary MySQL node](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-the-primary-mysql-node), step 14 (running `ghe-cluster-config-apply`) might fail with errors. If this occurs, re-running `ghe-cluster-config-apply` is expected to succeed. + - | + Running a config apply as part of the steps for [Replacing a node in an emergency](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-a-node-in-an-emergency) may fail with errors if the node being replaced is still reachable. If this occurs, shutdown the node and repeat the steps. + - | + {% data reusables.release-notes.2024-06-possible-frontend-5-minute-outage-during-hotpatch-upgrade %} + - | + When restoring data originally backed up from a 3.13 or greater appliance version, the Elasticsearch indices need to be reindexed before some of the data will show up. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. + - | + When restoring from a backup snapshot, a large number of `mapper_parsing_exception` errors may be displayed. + - | + After a restore, existing outside collaborators cannot be added to repositories in a new organization. This issue can be resolved by running `/usr/local/share/enterprise/ghe-es-search-repair` on the appliance. + - | + After a geo-replica is promoted to be a primary by running `ghe-repl-promote`, the actions workflow of a repository does not have any suggested workflows. diff --git a/data/release-notes/enterprise-server/3-14/11.yml b/data/release-notes/enterprise-server/3-14/11.yml index 35652395b6d4..62bc6e3e2bb7 100644 --- a/data/release-notes/enterprise-server/3-14/11.yml +++ b/data/release-notes/enterprise-server/3-14/11.yml @@ -1,8 +1,6 @@ date: '2025-04-17' sections: security_fixes: - - | - **HIGH**: An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available, such as during a hot patch upgrade. This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/cverecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | **MEDIUM:** An attacker could view private repository names, which the signed-in user is not authorized to see, in the GitHub Advanced Security Overview. This was due to a missing authorization check and occurred when filtering with _only_ `archived:`. GitHub has requested CVE ID [CVE-2025-3124](https://www.cve.org/CVERecord?id=CVE-2025-3124) for this vulnerability. bugs: diff --git a/data/release-notes/enterprise-server/3-14/13.yml b/data/release-notes/enterprise-server/3-14/13.yml new file mode 100644 index 000000000000..5e8bdd4258a9 --- /dev/null +++ b/data/release-notes/enterprise-server/3-14/13.yml @@ -0,0 +1,61 @@ +date: '2025-06-18' +sections: + security_fixes: + - | + **HIGH:** An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available (for example, during a hot patch upgrade). This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. The initial fix for this issue was found to be incomplete, leaving the vulnerability exploitable in some cases. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/CVERecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). + - | + Packages have been updated to the latest security versions. + bugs: + - | + On an instance with GitHub Actions configured to connect to Azure OIDC storage through a proxy, Actions logs and artifacts would not be properly stored. + - | + Site administrators and auditors reviewing audit logs saw the `mc_actor` field was empty when a user signed out, because audit logging occurred after the user was removed from session state. + - | + During hotpatching, site administrators could encounter issues with the kernel partition table not updating correctly when running `ghe-partition-setup`. These users had to manually intervene in order to complete the upgrade process. + - | + Users of GitHub Actions could not view or manage Actions artifacts and logs if the global AWS STS endpoint was unavailable, because Actions did not use the configured regional STS endpoint. + - | + On instances with a large number of code scanning users, running `ghe-config-apply` previously resulted in slow performance. + - | + Organization owners had no audit log events to track organization announcements displayed on banners in the UI. + - | + If an Enterprise Managed User (EMU) pushed to their personal repository with both secret scanning and push protection enabled, the custom patterns defined at enterprise level were not being applied during the push protection scan. + changes: + - | + Site administrators can now set rate limits for the WebSockets controller used for live updates, with `ghe-config app.github.web-sockets-rate-limit`. For more information, see [Controlling the rate for the live update service](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#controlling-the-rate-for-the-live-update-service). + closing_down: + - | + Site administrators who manage dependencies with the base-pinned image should no longer rely on the vulcanizer CLI, as it is in the process of being retired and replaced with vulcancli. Transition to vulcancli to ensure continued support and compatibility. + known_issues: + - | + During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start. + - | + If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)." + - | + On an instance with the HTTP `X-Forwarded-For` header configured for use behind a load balancer, all client IP addresses in the instance's audit log erroneously appear as 127.0.0.1. + - | + {% data reusables.release-notes.large-adoc-files-issue %} + - | + Admin stats REST API endpoints may timeout on appliances with many users or repositories. Retrying the request until data is returned is advised. + - | + When following the steps for [Replacing the primary MySQL node](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-the-primary-mysql-node), step 14 (running `ghe-cluster-config-apply`) might fail with errors. If this occurs, re-running `ghe-cluster-config-apply` is expected to succeed. + - | + Running a config apply as part of the steps for [Replacing a node in an emergency](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-a-node-in-an-emergency) may fail with errors if the node being replaced is still reachable. If this occurs, shutdown the node and repeat the steps. + - | + {% data reusables.release-notes.2024-06-possible-frontend-5-minute-outage-during-hotpatch-upgrade %} + - | + When restoring data originally backed up from a 3.13 or greater appliance version, the Elasticsearch indices need to be reindexed before some of the data will show up. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. + - | + An organization-level code scanning configuration page is displayed on instances that do not use GitHub Advanced Security or code scanning. + - | + In the header bar displayed to site administrators, some icons are not available. + - | + When enabling automatic update checks for the first time in the Management Console, the status is not dynamically reflected until the "Updates" page is reloaded. + - | + When restoring from a backup snapshot, a large number of `mapper_parsing_exception` errors may be displayed. + - | + After a restore, existing outside collaborators cannot be added to repositories in a new organization. This issue can be resolved by running `/usr/local/share/enterprise/ghe-es-search-repair` on the appliance. + - | + After a geo-replica is promoted to be a primary by running `ghe-repl-promote`, the actions workflow of a repository does not have any suggested workflows. + - | + Unexpected elements may appear in the UI on the repo overview page for locked repositories. diff --git a/data/release-notes/enterprise-server/3-15/6.yml b/data/release-notes/enterprise-server/3-15/6.yml index 5818e2fea987..e44bcc5ff936 100644 --- a/data/release-notes/enterprise-server/3-15/6.yml +++ b/data/release-notes/enterprise-server/3-15/6.yml @@ -1,8 +1,6 @@ date: '2025-04-17' sections: security_fixes: - - | - **HIGH**: An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available, such as during a hot patch upgrade. This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/cverecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | **MEDIUM:** An attacker could view private repository names, which the signed-in user is not authorized to see, in the GitHub Advanced Security Overview. This was due to a missing authorization check and occurred when filtering with _only_ `archived:`. GitHub has requested CVE ID [CVE-2025-3124](https://www.cve.org/CVERecord?id=CVE-2025-3124) for this vulnerability. bugs: diff --git a/data/release-notes/enterprise-server/3-15/8.yml b/data/release-notes/enterprise-server/3-15/8.yml new file mode 100644 index 000000000000..2a49880de83a --- /dev/null +++ b/data/release-notes/enterprise-server/3-15/8.yml @@ -0,0 +1,65 @@ +date: '2025-06-18' +sections: + security_fixes: + - | + **HIGH:** An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available (for example, during a hot patch upgrade). This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. The initial fix for this issue was found to be incomplete, leaving the vulnerability exploitable in some cases. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/CVERecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). + - | + Packages have been updated to the latest security versions. + bugs: + - | + The Management Console maintenance page would not load correctly if the underlying API call fails to load the connection services data. + - | + On an instance with GitHub Actions configured to connect to Azure OIDC storage through a proxy, Actions logs and artifacts would not be properly stored. + - | + Site administrators and auditors reviewing audit logs saw the `mc_actor` field was empty when a user signed out, because audit logging occurred after the user was removed from session state. + - | + On instances with a large number of code scanning users, running `ghe-config-apply` previously resulted in slow performance. + - | + During hotpatching, site administrators could encounter issues with the kernel partition table not updating correctly when running `ghe-partition-setup`. These users had to manually intervene in order to complete the upgrade process. + - | + Users of GitHub Actions could not view or manage Actions artifacts and logs if the global AWS STS endpoint was unavailable, because Actions did not use the configured regional STS endpoint. + - | + Organization owners had no audit log events to track organization announcements displayed on banners in the UI. + - | + If an Enterprise Managed User (EMU) pushed to their personal repository with both secret scanning and push protection enabled, the custom patterns defined at enterprise level were not being applied during the push protection scan. + changes: + - | + To ensure critical integrations and automated systems have uninterrupted access, the `/repositories/:repository_id/collaborators` endpoints now honor the higher rate limits for exempt users set with `ghe-config app.github.rate-limiting-exempt-users ""`. + - | + Site administrators can now set rate limits for the WebSockets controller used for live updates, with `ghe-config app.github.web-sockets-rate-limit`. For more information, see [Controlling the rate for the live update service](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#controlling-the-rate-for-the-live-update-service). + closing_down: + - | + Site administrators who manage dependencies with the base-pinned image should no longer rely on the vulcanizer CLI, as it is in the process of being retired and replaced with vulcancli. Transition to vulcancli to ensure continued support and compatibility. + known_issues: + - | + During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start. + - | + If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)." + - | + On an instance with the HTTP `X-Forwarded-For` header configured for use behind a load balancer, all client IP addresses in the instance's audit log erroneously appear as 127.0.0.1. + - | + {% data reusables.release-notes.large-adoc-files-issue %} + - | + Admin stats REST API endpoints may timeout on appliances with many users or repositories. Retrying the request until data is returned is advised. + - | + When following the steps for [Replacing the primary MySQL node](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-the-primary-mysql-node), step 14 (running `ghe-cluster-config-apply`) might fail with errors. If this occurs, re-running `ghe-cluster-config-apply` is expected to succeed. + - | + Running a config apply as part of the steps for [Replacing a node in an emergency](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-a-node-in-an-emergency) may fail with errors if the node being replaced is still reachable. If this occurs, shutdown the node and repeat the steps. + - | + {% data reusables.release-notes.2024-06-possible-frontend-5-minute-outage-during-hotpatch-upgrade %} + - | + When restoring data originally backed up from a 3.13 or greater appliance version, the Elasticsearch indices need to be reindexed before some of the data will show up. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. + - | + An organization-level code scanning configuration page is displayed on instances that do not use GitHub Advanced Security or code scanning. + - | + In the header bar displayed to site administrators, some icons are not available. + - | + When enabling automatic update checks for the first time in the Management Console, the status is not dynamically reflected until the "Updates" page is reloaded. + - | + When restoring from a backup snapshot, a large number of `mapper_parsing_exception` errors may be displayed. + - | + When initializing a new GHES cluster, nodes with the `consul-server` role should be added to the cluster before adding additional nodes. Adding all nodes simultaneously creates a race condition between nomad server registration and nomad client registration. + - | + Admins setting up cluster high availability (HA) may encounter a spokes error when running `ghe-cluster-repl-status` if a new organization and repositories are created before using the `ghe-cluster-repl-bootstrap` command. To avoid this issue, complete the cluster HA setup with `ghe-cluster-repl-bootstrap` before creating new organizations and repositories. + - | + After a restore, existing outside collaborators cannot be added to repositories in a new organization. This issue can be resolved by running `/usr/local/share/enterprise/ghe-es-search-repair` on the appliance. diff --git a/data/release-notes/enterprise-server/3-16/2.yml b/data/release-notes/enterprise-server/3-16/2.yml index 436f4d0965cf..484d9eac3b3e 100644 --- a/data/release-notes/enterprise-server/3-16/2.yml +++ b/data/release-notes/enterprise-server/3-16/2.yml @@ -1,8 +1,6 @@ date: '2025-04-17' sections: security_fixes: - - | - **HIGH**: An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available, such as during a hot patch upgrade. This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/cverecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). - | **MEDIUM:** An attacker could view private repository names, which the signed-in user is not authorized to see, in the GitHub Advanced Security Overview. This was due to a missing authorization check and occurred when filtering with _only_ `archived:`. GitHub has requested CVE ID [CVE-2025-3124](https://www.cve.org/CVERecord?id=CVE-2025-3124) for this vulnerability. - | diff --git a/data/release-notes/enterprise-server/3-16/4.yml b/data/release-notes/enterprise-server/3-16/4.yml new file mode 100644 index 000000000000..2288fe4e663d --- /dev/null +++ b/data/release-notes/enterprise-server/3-16/4.yml @@ -0,0 +1,81 @@ +date: '2025-06-18' +sections: + security_fixes: + - | + **HIGH:** An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available (for example, during a hot patch upgrade). This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. The initial fix for this issue was found to be incomplete, leaving the vulnerability exploitable in some cases. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/CVERecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). + - | + Packages have been updated to the latest security versions. + bugs: + - | + The Management Console maintenance page would not load correctly if the underlying API call fails to load the connection services data. + - | + On an instance with GitHub Actions configured to connect to Azure OIDC storage through a proxy, Actions logs and artifacts would not be properly stored. + - | + Site administrators and auditors reviewing audit logs saw the `mc_actor` field was empty when a user signed out, because audit logging occurred after the user was removed from session state. + - | + On instances with a large number of code scanning users, running `ghe-config-apply` previously resulted in slow performance. + - | + During hotpatching, site administrators could encounter issues with the kernel partition table not updating correctly when running `ghe-partition-setup`. These users had to manually intervene in order to complete the upgrade process. + - | + Users of GitHub Actions could not view or manage Actions artifacts and logs if the global AWS STS endpoint was unavailable, because Actions did not use the configured regional STS endpoint. + - | + On an instance with GitHub Actions disabled, status check icons failed to render on repository commit lists. + - | + When users clicked and held on search suggestions in the search bar, they were not taken to the correct location. + - | + Organization owners had no audit log events to track organization announcements displayed on banners in the UI. + - | + If an Enterprise Managed User (EMU) pushed to their personal repository with both secret scanning and push protection enabled, the custom patterns defined at enterprise level were not being applied during the push protection scan. + - | + When an administrator suspended a user from the site admin dashboard, the form required them to complete Digital Services Act (DSA) fields that are not relevant on GitHub Enterprise Server. + - | + After an appliance reboot, code scanning did not always trigger or process analyses. + changes: + - | + Site administrators who test the Prometheus endpoint can now use 127.0.0.1 as a trusted IP address. Previously, only specific IPs were allowed for testing. + - | + To ensure critical integrations and automated systems have uninterrupted access, the `/repositories/:repository_id/collaborators` endpoints now honor the higher rate limits for exempt users set with `ghe-config app.github.rate-limiting-exempt-users ""`. + - | + Site administrators can now set rate limits for the WebSockets controller used for live updates, with `ghe-config app.github.web-sockets-rate-limit`. For more information, see [Controlling the rate for the live update service](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#controlling-the-rate-for-the-live-update-service). + closing_down: + - | + Site administrators who manage dependencies with the base-pinned image should no longer rely on the vulcanizer CLI, as it is in the process of being retired and replaced with vulcancli. Transition to vulcancli to ensure continued support and compatibility. + known_issues: + - | + Custom firewall rules are removed during the upgrade process. + - | + During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start. + - | + If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)." + - | + On an instance with the HTTP `X-Forwarded-For` header configured for use behind a load balancer, all client IP addresses in the instance's audit log erroneously appear as 127.0.0.1. + - | + {% data reusables.release-notes.large-adoc-files-issue %} + - | + Admin stats REST API endpoints may timeout on appliances with many users or repositories. Retrying the request until data is returned is advised. + - | + When following the steps for [Replacing the primary MySQL node](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-the-primary-mysql-node), step 14 (running `ghe-cluster-config-apply`) might fail with errors. If this occurs, re-running `ghe-cluster-config-apply` is expected to succeed. + - | + Running a config apply as part of the steps for [Replacing a node in an emergency](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-a-node-in-an-emergency) may fail with errors if the node being replaced is still reachable. If this occurs, shutdown the node and repeat the steps. + - | + {% data reusables.release-notes.2024-06-possible-frontend-5-minute-outage-during-hotpatch-upgrade %} + - | + When restoring data originally backed up from a 3.13 or greater appliance version, the Elasticsearch indices need to be reindexed before some of the data will show up. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. + - | + An organization-level code scanning configuration page is displayed on instances that do not use GitHub Advanced Security or code scanning. + - | + When enabling automatic update checks for the first time in the Management Console, the status is not dynamically reflected until the "Updates" page is reloaded. + - | + When restoring from a backup snapshot, a large number of `mapper_parsing_exception` errors may be displayed. + - | + When initializing a new GHES cluster, nodes with the `consul-server` role should be added to the cluster before adding additional nodes. Adding all nodes simultaneously creates a race condition between nomad server registration and nomad client registration. + - | + Admins setting up cluster high availability (HA) may encounter a spokes error when running `ghe-cluster-repl-status` if a new organization and repositories are created before using the `ghe-cluster-repl-bootstrap` command. To avoid this issue, complete the cluster HA setup with `ghe-cluster-repl-bootstrap` before creating new organizations and repositories. + - | + In a cluster, the host running restore requires access the storage nodes via their private IPs. + - | + On an instance hosted on Azure, comments made on an issue via email are not added to the issue. + - | + After a restore, existing outside collaborators cannot be added to repositories in a new organization. This issue can be resolved by running `/usr/local/share/enterprise/ghe-es-search-repair` on the appliance. + - | + After a geo-replica is promoted to be a primary by running `ghe-repl-promote`, the actions workflow of a repository does not have any suggested workflows. diff --git a/data/release-notes/enterprise-server/3-17/1.yml b/data/release-notes/enterprise-server/3-17/1.yml new file mode 100644 index 000000000000..7c95b1bb7a66 --- /dev/null +++ b/data/release-notes/enterprise-server/3-17/1.yml @@ -0,0 +1,75 @@ +date: '2025-06-18' +sections: + security_fixes: + - | + **HIGH:** An attacker could execute arbitrary code, potentially leading to privilege escalation and system compromise, by exploiting the pre-receive hook functionality to bind to dynamically allocated ports that become temporarily available (for example, during a hot patch upgrade). This vulnerability is only exploitable under specific operational conditions, such as during the hot patching process, and requires either site administrator permissions or a user with privileges to modify repositories containing pre-receive hooks. The initial fix for this issue was found to be incomplete, leaving the vulnerability exploitable in some cases. GitHub has requested CVE ID: [CVE-2025-3509](https://www.cve.org/CVERecord?id=CVE-2025-3509) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/). + - | + Packages have been updated to the latest security versions. + bugs: + - | + The Management Console maintenance page would not load correctly if the underlying API call fails to load the connection services data. + - | + On an instance with GitHub Actions configured to connect to Azure OIDC storage through a proxy, Actions logs and artifacts would not be properly stored. + - | + Site administrators and auditors reviewing audit logs saw the `mc_actor` field was empty when a user signed out, because audit logging occurred after the user was removed from session state. + - | + On instances with a large number of code scanning users, running `ghe-config-apply` previously resulted in slow performance. + - | + During hotpatching, site administrators could encounter issues with the kernel partition table not updating correctly when running `ghe-partition-setup`. These users had to manually intervene in order to complete the upgrade process. + - | + Users of GitHub Actions could not view or manage Actions artifacts and logs if the global AWS STS endpoint was unavailable, because Actions did not use the configured regional STS endpoint. + - | + Fixed an edge case for certain Security Configurations that would not automatically work when transitioning to unbundled GitHub Advanced Security SKUs. + - | + When users clicked and held on search suggestions in the search bar, they were not taken to the correct location. + - | + Organization owners had no audit log events to track organization announcements displayed on banners in the UI. + - | + If an Enterprise Managed User (EMU) pushed to their personal repository with both secret scanning and push protection enabled, the custom patterns defined at enterprise level were not being applied during the push protection scan. + - | + On instances with dangling commit graph lock files, recompute checksum operations were unexpectedly triggered. + - | + After an appliance reboot, code scanning did not always trigger or process analyses. + changes: + - | + Site administrators who test the Prometheus endpoint can now use 127.0.0.1 as a trusted IP address. Previously, only specific IPs were allowed for testing. + - | + To ensure critical integrations and automated systems have uninterrupted access, the `/repositories/:repository_id/collaborators` endpoints now honor the higher rate limits for exempt users set with `ghe-config app.github.rate-limiting-exempt-users ""`. + - | + Site administrators can now set rate limits for the WebSockets controller used for live updates, with `ghe-config app.github.web-sockets-rate-limit`. For more information, see [Controlling the rate for the live update service](/admin/configuring-settings/configuring-user-applications-for-your-enterprise/configuring-rate-limits#controlling-the-rate-for-the-live-update-service). + closing_down: + - | + Site administrators who manage dependencies with the base-pinned image should no longer rely on the vulcanizer CLI, as it is in the process of being retired and replaced with vulcancli. Transition to vulcancli to ensure continued support and compatibility. + known_issues: + - | + Custom firewall rules are removed during the upgrade process. + - | + During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start. + - | + If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)." + - | + {% data reusables.release-notes.large-adoc-files-issue %} + - | + Admin stats REST API endpoints may timeout on appliances with many users or repositories. Retrying the request until data is returned is advised. + - | + When following the steps for [Replacing the primary MySQL node](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-the-primary-mysql-node), step 14 (running `ghe-cluster-config-apply`) might fail with errors. If this occurs, re-running `ghe-cluster-config-apply` is expected to succeed. + - | + Running a config apply as part of the steps for [Replacing a node in an emergency](/admin/monitoring-managing-and-updating-your-instance/configuring-clustering/replacing-a-cluster-node#replacing-a-node-in-an-emergency) may fail with errors if the node being replaced is still reachable. If this occurs, shutdown the node and repeat the steps. + - | + When restoring data originally backed up from a 3.13 or greater appliance version, the Elasticsearch indices need to be reindexed before some of the data will show up. This happens via a nightly scheduled job. It can also be forced by running `/usr/local/share/enterprise/ghe-es-search-repair`. + - | + When initializing a new GHES cluster, nodes with the `consul-server` role should be added to the cluster before adding additional nodes. Adding all nodes simultaneously creates a race condition between nomad server registration and nomad client registration. + - | + Admins setting up cluster high availability (HA) may encounter a spokes error when running `ghe-cluster-repl-status` if a new organization and repositories are created before using the `ghe-cluster-repl-bootstrap` command. To avoid this issue, complete the cluster HA setup with `ghe-cluster-repl-bootstrap` before creating new organizations and repositories. + - | + In a cluster, the host running restore requires to access the storage nodes via their private IP addresses. + - | + On an instance hosted on Azure, comments made on an issue via email are not added to the issue. + - | + After a restore, existing outside collaborators cannot be added to repositories in a new organization. This issue can be resolved by running `/usr/local/share/enterprise/ghe-es-search-repair` on the appliance. + - | + After a geo-replica is promoted to be a primary by running `ghe-repl-promote`, the actions workflow of a repository does not have any suggested workflows. + - | + When publishing npm packages in a workflow after restoring from a backup to GitHub Enterprise Server 3.13.5.gm4 or 3.14.2.gm3, you may encounter a `401 Unauthorized` error from the GitHub Packages service. This can happen if the restore is from an N-1 or N-2 version and the workflow targets the npm endpoint on the backup instance. To avoid this issue, ensure the access token is valid and includes the correct scopes for publishing to GitHub Packages. + - | + Uploading a new license with unbundled GitHub Advanced Security may not fully unbundle all the Security Configurations on the instance in certain cases. Any active Security Configurations will continue to function, but when attempting to apply the configurations to new repositories you may see errors like "Advanced Security is not purchased" or `Validation failed: Secret scanning non provider patterns. Non-provider patterns must be disabled when secret scanning is disabled`. Contact GitHub Support for assistance clearing this state in version 3.17.1. This issue will be resolved in version 3.17.2. diff --git a/data/reusables/github-connect/rate-limit-live-dotcom-requests.md b/data/reusables/github-connect/rate-limit-live-dotcom-requests.md new file mode 100644 index 000000000000..4c9dcb4dcd42 --- /dev/null +++ b/data/reusables/github-connect/rate-limit-live-dotcom-requests.md @@ -0,0 +1,10 @@ +{% ifversion ghes < 3.18 %} + +The `app.github.web-sockets-rate-limit` configuration setting was introduced in +{%- ifversion ghes = 3.13 %} **3.13.16**{%- endif %} +{%- ifversion ghes = 3.14 %} **3.14.13**{%- endif %} +{%- ifversion ghes = 3.15 %} **3.15.8**{%- endif %} +{%- ifversion ghes = 3.16 %} **3.16.4**{%- endif %} +{%- ifversion ghes = 3.17 %} **3.17.1**{%- endif %}. + +{% endif %} diff --git a/data/reusables/github-connect/sync-frequency.md b/data/reusables/github-connect/sync-frequency.md index 93f01ae83703..4ea0e58faf9c 100644 --- a/data/reusables/github-connect/sync-frequency.md +++ b/data/reusables/github-connect/sync-frequency.md @@ -1 +1 @@ -{% data variables.product.prodname_ghe_server %} sends updates hourly. +{% data variables.product.github %} requests updates hourly using {% data variables.product.prodname_github_connect %}. diff --git a/src/rest/data/ghes-3.16-2022-11-28/schema.json b/src/rest/data/ghes-3.16-2022-11-28/schema.json index 653562f29695..2f5b7ee679b3 100644 --- a/src/rest/data/ghes-3.16-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.16-2022-11-28/schema.json @@ -553,13 +553,13 @@ } ], "previews": [], + "descriptionHTML": "

Deletes an artifact for a workflow run.\nOAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Deletes an artifact for a workflow run.\nOAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -1000,13 +1000,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the total GitHub Actions cache usage for an enterprise.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the total GitHub Actions cache usage for an enterprise.\nThe data fetched using this API is refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -1080,13 +1080,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the GitHub Actions cache usage policy for an enterprise.

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the GitHub Actions cache usage policy for an enterprise.

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -2555,13 +2555,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the GitHub Actions permissions policy for organizations and allowed actions in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the GitHub Actions permissions policy for organizations and allowed actions in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -3021,13 +3021,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -3100,13 +3100,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the selected actions that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the selected actions that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -3254,13 +3254,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise,\nas well as whether GitHub Actions can submit approving pull request reviews. For more information, see\n\"Enforcing a policy for workflow permissions in your enterprise.\"

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

Success response

" } - ], - "descriptionHTML": "

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise,\nas well as whether GitHub Actions can submit approving pull request reviews. For more information, see\n\"Enforcing a policy for workflow permissions in your enterprise.\"

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -5375,13 +5375,13 @@ } ], "previews": [], + "descriptionHTML": "

Sets the GitHub Actions permissions policy for enabling GitHub Actions and allowed actions in the repository.

\n

If the repository belongs to an organization or enterprise that has set restrictive permissions at the organization or enterprise levels, such as allowed_actions to selected actions, then you cannot override them for the repository.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Sets the GitHub Actions permissions policy for enabling GitHub Actions and allowed actions in the repository.

\n

If the repository belongs to an organization or enterprise that has set restrictive permissions at the organization or enterprise levels, such as allowed_actions to selected actions, then you cannot override them for the repository.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -6499,13 +6499,13 @@ } ], "previews": [], + "descriptionHTML": "

Deletes a secret in an organization using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Deletes a secret in an organization using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -8129,13 +8129,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -8716,13 +8716,13 @@ } ], "previews": [], + "descriptionHTML": "

Get the public key for an environment, which you need to encrypt environment\nsecrets. You need to encrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Get the public key for an environment, which you need to encrypt environment\nsecrets. You need to encrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -9735,13 +9735,13 @@ } ], "previews": [], + "descriptionHTML": "

Updates the name and visibility of a self-hosted runner group in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Updates the name and visibility of a self-hosted runner group in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -9795,13 +9795,13 @@ } ], "previews": [], + "descriptionHTML": "

Deletes a self-hosted runner group for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Deletes a self-hosted runner group for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -10082,13 +10082,13 @@ } ], "previews": [], + "descriptionHTML": "

Replaces the list of organizations that have access to a self-hosted runner configured in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Replaces the list of organizations that have access to a self-hosted runner configured in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -10152,13 +10152,13 @@ } ], "previews": [], + "descriptionHTML": "

Adds an organization to the list of selected organizations that can access a self-hosted runner group. The runner group must have visibility set to selected. For more information, see \"Create a self-hosted runner group for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Adds an organization to the list of selected organizations that can access a self-hosted runner group. The runner group must have visibility set to selected. For more information, see \"Create a self-hosted runner group for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -10676,13 +10676,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes a self-hosted runner from a group configured in an enterprise. The runner is then returned to the default group.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes a self-hosted runner from a group configured in an enterprise. The runner is then returned to the default group.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -12721,13 +12721,13 @@ } ], "previews": [], + "descriptionHTML": "

Replaces the list of repositories that have access to a self-hosted runner group configured in an organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Replaces the list of repositories that have access to a self-hosted runner group configured in an organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -12871,13 +12871,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes a repository from the list of selected repositories that can access a self-hosted runner group. The runner group must have visibility set to selected. For more information, see \"Create a self-hosted runner group for an organization.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes a repository from the list of selected repositories that can access a self-hosted runner group. The runner group must have visibility set to selected. For more information, see \"Create a self-hosted runner group for an organization.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -13114,13 +13114,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists self-hosted runners that are in a specific organization group.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists self-hosted runners that are in a specific organization group.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -21106,13 +21106,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists binaries for the runner application that you can download and run.

\n

Authenticated users must have admin access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists binaries for the runner application that you can download and run.

\n

Authenticated users must have admin access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -24958,13 +24958,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets a specific variable in an organization.

\n

The authenticated user must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets a specific variable in an organization.

\n

The authenticated user must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -27465,13 +27465,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets a specific variable in an environment.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets a specific variable in an environment.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -27567,13 +27567,13 @@ } ], "previews": [], + "descriptionHTML": "

Updates an environment variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Updates an environment variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -55441,13 +55441,13 @@ } ], "previews": [], + "descriptionHTML": "

Note

\n

\nThis API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.

\n
", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Note

\n

\nThis API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.

\n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -59256,13 +59256,13 @@ } ], "previews": [], + "descriptionHTML": "

Note

\n

\nThis API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.

\n
", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Note

\n

\nThis API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.

\n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -80978,13 +80978,13 @@ } ], "previews": [], + "descriptionHTML": "

Marks a thread as \"done.\" Marking a thread as \"done\" is equivalent to marking a notification in your notification inbox on GitHub Enterprise Server as done: https://github.com/notifications.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No content

" } - ], - "descriptionHTML": "

Marks a thread as \"done.\" Marking a thread as \"done\" is equivalent to marking a notification in your notification inbox on GitHub Enterprise Server as done: https://github.com/notifications.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -90831,13 +90831,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the announcement banner currently set for the organization. Only returns the announcement banner set at the\norganization level. Organization members may also see an enterprise-level announcement banner. To get an\nannouncement banner displayed at the enterprise level, use the enterprise-level endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the announcement banner currently set for the organization. Only returns the announcement banner set at the\norganization level. Organization members may also see an enterprise-level announcement banner. To get an\nannouncement banner displayed at the enterprise level, use the enterprise-level endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -91016,13 +91016,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes the announcement banner currently set for the organization.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes the announcement banner currently set for the organization.

" + ] } ] }, @@ -148687,13 +148687,13 @@ } ], "previews": [], + "descriptionHTML": "

Changes the default automatic flow when creating check suites. By default, a check suite is automatically created each time code is pushed to a repository. When you disable the automatic creation of check suites, you can manually Create a check suite.\nYou must have admin permissions in the repository to set preferences for check suites.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Changes the default automatic flow when creating check suites. By default, a check suite is automatically created each time code is pushed to a repository. When you disable the automatic creation of check suites, you can manually Create a check suite.\nYou must have admin permissions in the repository to set preferences for check suites.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -165369,6 +165369,7 @@ } ], "previews": [], + "descriptionHTML": "

Updates a code security configuration in an organization.

\n

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

\n

Note

\n

\nOnly installed security products may be specified in the request body. Specifying an uninstalled security product will result in a validation error.

\n
", "statusCodes": [ { "httpStatusCode": "200", @@ -165378,8 +165379,7 @@ "httpStatusCode": "204", "description": "

Response when no new updates are made

" } - ], - "descriptionHTML": "

Updates a code security configuration in an organization.

\n

The authenticated user must be an administrator or security manager for the organization to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the write:org scope to use this endpoint.

\n

Note

\n

\nOnly installed security products may be specified in the request body. Specifying an uninstalled security product will result in a validation error.

\n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -193731,13 +193731,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets a single organization secret without revealing its encrypted value.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets a single organization secret without revealing its encrypted value.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -194934,13 +194934,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -201465,13 +201465,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists the environments for a repository.

\n

Anyone with read access to the repository can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists the environments for a repository.

\n

Anyone with read access to the repository can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -208951,13 +208951,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209145,13 +209145,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209266,13 +209266,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209450,13 +209450,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the statistics about security products for a GitHub Enterprise Server instance.

\n

To use this endpoint, you must be a site admin.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the statistics about security products for a GitHub Enterprise Server instance.

\n

To use this endpoint, you must be a site admin.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209600,13 +209600,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the current message and expiration date of the global announcement banner in your enterprise.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets the current message and expiration date of the global announcement banner in your enterprise.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -212653,13 +212653,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -213563,6 +213563,7 @@ } ], "previews": [], + "descriptionHTML": "

Gets the configured SSH keys on all available nodes. For more information, see \"Accessing the administrative shell (SSH).\"

", "statusCodes": [ { "httpStatusCode": "200", @@ -213576,8 +213577,7 @@ "httpStatusCode": "401", "description": "

Unauthorized

" } - ], - "descriptionHTML": "

Gets the configured SSH keys on all available nodes. For more information, see \"Accessing the administrative shell (SSH).\"

" + ] }, { "serverUrl": "http(s)://HOSTNAME", @@ -216241,13 +216241,13 @@ } ], "previews": [], + "descriptionHTML": "

List all pre-receive hooks that are enabled or testing for this organization as well as any disabled hooks that can be configured at the organization level. Globally disabled pre-receive hooks that do not allow downstream configuration are not listed.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

List all pre-receive hooks that are enabled or testing for this organization as well as any disabled hooks that can be configured at the organization level. Globally disabled pre-receive hooks that do not allow downstream configuration are not listed.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -216443,13 +216443,13 @@ } ], "previews": [], + "descriptionHTML": "

For pre-receive hooks which are allowed to be configured at the org level, you can set enforcement and allow_downstream_configuration

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

For pre-receive hooks which are allowed to be configured at the org level, you can set enforcement and allow_downstream_configuration

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -276231,6 +276231,7 @@ } ], "previews": [], + "descriptionHTML": "

You can use the REST API to get comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

\n

This endpoint supports the following custom media types. For more information, see \"Media types.\"

\n
    \n
  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
    • \n
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
    • \n
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
    • \n
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
    • \n
", "statusCodes": [ { "httpStatusCode": "200", @@ -276240,8 +276241,7 @@ "httpStatusCode": "404", "description": "

Resource not found

" } - ], - "descriptionHTML": "

You can use the REST API to get comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

\n

This endpoint supports the following custom media types. For more information, see \"Media types.\"

\n
    \n
  • application/vnd.github.raw+json: Returns the raw markdown body. Response will include body. This is the default if you do not pass any specific media type.
    • \n
  • application/vnd.github.text+json: Returns a text only representation of the markdown body. Response will include body_text.
    • \n
  • application/vnd.github.html+json: Returns HTML rendered from the body's markdown. Response will include body_html.
    • \n
  • application/vnd.github.full+json: Returns raw, text, and HTML representations. Response will include body, body_text, and body_html.
    • \n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -345015,13 +345015,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists all GitHub Apps in an organization. The installation count includes\nall GitHub Apps installed on repositories in the organization.

\n

The authenticated user must be an organization owner to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:read scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists all GitHub Apps in an organization. The installation count includes\nall GitHub Apps installed on repositories in the organization.

\n

The authenticated user must be an organization owner to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:read scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -346485,6 +346485,7 @@ } ], "previews": [], + "descriptionHTML": "

Removes a custom property that is defined for an organization.

\n

To use this endpoint, the authenticated user must be one of:

\n
    \n
  • An administrator for the organization.
    • \n
  • A user, or a user on a team, with the fine-grained permission of custom_properties_org_definitions_manager in the organization.
    • \n
", "statusCodes": [ { "httpStatusCode": "204", @@ -346498,8 +346499,7 @@ "httpStatusCode": "404", "description": "

Resource not found

" } - ], - "descriptionHTML": "

Removes a custom property that is defined for an organization.

\n

To use this endpoint, the authenticated user must be one of:

\n
    \n
  • An administrator for the organization.
    • \n
  • A user, or a user on a team, with the fine-grained permission of custom_properties_org_definitions_manager in the organization.
    • \n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -348979,6 +348979,7 @@ } ], "previews": [], + "descriptionHTML": "

List all users who are members of an organization. If the authenticated user is also a member of this organization then both concealed and public members will be returned.

", "statusCodes": [ { "httpStatusCode": "200", @@ -348988,8 +348989,7 @@ "httpStatusCode": "422", "description": "

Validation failed, or the endpoint has been spammed.

" } - ], - "descriptionHTML": "

List all users who are members of an organization. If the authenticated user is also a member of this organization then both concealed and public members will be returned.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -350444,6 +350444,7 @@ } ], "previews": [], + "descriptionHTML": "

Check if the provided user is a public member of the organization.

", "statusCodes": [ { "httpStatusCode": "204", @@ -350453,8 +350454,7 @@ "httpStatusCode": "404", "description": "

Not Found if user is not a public member

" } - ], - "descriptionHTML": "

Check if the provided user is a public member of the organization.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -350580,13 +350580,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes the public membership for the authenticated user from the specified organization, unless public visibility is enforced by default.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes the public membership for the authenticated user from the specified organization, unless public visibility is enforced by default.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -353088,13 +353088,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes an organization role from a team. For more information on organization roles, see \"Using organization roles.\"

\n

The authenticated user must be an administrator for the organization to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes an organization role from a team. For more information on organization roles, see \"Using organization roles.\"

\n

The authenticated user must be an administrator for the organization to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -354115,13 +354115,13 @@ } ], "previews": [], + "descriptionHTML": "

Deletes a custom organization role. For more information on custom organization roles, see \"Managing people's access to your organization with roles.\"

\n

To use this endpoint, the authenticated user must be one of:

\n
    \n
  • An administrator for the organization.
    • \n
  • A user, or a user on a team, with the fine-grained permissions of write_organization_custom_org_role in the organization.
    • \n
\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Deletes a custom organization role. For more information on custom organization roles, see \"Managing people's access to your organization with roles.\"

\n

To use this endpoint, the authenticated user must be one of:

\n
    \n
  • An administrator for the organization.
    • \n
  • A user, or a user on a team, with the fine-grained permissions of write_organization_custom_org_role in the organization.
    • \n
\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -373160,13 +373160,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets a specific package version in an organization.

\n

OAuth app tokens and personal access tokens (classic) need the read:packages scope to use this endpoint. For more information, see \"About permissions for GitHub Packages.\"

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets a specific package version in an organization.

\n

OAuth app tokens and personal access tokens (classic) need the read:packages scope to use this endpoint. For more information, see \"About permissions for GitHub Packages.\"

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -384485,13 +384485,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets information about a GitHub Enterprise Server Pages build.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets information about a GitHub Enterprise Server Pages build.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -437504,13 +437504,13 @@ } ], "previews": [], + "descriptionHTML": "

Note

\n

\nYou can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/issues/:issue_number/reactions/:reaction_id.

\n
\n

Delete a reaction to an issue.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Note

\n

\nYou can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/issues/:issue_number/reactions/:reaction_id.

\n
\n

Delete a reaction to an issue.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -500004,13 +500004,13 @@ } ], "previews": [], + "descriptionHTML": "

Returns the webhook configuration for a repository. To get more information about the webhook, including the active state and events, use \"Get a repository webhook.\"

\n

OAuth app tokens and personal access tokens (classic) need the read:repo_hook or repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Returns the webhook configuration for a repository. To get more information about the webhook, including the active state and events, use \"Get a repository webhook.\"

\n

OAuth app tokens and personal access tokens (classic) need the read:repo_hook or repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -520447,13 +520447,13 @@ } ], "previews": [], + "descriptionHTML": "

To delete a team, the authenticated user must be an organization owner or team maintainer.

\n

If you are an organization owner, deleting a parent team will delete all of its child teams as well.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}.

\n
", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

To delete a team, the authenticated user must be an organization owner or team maintainer.

\n

If you are an organization owner, deleting a parent team will delete all of its child teams as well.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}.

\n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -523587,13 +523587,13 @@ } ], "previews": [], + "descriptionHTML": "

To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a 422 Unprocessable Entity status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see \"HTTP method.\"

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

\n
\n

For more information about the permission levels, see \"Repository permission levels for an organization\".

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

To add a repository to a team or update the team's permission on a repository, the authenticated user must have admin access to the repository, and must be able to see the team. The repository must be owned by the organization, or a direct fork of a repository owned by the organization. You will get a 422 Unprocessable Entity status if you attempt to add a repository to a team that is not owned by the organization. Note that, if you choose not to pass any parameters, you'll need to set Content-Length to zero when calling out to this endpoint. For more information, see \"HTTP method.\"

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route PUT /organizations/{org_id}/team/{team_id}/repos/{owner}/{repo}.

\n
\n

For more information about the permission levels, see \"Repository permission levels for an organization\".

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -530986,13 +530986,13 @@ } ], "previews": [], + "descriptionHTML": "

List all comments on a team discussion.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments.

\n
\n

OAuth app tokens and personal access tokens (classic) need the read:discussion scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

List all comments on a team discussion.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments.

\n
\n

OAuth app tokens and personal access tokens (classic) need the read:discussion scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -532320,13 +532320,13 @@ } ], "previews": [], + "descriptionHTML": "

Edits the body text of a discussion comment.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route PATCH /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Edits the body text of a discussion comment.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route PATCH /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -532394,13 +532394,13 @@ } ], "previews": [], + "descriptionHTML": "

Deletes a comment on a team discussion.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Deletes a comment on a team discussion.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -534731,13 +534731,13 @@ } ], "previews": [], + "descriptionHTML": "

List all discussions on a team's page.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions.

\n
\n

OAuth app tokens and personal access tokens (classic) need the read:discussion scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

List all discussions on a team's page.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route GET /organizations/{org_id}/team/{team_id}/discussions.

\n
\n

OAuth app tokens and personal access tokens (classic) need the read:discussion scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -536251,13 +536251,13 @@ } ], "previews": [], + "descriptionHTML": "

Delete a discussion from a team's page.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Delete a discussion from a team's page.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -548439,13 +548439,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists the GPG keys for a user. This information is accessible by anyone.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists the GPG keys for a user. This information is accessible by anyone.

" + ] } ], "keys": [ diff --git a/src/rest/data/ghes-3.17-2022-11-28/schema.json b/src/rest/data/ghes-3.17-2022-11-28/schema.json index 3b03d6b2b67b..5650ead16546 100644 --- a/src/rest/data/ghes-3.17-2022-11-28/schema.json +++ b/src/rest/data/ghes-3.17-2022-11-28/schema.json @@ -2836,13 +2836,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists the organizations that are selected to have GitHub Actions enabled in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists the organizations that are selected to have GitHub Actions enabled in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -2901,13 +2901,13 @@ } ], "previews": [], - "descriptionHTML": "

Replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise. To use this endpoint, the enterprise permission policy for enabled_organizations must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -3178,13 +3178,13 @@ } ], "previews": [], - "descriptionHTML": "

Sets the actions that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Sets the actions that are allowed in an enterprise. To use this endpoint, the enterprise permission policy for allowed_actions must be configured to selected. For more information, see \"Set GitHub Actions permissions for an enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -3254,13 +3254,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise,\nas well as whether GitHub Actions can submit approving pull request reviews. For more information, see\n\"Enforcing a policy for workflow permissions in your enterprise.\"

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

Success response

" } - ], - "descriptionHTML": "

Gets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise,\nas well as whether GitHub Actions can submit approving pull request reviews. For more information, see\n\"Enforcing a policy for workflow permissions in your enterprise.\"

\n

OAuth tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -3326,13 +3326,13 @@ } ], "previews": [], + "descriptionHTML": "

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise, and sets\nwhether GitHub Actions can submit approving pull request reviews. For more information, see\n\"Enforcing a policy for workflow permissions in your enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

Success response

" } - ], - "descriptionHTML": "

Sets the default workflow permissions granted to the GITHUB_TOKEN when running workflows in an enterprise, and sets\nwhether GitHub Actions can submit approving pull request reviews. For more information, see\n\"Enforcing a policy for workflow permissions in your enterprise.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -4668,13 +4668,13 @@ } ], "previews": [], - "descriptionHTML": "

Lists the selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see \"Set GitHub Actions permissions for an organization.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Lists the selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see \"Set GitHub Actions permissions for an organization.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -4737,13 +4737,13 @@ } ], "previews": [], - "descriptionHTML": "

Replaces the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see \"Set GitHub Actions permissions for an organization.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Replaces the list of selected repositories that are enabled for GitHub Actions in an organization. To use this endpoint, the organization permission policy for enabled_repositories must be configured to selected. For more information, see \"Set GitHub Actions permissions for an organization.\"

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -5032,13 +5032,13 @@ } ], "previews": [], - "descriptionHTML": "

Sets the actions that are allowed in an organization. To use this endpoint, the organization permission policy for allowed_actions must be configured to selected. For more information, see \"Set GitHub Actions permissions for an organization.\"

\n

If the organization belongs to an enterprise that has selected actions set at the enterprise level, then you cannot override any of the enterprise's allowed actions settings.

\n

To use the patterns_allowed setting for private repositories, the organization must belong to an enterprise. If the organization does not belong to an enterprise, then the patterns_allowed setting only applies to public repositories in the organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Sets the actions that are allowed in an organization. To use this endpoint, the organization permission policy for allowed_actions must be configured to selected. For more information, see \"Set GitHub Actions permissions for an organization.\"

\n

If the organization belongs to an enterprise that has selected actions set at the enterprise level, then you cannot override any of the enterprise's allowed actions settings.

\n

To use the patterns_allowed setting for private repositories, the organization must belong to an enterprise. If the organization does not belong to an enterprise, then the patterns_allowed setting only applies to public repositories in the organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -7507,13 +7507,13 @@ } ], "previews": [], - "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -7585,13 +7585,13 @@ } ], "previews": [], - "descriptionHTML": "

Replaces all repositories for an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Replaces all repositories for an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -8600,13 +8600,13 @@ } ], "previews": [], - "descriptionHTML": "

Lists all secrets available in an environment without revealing their\nencrypted values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Lists all secrets available in an environment without revealing their\nencrypted values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -9261,13 +9261,13 @@ } ], "previews": [], - "descriptionHTML": "

Lists all self-hosted runner groups for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Lists all self-hosted runner groups for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -9444,13 +9444,13 @@ } ], "previews": [], - "descriptionHTML": "

Creates a new self-hosted runner group for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "201", "description": "

Created

" } - ] + ], + "descriptionHTML": "

Creates a new self-hosted runner group for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -10618,13 +10618,13 @@ } ], "previews": [], - "descriptionHTML": "

Adds a self-hosted runner to a runner group configured in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Adds a self-hosted runner to a runner group configured in an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -10688,13 +10688,13 @@ } ], "previews": [], + "descriptionHTML": "

Removes a self-hosted runner from a group configured in an enterprise. The runner is then returned to the default group.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Removes a self-hosted runner from a group configured in an enterprise. The runner is then returned to the default group.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -11235,13 +11235,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets a specific self-hosted runner group for an organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Gets a specific self-hosted runner group for an organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -11422,13 +11422,13 @@ } ], "previews": [], - "descriptionHTML": "

Updates the name and visibility of a self-hosted runner group in an organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Updates the name and visibility of a self-hosted runner group in an organization.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -13600,13 +13600,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists all self-hosted runners configured for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists all self-hosted runners configured for an enterprise.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -13728,13 +13728,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists binaries for the runner application that you can download and run.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists binaries for the runner application that you can download and run.

\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -15022,13 +15022,13 @@ } ], "previews": [], - "descriptionHTML": "

Returns a token that you can pass to the config script. The token expires after one hour.

\n

Example using registration token:

\n

Configure your self-hosted runner, replacing TOKEN with the registration token provided by this endpoint.

\n
./config.sh --url https://github.com/enterprises/octo-enterprise --token TOKEN\n
\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "201", "description": "

Created

" } - ] + ], + "descriptionHTML": "

Returns a token that you can pass to the config script. The token expires after one hour.

\n

Example using registration token:

\n

Configure your self-hosted runner, replacing TOKEN with the registration token provided by this endpoint.

\n
./config.sh --url https://github.com/enterprises/octo-enterprise --token TOKEN\n
\n

OAuth app tokens and personal access tokens (classic) need the manage_runners:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -17269,13 +17269,13 @@ } ], "previews": [], - "descriptionHTML": "

Lists all self-hosted runners configured in an organization.

\n

Authenticated users must have admin access to the organization to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Lists all self-hosted runners configured in an organization.

\n

Authenticated users must have admin access to the organization to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -19767,13 +19767,13 @@ } ], "previews": [], + "descriptionHTML": "

Returns a token that you can pass to the config script to remove a self-hosted runner from an organization. The token expires after one hour.

\n

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization:

\n
./config.sh remove --token TOKEN\n
\n

Authenticated users must have admin access to the organization to use this endpoint.

\n

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "201", "description": "

Created

" } - ], - "descriptionHTML": "

Returns a token that you can pass to the config script to remove a self-hosted runner from an organization. The token expires after one hour.

\n

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization:

\n
./config.sh remove --token TOKEN\n
\n

Authenticated users must have admin access to the organization to use this endpoint.

\n

OAuth tokens and personal access tokens (classic) need theadmin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -23526,13 +23526,13 @@ } ], "previews": [], + "descriptionHTML": "

Returns a token that you can pass to the config script to remove a self-hosted runner from an repository. The token expires after one hour.

\n

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization:

\n
./config.sh remove --token TOKEN\n
\n

Authenticated users must have admin access to the repository to use this endpoint.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "201", "description": "

Created

" } - ], - "descriptionHTML": "

Returns a token that you can pass to the config script to remove a self-hosted runner from an repository. The token expires after one hour.

\n

For example, you can replace TOKEN in the following example with the registration token provided by this endpoint to remove your self-hosted runner from an organization:

\n
./config.sh remove --token TOKEN\n
\n

Authenticated users must have admin access to the repository to use this endpoint.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -26319,7 +26319,6 @@ } ], "previews": [], - "descriptionHTML": "

Adds a repository to an organization variable that is available to selected repositories.\nOrganization variables that are available to selected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", @@ -26329,7 +26328,8 @@ "httpStatusCode": "409", "description": "

Response when the visibility of the variable is not set to selected

" } - ] + ], + "descriptionHTML": "

Adds a repository to an organization variable that is available to selected repositories.\nOrganization variables that are available to selected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -38381,13 +38381,13 @@ } ], "previews": [], - "descriptionHTML": "

Gets a specific workflow run attempt.

\n

Anyone with read access to the repository can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Gets a specific workflow run attempt.

\n

Anyone with read access to the repository can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -39492,13 +39492,13 @@ } ], "previews": [], - "descriptionHTML": "

Get all deployment environments for a workflow run that are waiting for protection rules to pass.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Get all deployment environments for a workflow run that are waiting for protection rules to pass.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -81134,13 +81134,13 @@ } ], "previews": [], - "descriptionHTML": "

Marks a thread as \"done.\" Marking a thread as \"done\" is equivalent to marking a notification in your notification inbox on GitHub Enterprise Server as done: https://github.com/notifications.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No content

" } - ] + ], + "descriptionHTML": "

Marks a thread as \"done.\" Marking a thread as \"done\" is equivalent to marking a notification in your notification inbox on GitHub Enterprise Server as done: https://github.com/notifications.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -103871,13 +103871,13 @@ } ], "previews": [], - "descriptionHTML": "

Revokes the installation token you're using to authenticate as an installation and access this endpoint.

\n

Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the \"Create an installation access token for an app\" endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Revokes the installation token you're using to authenticate as an installation and access this endpoint.

\n

Once an installation token is revoked, the token is invalidated and cannot be used. Other endpoints that require the revoked installation token must have a new installation token to work. You can create a new token using the \"Create an installation access token for an app\" endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -108710,13 +108710,13 @@ } ], "previews": [], + "descriptionHTML": "

Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see \"Creating a GitHub App.\"

\n

You must use a JWT to access this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Returns the webhook configuration for a GitHub App. For more information about configuring a webhook for your app, see \"Creating a GitHub App.\"

\n

You must use a JWT to access this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -161646,13 +161646,13 @@ } ], "previews": [], - "descriptionHTML": "

Lists the default code security configurations for an enterprise.

\n

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Lists the default code security configurations for an enterprise.

\n

The authenticated user must be an administrator of the enterprise in order to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the read:enterprise scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -170252,13 +170252,13 @@ } ], "previews": [], - "descriptionHTML": "

When authenticating as a user with admin rights to a repository, this endpoint will list all currently open repository invitations.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

When authenticating as a user with admin rights to a repository, this endpoint will list all currently open repository invitations.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -198838,13 +198838,13 @@ } ], "previews": [], - "descriptionHTML": "

Simple filtering of deployments is available via query parameters:

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Simple filtering of deployments is available via query parameters:

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -202982,13 +202982,13 @@ } ], "previews": [], + "descriptionHTML": "

Note

\n

\nTo get information about name patterns that branches must match in order to deploy to this environment, see \"Get a deployment branch policy.\"

\n
\n

Anyone with read access to the repository can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Note

\n

\nTo get information about name patterns that branches must match in order to deploy to this environment, see \"Get a deployment branch policy.\"

\n
\n

Anyone with read access to the repository can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint with a private repository.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -204277,13 +204277,13 @@ } ], "previews": [], + "descriptionHTML": "

Enable a custom deployment protection rule for an environment.

\n

The authenticated user must have admin or owner permissions to the repository to use this endpoint.

\n

For more information about the app that is providing this custom deployment rule, see the documentation for the GET /apps/{app_slug} endpoint, as well as the guide to creating custom deployment protection rules.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "201", "description": "

The enabled custom deployment protection rule

" } - ], - "descriptionHTML": "

Enable a custom deployment protection rule for an environment.

\n

The authenticated user must have admin or owner permissions to the repository to use this endpoint.

\n

For more information about the app that is providing this custom deployment rule, see the documentation for the GET /apps/{app_slug} endpoint, as well as the guide to creating custom deployment protection rules.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209530,13 +209530,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209724,13 +209724,13 @@ } ], "previews": [], - "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209787,13 +209787,13 @@ } ], "previews": [], - "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -209850,13 +209850,13 @@ } ], "previews": [], - "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -210039,13 +210039,13 @@ } ], "previews": [], - "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -210389,13 +210389,13 @@ } ], "previews": [], - "descriptionHTML": "

Gets the current message and expiration date of the global announcement banner in your enterprise.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ] + ], + "descriptionHTML": "

Gets the current message and expiration date of the global announcement banner in your enterprise.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -212472,13 +212472,13 @@ } ], "previews": [], - "descriptionHTML": "

Gets the GitHub Advanced Security active committers for an enterprise per repository.

\n

Each distinct user login across all repositories is counted as a single Advanced Security seat, so the total_advanced_security_committers is not the sum of active_users for each repository.

\n

The total number of repositories with committer information is tracked by the total_count field.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

Success

" } - ] + ], + "descriptionHTML": "

Gets the GitHub Advanced Security active committers for an enterprise per repository.

\n

Each distinct user login across all repositories is counted as a single Advanced Security seat, so the total_advanced_security_committers is not the sum of active_users for each repository.

\n

The total number of repositories with committer information is tracked by the total_count field.

" } ], "code-security-and-analysis": [ @@ -215208,7 +215208,6 @@ } ], "previews": [], - "descriptionHTML": "

When you boot and set up a GitHub instance for the first time, you can use this endpoint to upload a license and set the initial root site administrator password.

\n

Important

\n

\nTo start the configuration process and apply the license, you need to POST to /manage/v1/config/apply

\n
\n

The root site administrator password provided when calling this endpoint is used to authenticate for all other endpoints in the GHES Manage API and the Management Console UI.

\n

Note

\n

\nThe request body for this operation must be submitted as multipart/form-data data. You can can reference the license file by prefixing the filename with the @ symbol using curl. For more information, see the curl documentation.

\n
", "statusCodes": [ { "httpStatusCode": "202", @@ -215226,7 +215225,8 @@ "httpStatusCode": "500", "description": "

Internal error

" } - ] + ], + "descriptionHTML": "

When you boot and set up a GitHub instance for the first time, you can use this endpoint to upload a license and set the initial root site administrator password.

\n

Important

\n

\nTo start the configuration process and apply the license, you need to POST to /manage/v1/config/apply

\n
\n

The root site administrator password provided when calling this endpoint is used to authenticate for all other endpoints in the GHES Manage API and the Management Console UI.

\n

Note

\n

\nThe request body for this operation must be submitted as multipart/form-data data. You can can reference the license file by prefixing the filename with the @ symbol using curl. For more information, see the curl documentation.

\n
" }, { "serverUrl": "http(s)://HOSTNAME", @@ -218020,13 +218020,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -229020,13 +229020,13 @@ } ], "previews": [], - "descriptionHTML": "

You can demote any user account except your own.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

You can demote any user account except your own.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -272294,13 +272294,13 @@ } ], "previews": [], + "descriptionHTML": "

Adds up to 10 assignees to an issue. Users already assigned to an issue are not replaced.

", "statusCodes": [ { "httpStatusCode": "201", "description": "

Created

" } - ], - "descriptionHTML": "

Adds up to 10 assignees to an issue. Users already assigned to an issue are not replaced.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -278068,13 +278068,13 @@ } ], "previews": [], - "descriptionHTML": "

You can use the REST API to delete comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

You can use the REST API to delete comments on issues and pull requests. Every pull request is an issue, but not every issue is a pull request.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -302629,13 +302629,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists labels for issues in a milestone.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists labels for issues in a milestone.

" + ] } ], "milestones": [ @@ -333991,7 +333991,6 @@ } ], "previews": [], - "descriptionHTML": "

Warning

\n

\nClosing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.

\n
\n

You can use this API to list the set of OAuth applications that have been granted access to your account. Unlike the list your authorizations API, this API does not manage individual tokens. This API will return one entry for each OAuth application that has been granted access to your account, regardless of the number of tokens an application has generated for your user. The list of OAuth applications returned matches what is shown on the application authorizations settings screen within GitHub. The scopes returned are the union of scopes authorized for the application. For example, if an application has one token with repo scope and another token with user scope, the grant will return [\"repo\", \"user\"].

", "statusCodes": [ { "httpStatusCode": "200", @@ -334013,7 +334012,8 @@ "httpStatusCode": "404", "description": "

Resource not found

" } - ] + ], + "descriptionHTML": "

Warning

\n

\nClosing down notice: GitHub Enterprise Server will discontinue the OAuth Authorizations API, which is used by integrations to create personal access tokens and OAuth tokens, and you must now create these tokens using our web application flow. The OAuth Authorizations API will be removed on November 13, 2020. For more information, including scheduled brownouts, see the blog post.

\n
\n

You can use this API to list the set of OAuth applications that have been granted access to your account. Unlike the list your authorizations API, this API does not manage individual tokens. This API will return one entry for each OAuth application that has been granted access to your account, regardless of the number of tokens an application has generated for your user. The list of OAuth applications returned matches what is shown on the application authorizations settings screen within GitHub. The scopes returned are the union of scopes authorized for the application. For example, if an application has one token with repo scope and another token with user scope, the grant will return [\"repo\", \"user\"].

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -342831,7 +342831,6 @@ } ], "previews": [], - "descriptionHTML": "

Lists all organizations, in the order that they were created.

\n

Note

\n

\nPagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of organizations.

\n
", "statusCodes": [ { "httpStatusCode": "200", @@ -342841,7 +342840,8 @@ "httpStatusCode": "304", "description": "

Not modified

" } - ] + ], + "descriptionHTML": "

Lists all organizations, in the order that they were created.

\n

Note

\n

\nPagination is powered exclusively by the since parameter. Use the Link header to get the URL for the next page of organizations.

\n
" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -415674,6 +415674,7 @@ } ], "previews": [], + "descriptionHTML": "

Checks if a pull request has been merged into the base branch. The HTTP status of the response indicates whether or not the pull request has been merged; the response body is empty.

", "statusCodes": [ { "httpStatusCode": "204", @@ -415683,8 +415684,7 @@ "httpStatusCode": "404", "description": "

Not Found if pull request has not been merged

" } - ], - "descriptionHTML": "

Checks if a pull request has been merged into the base branch. The HTTP status of the response indicates whether or not the pull request has been merged; the response body is empty.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -439829,13 +439829,13 @@ } ], "previews": [], + "descriptionHTML": "

Note

\n

\nYou can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/issues/:issue_number/reactions/:reaction_id.

\n
\n

Delete a reaction to an issue.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ], - "descriptionHTML": "

Note

\n

\nYou can also specify a repository by repository_id using the route DELETE /repositories/:repository_id/issues/:issue_number/reactions/:reaction_id.

\n
\n

Delete a reaction to an issue.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -466879,13 +466879,13 @@ } ], "previews": [], + "descriptionHTML": "", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -486698,13 +486698,13 @@ } ], "previews": [], + "descriptionHTML": "

Gets a redirect URL to download a tar archive for a repository. If you omit :ref, the repository’s default branch (usually\nmain) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use\nthe Location header to make a second GET request.

\n

Note

\n

\nFor private repositories, these links are temporary and expire after five minutes.

\n
", "statusCodes": [ { "httpStatusCode": "302", "description": "

Found

" } - ], - "descriptionHTML": "

Gets a redirect URL to download a tar archive for a repository. If you omit :ref, the repository’s default branch (usually\nmain) will be used. Please make sure your HTTP framework is configured to follow redirects or you will need to use\nthe Location header to make a second GET request.

\n

Note

\n

\nFor private repositories, these links are temporary and expire after five minutes.

\n
" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -538219,13 +538219,13 @@ } ], "previews": [], - "descriptionHTML": "

Deletes a comment on a team discussion.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

", "statusCodes": [ { "httpStatusCode": "204", "description": "

No Content

" } - ] + ], + "descriptionHTML": "

Deletes a comment on a team discussion.

\n

Note

\n

\nYou can also specify a team by org_id and team_id using the route DELETE /organizations/{org_id}/team/{team_id}/discussions/{discussion_number}/comments/{comment_number}.

\n
\n

OAuth app tokens and personal access tokens (classic) need the write:discussion scope to use this endpoint.

" }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -544437,13 +544437,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists external groups available in an organization. You can query the groups using the display_name parameter, only groups with a group_name containing the text provided in the display_name parameter will be returned. You can also limit your page results using the per_page parameter. GitHub Enterprise Server generates a url-encoded page token using a cursor value for where the next page begins. For more information on cursor pagination, see \"Offset and Cursor Pagination explained.\"

\n

You can manage team membership with your identity provider using Enterprise Managed Users for GitHub Enterprise Cloud. For more information, see \"GitHub's products\" in the GitHub Help documentation.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists external groups available in an organization. You can query the groups using the display_name parameter, only groups with a group_name containing the text provided in the display_name parameter will be returned. You can also limit your page results using the per_page parameter. GitHub Enterprise Server generates a url-encoded page token using a cursor value for where the next page begins. For more information on cursor pagination, see \"Offset and Cursor Pagination explained.\"

\n

You can manage team membership with your identity provider using Enterprise Managed Users for GitHub Enterprise Cloud. For more information, see \"GitHub's products\" in the GitHub Help documentation.

" + ] }, { "serverUrl": "http(s)://HOSTNAME/api/v3", @@ -555748,13 +555748,13 @@ } ], "previews": [], + "descriptionHTML": "

Lists the SSH signing keys for a user. This operation is accessible by anyone.

", "statusCodes": [ { "httpStatusCode": "200", "description": "

OK

" } - ], - "descriptionHTML": "

Lists the SSH signing keys for a user. This operation is accessible by anyone.

" + ] } ] }