Merge pull request #427 from github/openapi-update-cff23b4d44463aca861a4ab3fc315eb2239eb8fc82d06d8b67f6c3a74d0b17b3

Update OpenAPI Descriptions

Author: Marc-Andre Giroux

descriptions/api.github.com/api.github.com.json

@@ -17400,12 +17400,22 @@
                   },
                   "security_and_analysis": {
                     "type": "object",
-                    "description": "Specify which security and analysis features to enable or disable.",
+                    "description": "Specify which security and analysis features to enable or disable. For example, to enable GitHub Advanced Security, use this data in the body of the PATCH request: `{\"security_and_analysis\": {\"advanced_security\": {\"status\": \"enabled\"}}}`. If you have admin permissions for a private repository covered by an Advanced Security license, you can check which security and analysis features are currently enabled by using a `GET /repos/{owner}/{repo}` request.",
                     "nullable": true,
                     "properties": {
                       "advanced_security": {
                         "type": "object",
-                        "description": "Use the `status` property to enable or disable GitHub Advanced Security for this repository. For more information, see \"[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security).\" If you're an admin user for a repository covered by an Advanced Security license, you can check whether Advanced Security is currently enabled by using a `GET /repos/{owner}/{repo}` request.",
+                        "description": "Use the `status` property to enable or disable GitHub Advanced Security for this repository. For more information, see \"[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security).\"",
+                        "properties": {
+                          "status": {
+                            "type": "string",
+                            "description": "Can be `enabled` or `disabled`."
+                          }
+                        }
+                      },
+                      "secret_scanning": {
+                        "type": "object",
+                        "description": "Use the `status` property to enable or disable secret scanning for this repository. For more information, see \"[About secret scanning](/code-security/secret-security/about-secret-scanning).\"",
                         "properties": {
                           "status": {
                             "type": "string",
@@ -24310,7 +24320,7 @@
     "/repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}": {
       "get": {
         "summary": "Get a code scanning analysis for a repository",
-        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\nFor an example response, see \"[Custom media type for code scanning](#custom-media-type-for-code-scanning).\"\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
+        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
         "operationId": "code-scanning/get-analysis",
         "tags": [
           "code-scanning"
@@ -60136,6 +60146,18 @@
                     ]
                   }
                 }
+              },
+              "secret_scanning": {
+                "type": "object",
+                "properties": {
+                  "status": {
+                    "type": "string",
+                    "enum": [
+                      "enabled",
+                      "disabled"
+                    ]
+                  }
+                }
               }
             }
           }

descriptions/api.github.com/api.github.com.yaml

@@ -12439,19 +12439,29 @@ paths:
                   - internal
                 security_and_analysis:
                   type: object
-                  description: Specify which security and analysis features to enable
-                    or disable.
+                  description: 'Specify which security and analysis features to enable
+                    or disable. For example, to enable GitHub Advanced Security, use
+                    this data in the body of the PATCH request: `{"security_and_analysis":
+                    {"advanced_security": {"status": "enabled"}}}`. If you have admin
+                    permissions for a private repository covered by an Advanced Security
+                    license, you can check which security and analysis features are
+                    currently enabled by using a `GET /repos/{owner}/{repo}` request.'
                   nullable: true
                   properties:
                     advanced_security:
                       type: object
                       description: Use the `status` property to enable or disable
                         GitHub Advanced Security for this repository. For more information,
                         see "[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security)."
-                        If you're an admin user for a repository covered by an Advanced
-                        Security license, you can check whether Advanced Security
-                        is currently enabled by using a `GET /repos/{owner}/{repo}`
-                        request.
+                      properties:
+                        status:
+                          type: string
+                          description: Can be `enabled` or `disabled`.
+                    secret_scanning:
+                      type: object
+                      description: Use the `status` property to enable or disable
+                        secret scanning for this repository. For more information,
+                        see "[About secret scanning](/code-security/secret-security/about-secret-scanning)."
                       properties:
                         status:
                           type: string
@@ -17392,7 +17402,6 @@ paths:
         the response contains the analysis data that was uploaded.
         This is formatted as
         [SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).
-        For an example response, see "[Custom media type for code scanning](#custom-media-type-for-code-scanning)."
 
         **Deprecation notice**:
         The `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.
@@ -43582,6 +43591,14 @@ components:
                   enum:
                   - enabled
                   - disabled
+            secret_scanning:
+              type: object
+              properties:
+                status:
+                  type: string
+                  enum:
+                  - enabled
+                  - disabled
       required:
       - archive_url
       - assignees_url

descriptions/api.github.com/dereferenced/api.github.com.deref.json

@@ -115022,6 +115022,18 @@
                               ]
                             }
                           }
+                        },
+                        "secret_scanning": {
+                          "type": "object",
+                          "properties": {
+                            "status": {
+                              "type": "string",
+                              "enum": [
+                                "enabled",
+                                "disabled"
+                              ]
+                            }
+                          }
                         }
                       }
                     }
@@ -116289,12 +116301,22 @@
                   },
                   "security_and_analysis": {
                     "type": "object",
-                    "description": "Specify which security and analysis features to enable or disable.",
+                    "description": "Specify which security and analysis features to enable or disable. For example, to enable GitHub Advanced Security, use this data in the body of the PATCH request: `{\"security_and_analysis\": {\"advanced_security\": {\"status\": \"enabled\"}}}`. If you have admin permissions for a private repository covered by an Advanced Security license, you can check which security and analysis features are currently enabled by using a `GET /repos/{owner}/{repo}` request.",
                     "nullable": true,
                     "properties": {
                       "advanced_security": {
                         "type": "object",
-                        "description": "Use the `status` property to enable or disable GitHub Advanced Security for this repository. For more information, see \"[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security).\" If you're an admin user for a repository covered by an Advanced Security license, you can check whether Advanced Security is currently enabled by using a `GET /repos/{owner}/{repo}` request.",
+                        "description": "Use the `status` property to enable or disable GitHub Advanced Security for this repository. For more information, see \"[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security).\"",
+                        "properties": {
+                          "status": {
+                            "type": "string",
+                            "description": "Can be `enabled` or `disabled`."
+                          }
+                        }
+                      },
+                      "secret_scanning": {
+                        "type": "object",
+                        "description": "Use the `status` property to enable or disable secret scanning for this repository. For more information, see \"[About secret scanning](/code-security/secret-security/about-secret-scanning).\"",
                         "properties": {
                           "status": {
                             "type": "string",
@@ -120383,6 +120405,18 @@
                               ]
                             }
                           }
+                        },
+                        "secret_scanning": {
+                          "type": "object",
+                          "properties": {
+                            "status": {
+                              "type": "string",
+                              "enum": [
+                                "enabled",
+                                "disabled"
+                              ]
+                            }
+                          }
                         }
                       }
                     }
@@ -171893,7 +171927,7 @@
     "/repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}": {
       "get": {
         "summary": "Get a code scanning analysis for a repository",
-        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\nFor an example response, see \"[Custom media type for code scanning](#custom-media-type-for-code-scanning).\"\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
+        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
         "operationId": "code-scanning/get-analysis",
         "tags": [
           "code-scanning"
@@ -211035,6 +211069,18 @@
                               ]
                             }
                           }
+                        },
+                        "secret_scanning": {
+                          "type": "object",
+                          "properties": {
+                            "status": {
+                              "type": "string",
+                              "enum": [
+                                "enabled",
+                                "disabled"
+                              ]
+                            }
+                          }
                         }
                       }
                     }

descriptions/api.github.com/dereferenced/api.github.com.deref.yaml

@@ -26498,6 +26498,14 @@ paths:
                             enum:
                             - enabled
                             - disabled
+                      secret_scanning:
+                        type: object
+                        properties:
+                          status:
+                            type: string
+                            enum:
+                            - enabled
+                            - disabled
                 required: &217
                 - archive_url
                 - assignees_url
@@ -27643,19 +27651,29 @@ paths:
                   - internal
                 security_and_analysis:
                   type: object
-                  description: Specify which security and analysis features to enable
-                    or disable.
+                  description: 'Specify which security and analysis features to enable
+                    or disable. For example, to enable GitHub Advanced Security, use
+                    this data in the body of the PATCH request: `{"security_and_analysis":
+                    {"advanced_security": {"status": "enabled"}}}`. If you have admin
+                    permissions for a private repository covered by an Advanced Security
+                    license, you can check which security and analysis features are
+                    currently enabled by using a `GET /repos/{owner}/{repo}` request.'
                   nullable: true
                   properties:
                     advanced_security:
                       type: object
                       description: Use the `status` property to enable or disable
                         GitHub Advanced Security for this repository. For more information,
                         see "[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security)."
-                        If you're an admin user for a repository covered by an Advanced
-                        Security license, you can check whether Advanced Security
-                        is currently enabled by using a `GET /repos/{owner}/{repo}`
-                        request.
+                      properties:
+                        status:
+                          type: string
+                          description: Can be `enabled` or `disabled`.
+                    secret_scanning:
+                      type: object
+                      description: Use the `status` property to enable or disable
+                        secret scanning for this repository. For more information,
+                        see "[About secret scanning](/code-security/secret-security/about-secret-scanning)."
                       properties:
                         status:
                           type: string
@@ -39006,7 +39024,6 @@ paths:
         the response contains the analysis data that was uploaded.
         This is formatted as
         [SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).
-        For an example response, see "[Custom media type for code scanning](#custom-media-type-for-code-scanning)."
 
         **Deprecation notice**:
         The `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.