diff --git a/descriptions/api.github.com/api.github.com.2022-11-28.json b/descriptions/api.github.com/api.github.com.2022-11-28.json index 8a691cd24..8480361f6 100644 --- a/descriptions/api.github.com/api.github.com.2022-11-28.json +++ b/descriptions/api.github.com/api.github.com.2022-11-28.json @@ -2247,7 +2247,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -96515,6 +96515,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -97035,6 +97040,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -103852,6 +103862,33 @@ } } }, + "repository-rule-params-required-reviewer-configuration": { + "title": "RequiredReviewerConfiguration", + "description": "A reviewing team, and file patterns describing which files they must approve changes to.", + "type": "object", + "properties": { + "file_patterns": { + "type": "array", + "description": "Array of file patterns. Pull requests which change matching files must be approved by the specified team. File patterns use the same syntax as `.gitignore` files.", + "items": { + "type": "string" + } + }, + "minimum_approvals": { + "type": "integer", + "description": "Minimum number of approvals required from the specified team. If set to zero, the team will be added to the pull request but approval is optional." + }, + "reviewer_id": { + "type": "string", + "description": "Node ID of the team which must review changes to matching files." + } + }, + "required": [ + "file_patterns", + "minimum_approvals", + "reviewer_id" + ] + }, "repository-rule-pull-request": { "title": "pull_request", "description": "Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.", @@ -113448,6 +113485,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -113480,17 +113522,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -113505,7 +113539,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -113578,8 +113612,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -113589,7 +113648,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -265553,7 +265611,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -280178,20 +280237,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } diff --git a/descriptions/api.github.com/api.github.com.2022-11-28.yaml b/descriptions/api.github.com/api.github.com.2022-11-28.yaml index 97d624e82..216613a3e 100644 --- a/descriptions/api.github.com/api.github.com.2022-11-28.yaml +++ b/descriptions/api.github.com/api.github.com.2022-11-28.yaml @@ -1586,6 +1586,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -70270,6 +70272,11 @@ components: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -70654,6 +70661,11 @@ components: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -76108,6 +76120,31 @@ components: type: string enum: - required_signatures + repository-rule-params-required-reviewer-configuration: + title: RequiredReviewerConfiguration + description: A reviewing team, and file patterns describing which files they + must approve changes to. + type: object + properties: + file_patterns: + type: array + description: Array of file patterns. Pull requests which change matching + files must be approved by the specified team. File patterns use the same + syntax as `.gitignore` files. + items: + type: string + minimum_approvals: + type: integer + description: Minimum number of approvals required from the specified team. + If set to zero, the team will be added to the pull request but approval + is optional. + reviewer_id: + type: string + description: Node ID of the team which must review changes to matching files. + required: + - file_patterns + - minimum_approvals + - reviewer_id repository-rule-pull-request: title: pull_request description: Require all commits be made to a non-target branch and submitted @@ -83496,6 +83533,11 @@ components: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. For + more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -83520,15 +83562,9 @@ components: type: string example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -83541,7 +83577,7 @@ components: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -83612,14 +83648,33 @@ components: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that is the source + of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that is the target + of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -198872,6 +198927,7 @@ components: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -211432,18 +211488,36 @@ components: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository dependency-graph-create-snapshot-request: value: version: 0 diff --git a/descriptions/api.github.com/api.github.com.json b/descriptions/api.github.com/api.github.com.json index 8a691cd24..8480361f6 100644 --- a/descriptions/api.github.com/api.github.com.json +++ b/descriptions/api.github.com/api.github.com.json @@ -2247,7 +2247,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -96515,6 +96515,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -97035,6 +97040,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -103852,6 +103862,33 @@ } } }, + "repository-rule-params-required-reviewer-configuration": { + "title": "RequiredReviewerConfiguration", + "description": "A reviewing team, and file patterns describing which files they must approve changes to.", + "type": "object", + "properties": { + "file_patterns": { + "type": "array", + "description": "Array of file patterns. Pull requests which change matching files must be approved by the specified team. File patterns use the same syntax as `.gitignore` files.", + "items": { + "type": "string" + } + }, + "minimum_approvals": { + "type": "integer", + "description": "Minimum number of approvals required from the specified team. If set to zero, the team will be added to the pull request but approval is optional." + }, + "reviewer_id": { + "type": "string", + "description": "Node ID of the team which must review changes to matching files." + } + }, + "required": [ + "file_patterns", + "minimum_approvals", + "reviewer_id" + ] + }, "repository-rule-pull-request": { "title": "pull_request", "description": "Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.", @@ -113448,6 +113485,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -113480,17 +113522,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -113505,7 +113539,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -113578,8 +113612,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -113589,7 +113648,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -265553,7 +265611,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -280178,20 +280237,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } diff --git a/descriptions/api.github.com/api.github.com.yaml b/descriptions/api.github.com/api.github.com.yaml index 97d624e82..216613a3e 100644 --- a/descriptions/api.github.com/api.github.com.yaml +++ b/descriptions/api.github.com/api.github.com.yaml @@ -1586,6 +1586,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -70270,6 +70272,11 @@ components: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -70654,6 +70661,11 @@ components: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -76108,6 +76120,31 @@ components: type: string enum: - required_signatures + repository-rule-params-required-reviewer-configuration: + title: RequiredReviewerConfiguration + description: A reviewing team, and file patterns describing which files they + must approve changes to. + type: object + properties: + file_patterns: + type: array + description: Array of file patterns. Pull requests which change matching + files must be approved by the specified team. File patterns use the same + syntax as `.gitignore` files. + items: + type: string + minimum_approvals: + type: integer + description: Minimum number of approvals required from the specified team. + If set to zero, the team will be added to the pull request but approval + is optional. + reviewer_id: + type: string + description: Node ID of the team which must review changes to matching files. + required: + - file_patterns + - minimum_approvals + - reviewer_id repository-rule-pull-request: title: pull_request description: Require all commits be made to a non-target branch and submitted @@ -83496,6 +83533,11 @@ components: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. For + more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -83520,15 +83562,9 @@ components: type: string example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -83541,7 +83577,7 @@ components: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -83612,14 +83648,33 @@ components: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that is the source + of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that is the target + of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -198872,6 +198927,7 @@ components: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -211432,18 +211488,36 @@ components: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository dependency-graph-create-snapshot-request: value: version: 0 diff --git a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json index 1748ff212..af2742729 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json +++ b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.json @@ -17311,7 +17311,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -24837,6 +24837,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -26156,6 +26161,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -26331,7 +26341,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -26647,6 +26658,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -27230,6 +27246,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -28510,6 +28531,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -28685,7 +28711,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -29743,6 +29770,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -29918,7 +29950,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -32985,6 +33018,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -33349,6 +33387,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -34959,6 +35002,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -35134,7 +35182,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -247895,6 +247944,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -247927,17 +247981,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -247952,7 +247998,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -248025,8 +248071,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -248036,7 +248107,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -248060,20 +248130,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } @@ -496931,6 +497031,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml index 24952a3b2..f99ffde41 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml +++ b/descriptions/api.github.com/dereferenced/api.github.com.2022-11-28.deref.yaml @@ -7828,6 +7828,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -10526,6 +10528,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -11047,6 +11054,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -11086,6 +11098,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -60153,6 +60166,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -60179,16 +60197,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -60201,7 +60212,7 @@ paths: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -60272,14 +60283,34 @@ paths: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two + SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that + is the source of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that + is the target of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -60296,18 +60327,36 @@ paths: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository headers: Link: *39 '404': *7 diff --git a/descriptions/api.github.com/dereferenced/api.github.com.deref.json b/descriptions/api.github.com/dereferenced/api.github.com.deref.json index 1748ff212..af2742729 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.deref.json +++ b/descriptions/api.github.com/dereferenced/api.github.com.deref.json @@ -17311,7 +17311,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -24837,6 +24837,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -26156,6 +26161,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -26331,7 +26341,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -26647,6 +26658,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -27230,6 +27246,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -28510,6 +28531,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -28685,7 +28711,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -29743,6 +29770,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -29918,7 +29950,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -32985,6 +33018,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -33349,6 +33387,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -34959,6 +35002,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -35134,7 +35182,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -247895,6 +247944,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -247927,17 +247981,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -247952,7 +247998,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -248025,8 +248071,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -248036,7 +248107,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -248060,20 +248130,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } @@ -496931,6 +497031,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml b/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml index 24952a3b2..f99ffde41 100644 --- a/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml +++ b/descriptions/api.github.com/dereferenced/api.github.com.deref.yaml @@ -7828,6 +7828,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -10526,6 +10528,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -11047,6 +11054,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -11086,6 +11098,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -60153,6 +60166,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -60179,16 +60197,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -60201,7 +60212,7 @@ paths: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -60272,14 +60283,34 @@ paths: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two + SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that + is the source of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that + is the target of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -60296,18 +60327,36 @@ paths: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository headers: Link: *39 '404': *7 diff --git a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json index 722fad23d..e4a7b4f45 100644 --- a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json +++ b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.json @@ -25802,7 +25802,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -35006,6 +35006,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -36325,6 +36330,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -36500,7 +36510,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -36816,6 +36827,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -37399,6 +37415,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -38679,6 +38700,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -38854,7 +38880,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -39912,6 +39939,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -40087,7 +40119,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -43154,6 +43187,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -43518,6 +43556,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45128,6 +45171,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45303,7 +45351,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -264750,6 +264799,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -264782,17 +264836,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -264807,7 +264853,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -264880,8 +264926,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -264891,7 +264962,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -264915,20 +264985,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } @@ -524711,6 +524811,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml index 8b5973b61..e93bb559e 100644 --- a/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml +++ b/descriptions/ghec/dereferenced/ghec.2022-11-28.deref.yaml @@ -11588,6 +11588,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -14725,6 +14727,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15246,6 +15253,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15285,6 +15297,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -65299,6 +65312,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -65325,16 +65343,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -65347,7 +65358,7 @@ paths: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -65418,14 +65429,34 @@ paths: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two + SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that + is the source of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that + is the target of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -65442,18 +65473,36 @@ paths: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository headers: Link: *39 '404': *7 diff --git a/descriptions/ghec/dereferenced/ghec.deref.json b/descriptions/ghec/dereferenced/ghec.deref.json index 722fad23d..e4a7b4f45 100644 --- a/descriptions/ghec/dereferenced/ghec.deref.json +++ b/descriptions/ghec/dereferenced/ghec.deref.json @@ -25802,7 +25802,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -35006,6 +35006,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -36325,6 +36330,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -36500,7 +36510,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -36816,6 +36827,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -37399,6 +37415,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -38679,6 +38700,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -38854,7 +38880,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -39912,6 +39939,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -40087,7 +40119,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -43154,6 +43187,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -43518,6 +43556,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45128,6 +45171,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45303,7 +45351,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -264750,6 +264799,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -264782,17 +264836,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -264807,7 +264853,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -264880,8 +264926,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -264891,7 +264962,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -264915,20 +264985,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } @@ -524711,6 +524811,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/ghec/dereferenced/ghec.deref.yaml b/descriptions/ghec/dereferenced/ghec.deref.yaml index 8b5973b61..e93bb559e 100644 --- a/descriptions/ghec/dereferenced/ghec.deref.yaml +++ b/descriptions/ghec/dereferenced/ghec.deref.yaml @@ -11588,6 +11588,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -14725,6 +14727,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15246,6 +15253,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15285,6 +15297,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -65299,6 +65312,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -65325,16 +65343,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -65347,7 +65358,7 @@ paths: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -65418,14 +65429,34 @@ paths: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two + SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that + is the source of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that + is the target of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -65442,18 +65473,36 @@ paths: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository headers: Link: *39 '404': *7 diff --git a/descriptions/ghec/ghec.2022-11-28.json b/descriptions/ghec/ghec.2022-11-28.json index ed2d1bc0d..63f1b4d65 100644 --- a/descriptions/ghec/ghec.2022-11-28.json +++ b/descriptions/ghec/ghec.2022-11-28.json @@ -4747,7 +4747,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -105918,6 +105918,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -106438,6 +106443,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -113136,6 +113146,33 @@ } } }, + "repository-rule-params-required-reviewer-configuration": { + "title": "RequiredReviewerConfiguration", + "description": "A reviewing team, and file patterns describing which files they must approve changes to.", + "type": "object", + "properties": { + "file_patterns": { + "type": "array", + "description": "Array of file patterns. Pull requests which change matching files must be approved by the specified team. File patterns use the same syntax as `.gitignore` files.", + "items": { + "type": "string" + } + }, + "minimum_approvals": { + "type": "integer", + "description": "Minimum number of approvals required from the specified team. If set to zero, the team will be added to the pull request but approval is optional." + }, + "reviewer_id": { + "type": "string", + "description": "Node ID of the team which must review changes to matching files." + } + }, + "required": [ + "file_patterns", + "minimum_approvals", + "reviewer_id" + ] + }, "repository-rule-pull-request": { "title": "pull_request", "description": "Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.", @@ -122660,6 +122697,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -122692,17 +122734,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -122717,7 +122751,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -122790,8 +122824,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -122801,7 +122860,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -277012,7 +277070,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -291359,20 +291418,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } diff --git a/descriptions/ghec/ghec.2022-11-28.yaml b/descriptions/ghec/ghec.2022-11-28.yaml index 1dd5a4370..5bc3f9047 100644 --- a/descriptions/ghec/ghec.2022-11-28.yaml +++ b/descriptions/ghec/ghec.2022-11-28.yaml @@ -3393,6 +3393,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -77232,6 +77234,11 @@ components: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -77616,6 +77623,11 @@ components: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -82978,6 +82990,31 @@ components: type: string enum: - required_signatures + repository-rule-params-required-reviewer-configuration: + title: RequiredReviewerConfiguration + description: A reviewing team, and file patterns describing which files they + must approve changes to. + type: object + properties: + file_patterns: + type: array + description: Array of file patterns. Pull requests which change matching + files must be approved by the specified team. File patterns use the same + syntax as `.gitignore` files. + items: + type: string + minimum_approvals: + type: integer + description: Minimum number of approvals required from the specified team. + If set to zero, the team will be added to the pull request but approval + is optional. + reviewer_id: + type: string + description: Node ID of the team which must review changes to matching files. + required: + - file_patterns + - minimum_approvals + - reviewer_id repository-rule-pull-request: title: pull_request description: Require all commits be made to a non-target branch and submitted @@ -90313,6 +90350,11 @@ components: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. For + more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -90337,15 +90379,9 @@ components: type: string example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -90358,7 +90394,7 @@ components: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -90429,14 +90465,33 @@ components: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that is the source + of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that is the target + of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -207341,6 +207396,7 @@ components: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -219674,18 +219730,36 @@ components: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository dependency-graph-create-snapshot-request: value: version: 0 diff --git a/descriptions/ghec/ghec.json b/descriptions/ghec/ghec.json index ed2d1bc0d..63f1b4d65 100644 --- a/descriptions/ghec/ghec.json +++ b/descriptions/ghec/ghec.json @@ -4747,7 +4747,7 @@ "/enterprises/{enterprise}/copilot/usage": { "get": { "summary": "Get a summary of Copilot usage for enterprise members", - "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", + "description": "> [!NOTE]\n> This endpoint is in public preview and is subject to change.\n\nYou can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE\nfor all users across organizations with access to Copilot within your enterprise, with a further breakdown of suggestions, acceptances,\nand number of active users by editor and language for each day. See the response schema tab for detailed metrics definitions.\n\nThe response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,\nand the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,\nthey must have telemetry enabled in their IDE.\n\nThe time zone in the response is in UTC time, that means that the cutoff time for the \"day\" is UTC time.\n\nOnly owners and billing managers can view Copilot usage metrics for the enterprise.\n\nOAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint.", "tags": [ "copilot" ], @@ -105918,6 +105918,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -106438,6 +106443,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -113136,6 +113146,33 @@ } } }, + "repository-rule-params-required-reviewer-configuration": { + "title": "RequiredReviewerConfiguration", + "description": "A reviewing team, and file patterns describing which files they must approve changes to.", + "type": "object", + "properties": { + "file_patterns": { + "type": "array", + "description": "Array of file patterns. Pull requests which change matching files must be approved by the specified team. File patterns use the same syntax as `.gitignore` files.", + "items": { + "type": "string" + } + }, + "minimum_approvals": { + "type": "integer", + "description": "Minimum number of approvals required from the specified team. If set to zero, the team will be added to the pull request but approval is optional." + }, + "reviewer_id": { + "type": "string", + "description": "Node ID of the team which must review changes to matching files." + } + }, + "required": [ + "file_patterns", + "minimum_approvals", + "reviewer_id" + ] + }, "repository-rule-pull-request": { "title": "pull_request", "description": "Require all commits be made to a non-target branch and submitted via a pull request before they can be merged.", @@ -122660,6 +122697,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -122692,17 +122734,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -122717,7 +122751,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -122790,8 +122824,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -122801,7 +122860,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -277012,7 +277070,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -291359,20 +291418,50 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { + "name": "rails", "SPDXID": "SPDXRef-Package", - "name": "rubygems:rails", "versionInfo": "1.0.0", "downloadLocation": "NOASSERTION", "filesAnalyzed": false, "licenseConcluded": "MIT", "licenseDeclared": "MIT", - "copyrightText": "Copyright (c) 1985 GitHub.com" + "copyrightText": "Copyright (c) 1985 GitHub.com", + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:gem/rails@1.0.0" + } + ] + }, + { + "name": "github/example", + "SPDXID": "SPDXRef-Repository", + "versionInfo": "main", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "externalRefs": [ + { + "referenceCategory": "PACKAGE-MANAGER", + "referenceType": "purl", + "referenceLocator": "pkg:github/example@main" + } + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" } ] } diff --git a/descriptions/ghec/ghec.yaml b/descriptions/ghec/ghec.yaml index 1dd5a4370..5bc3f9047 100644 --- a/descriptions/ghec/ghec.yaml +++ b/descriptions/ghec/ghec.yaml @@ -3393,6 +3393,8 @@ paths: and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics, they must have telemetry enabled in their IDE. + The time zone in the response is in UTC time, that means that the cutoff time for the "day" is UTC time. + Only owners and billing managers can view Copilot usage metrics for the enterprise. OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot` or `read:enterprise` scopes to use this endpoint. @@ -77232,6 +77234,11 @@ components: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -77616,6 +77623,11 @@ components: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -82978,6 +82990,31 @@ components: type: string enum: - required_signatures + repository-rule-params-required-reviewer-configuration: + title: RequiredReviewerConfiguration + description: A reviewing team, and file patterns describing which files they + must approve changes to. + type: object + properties: + file_patterns: + type: array + description: Array of file patterns. Pull requests which change matching + files must be approved by the specified team. File patterns use the same + syntax as `.gitignore` files. + items: + type: string + minimum_approvals: + type: integer + description: Minimum number of approvals required from the specified team. + If set to zero, the team will be added to the pull request but approval + is optional. + reviewer_id: + type: string + description: Node ID of the team which must review changes to matching files. + required: + - file_patterns + - minimum_approvals + - reviewer_id repository-rule-pull-request: title: pull_request description: Require all commits be made to a non-target branch and submitted @@ -90313,6 +90350,11 @@ components: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. For + more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -90337,15 +90379,9 @@ components: type: string example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -90358,7 +90394,7 @@ components: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -90429,14 +90465,33 @@ components: - versionInfo - downloadLocation - filesAnalyzed - - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that is the source + of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that is the target + of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -207341,6 +207396,7 @@ components: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -219674,18 +219730,36 @@ components: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - - SPDXID: SPDXRef-Package - name: rubygems:rails + - name: rails + SPDXID: SPDXRef-Package versionInfo: 1.0.0 downloadLocation: NOASSERTION filesAnalyzed: false licenseConcluded: MIT licenseDeclared: MIT copyrightText: Copyright (c) 1985 GitHub.com + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:gem/rails@1.0.0 + - name: github/example + SPDXID: SPDXRef-Repository + versionInfo: main + downloadLocation: NOASSERTION + filesAnalyzed: false + externalRefs: + - referenceCategory: PACKAGE-MANAGER + referenceType: purl + referenceLocator: pkg:github/example@main + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository dependency-graph-create-snapshot-request: value: version: 0 diff --git a/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.json b/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.json index 56e05b84b..061dd5757 100644 --- a/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.json +++ b/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.json @@ -42648,6 +42648,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -43967,6 +43972,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -44142,7 +44152,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -44458,6 +44469,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45041,6 +45057,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -46321,6 +46342,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -46496,7 +46522,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -47554,6 +47581,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -47729,7 +47761,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -50796,6 +50829,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -51160,6 +51198,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -52770,6 +52813,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -52945,7 +52993,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -218529,6 +218578,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -218561,17 +218615,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -218586,7 +218632,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -218664,6 +218710,32 @@ "licenseDeclared", "supplier" ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" + ] } }, "required": [ @@ -218672,7 +218744,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -218696,10 +218767,7 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { "SPDXID": "SPDXRef-Package", @@ -218710,6 +218778,18 @@ "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION" } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" + } ] } } @@ -421546,6 +421626,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.yaml b/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.yaml index e20a31220..6bcacb148 100644 --- a/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.yaml +++ b/descriptions/ghes-3.10/dereferenced/ghes-3.10.2022-11-28.deref.yaml @@ -14545,6 +14545,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15066,6 +15071,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15105,6 +15115,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -52869,6 +52880,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -52895,16 +52911,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -52917,7 +52926,7 @@ paths: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -52991,13 +53000,34 @@ paths: - licenseConcluded - licenseDeclared - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two + SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that + is the source of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that + is the target of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -53014,9 +53044,7 @@ paths: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - SPDXID: SPDXRef-Package name: rubygems:rails @@ -53025,6 +53053,13 @@ paths: filesAnalyzed: false licenseConcluded: NOASSERTION licenseDeclared: NOASSERTION + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository headers: Link: *6 '404': *36 diff --git a/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.json b/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.json index 56e05b84b..061dd5757 100644 --- a/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.json +++ b/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.json @@ -42648,6 +42648,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -43967,6 +43972,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -44142,7 +44152,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -44458,6 +44469,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45041,6 +45057,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -46321,6 +46342,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -46496,7 +46522,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -47554,6 +47581,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -47729,7 +47761,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -50796,6 +50829,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -51160,6 +51198,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -52770,6 +52813,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -52945,7 +52993,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -218529,6 +218578,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -218561,17 +218615,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -218586,7 +218632,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -218664,6 +218710,32 @@ "licenseDeclared", "supplier" ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" + ] } }, "required": [ @@ -218672,7 +218744,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -218696,10 +218767,7 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { "SPDXID": "SPDXRef-Package", @@ -218710,6 +218778,18 @@ "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION" } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" + } ] } } @@ -421546,6 +421626,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.yaml b/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.yaml index e20a31220..6bcacb148 100644 --- a/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.yaml +++ b/descriptions/ghes-3.10/dereferenced/ghes-3.10.deref.yaml @@ -14545,6 +14545,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15066,6 +15071,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15105,6 +15115,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -52869,6 +52880,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -52895,16 +52911,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -52917,7 +52926,7 @@ paths: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -52991,13 +53000,34 @@ paths: - licenseConcluded - licenseDeclared - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two + SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that + is the source of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that + is the target of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -53014,9 +53044,7 @@ paths: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - SPDXID: SPDXRef-Package name: rubygems:rails @@ -53025,6 +53053,13 @@ paths: filesAnalyzed: false licenseConcluded: NOASSERTION licenseDeclared: NOASSERTION + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository headers: Link: *6 '404': *36 diff --git a/descriptions/ghes-3.10/ghes-3.10.2022-11-28.json b/descriptions/ghes-3.10/ghes-3.10.2022-11-28.json index 510c6bcfb..e77a18c4d 100644 --- a/descriptions/ghes-3.10/ghes-3.10.2022-11-28.json +++ b/descriptions/ghes-3.10/ghes-3.10.2022-11-28.json @@ -92579,6 +92579,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -93099,6 +93104,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -105139,6 +105149,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -105171,17 +105186,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -105196,7 +105203,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -105274,6 +105281,32 @@ "licenseDeclared", "supplier" ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" + ] } }, "required": [ @@ -105282,7 +105315,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -249300,7 +249332,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -260416,10 +260449,7 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { "SPDXID": "SPDXRef-Package", @@ -260430,6 +260460,18 @@ "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION" } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" + } ] } } diff --git a/descriptions/ghes-3.10/ghes-3.10.2022-11-28.yaml b/descriptions/ghes-3.10/ghes-3.10.2022-11-28.yaml index 349a315ac..e9ad556e8 100644 --- a/descriptions/ghes-3.10/ghes-3.10.2022-11-28.yaml +++ b/descriptions/ghes-3.10/ghes-3.10.2022-11-28.yaml @@ -66804,6 +66804,11 @@ components: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -67188,6 +67193,11 @@ components: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -76605,6 +76615,11 @@ components: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. For + more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -76629,15 +76644,9 @@ components: type: string example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -76650,7 +76659,7 @@ components: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -76724,13 +76733,33 @@ components: - licenseConcluded - licenseDeclared - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that is the source + of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that is the target + of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -186040,6 +186069,7 @@ components: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -195653,9 +195683,7 @@ components: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - SPDXID: SPDXRef-Package name: rubygems:rails @@ -195664,6 +195692,13 @@ components: filesAnalyzed: false licenseConcluded: NOASSERTION licenseDeclared: NOASSERTION + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository dependency-graph-create-snapshot-request: value: version: 0 diff --git a/descriptions/ghes-3.10/ghes-3.10.json b/descriptions/ghes-3.10/ghes-3.10.json index 510c6bcfb..e77a18c4d 100644 --- a/descriptions/ghes-3.10/ghes-3.10.json +++ b/descriptions/ghes-3.10/ghes-3.10.json @@ -92579,6 +92579,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -93099,6 +93104,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -105139,6 +105149,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -105171,17 +105186,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -105196,7 +105203,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -105274,6 +105281,32 @@ "licenseDeclared", "supplier" ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" + ] } }, "required": [ @@ -105282,7 +105315,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -249300,7 +249332,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -260416,10 +260449,7 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { "SPDXID": "SPDXRef-Package", @@ -260430,6 +260460,18 @@ "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION" } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" + } ] } } diff --git a/descriptions/ghes-3.10/ghes-3.10.yaml b/descriptions/ghes-3.10/ghes-3.10.yaml index 349a315ac..e9ad556e8 100644 --- a/descriptions/ghes-3.10/ghes-3.10.yaml +++ b/descriptions/ghes-3.10/ghes-3.10.yaml @@ -66804,6 +66804,11 @@ components: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -67188,6 +67193,11 @@ components: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, `"utf-8"` + and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -76605,6 +76615,11 @@ components: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. For + more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -76629,15 +76644,9 @@ components: type: string example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -76650,7 +76659,7 @@ components: description: A unique SPDX identifier for the package. name: type: string - example: rubygems:github/github + example: github/github description: The name of the package. versionInfo: type: string @@ -76724,13 +76733,33 @@ components: - licenseConcluded - licenseDeclared - supplier + relationships: + type: array + items: + type: object + properties: + relationshipType: + type: string + example: DEPENDS_ON + description: The type of relationship between the two SPDX elements. + spdxElementId: + type: string + description: The SPDX identifier of the package that is the source + of the relationship. + relatedSpdxElement: + type: string + description: The SPDX identifier of the package that is the target + of the relationship. + required: + - relationshipType + - spdxElementId + - relatedSpdxElement required: - SPDXID - spdxVersion - creationInfo - name - dataLicense - - documentDescribes - documentNamespace - packages required: @@ -186040,6 +186069,7 @@ components: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -195653,9 +195683,7 @@ components: - 'Tool: GitHub.com-Dependency-Graph' name: github/example dataLicense: CC0-1.0 - documentDescribes: - - github/example - documentNamespace: https://github.com/github/example/dependency_graph/sbom-abcdef123456 + documentNamespace: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 packages: - SPDXID: SPDXRef-Package name: rubygems:rails @@ -195664,6 +195692,13 @@ components: filesAnalyzed: false licenseConcluded: NOASSERTION licenseDeclared: NOASSERTION + relationships: + - relationshipType: DEPENDS_ON + spdxElementId: SPDXRef-Repository + relatedSpdxElement: SPDXRef-Package + - relationshipType: DESCRIBES + spdxElementId: SPDXRef-DOCUMENT + relatedSpdxElement: SPDXRef-Repository dependency-graph-create-snapshot-request: value: version: 0 diff --git a/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.json b/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.json index 1e8e5c8db..4751559b6 100644 --- a/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.json +++ b/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.json @@ -44220,6 +44220,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45539,6 +45544,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -45714,7 +45724,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -46030,6 +46041,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -46613,6 +46629,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -47893,6 +47914,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -48068,7 +48094,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -49126,6 +49153,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -49301,7 +49333,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -52368,6 +52401,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -52732,6 +52770,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -54342,6 +54385,11 @@ }, "content": { "type": "string" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } @@ -54517,7 +54565,8 @@ "raw_url": "https://gist.githubusercontent.com/monalisa/2decf6c462d9b4418f2/raw/ac3e6daf176fafe73609fd000cd188e4472010fb/README.md", "size": 23, "truncated": false, - "content": "Hello world from GitHub" + "content": "Hello world from GitHub", + "encoding": "utf-8" } }, "public": true, @@ -226473,6 +226522,11 @@ "example": "SPDX-2.3", "description": "The version of the SPDX specification that this document conforms to." }, + "comment": { + "type": "string", + "example": "Exact versions could not be resolved for some packages. For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/", + "description": "An optional comment about the SPDX document." + }, "creationInfo": { "type": "object", "properties": { @@ -226505,17 +226559,9 @@ "example": "CC0-1.0", "description": "The license under which the SPDX document is licensed." }, - "documentDescribes": { - "type": "array", - "items": { - "type": "string", - "example": "github/github" - }, - "description": "The name of the repository that the SPDX document describes." - }, "documentNamespace": { "type": "string", - "example": "https://github.com/example/dependency_graph/sbom-123", + "example": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "description": "The namespace for the SPDX document." }, "packages": { @@ -226530,7 +226576,7 @@ }, "name": { "type": "string", - "example": "rubygems:github/github", + "example": "github/github", "description": "The name of the package." }, "versionInfo": { @@ -226603,8 +226649,33 @@ "name", "versionInfo", "downloadLocation", - "filesAnalyzed", - "supplier" + "filesAnalyzed" + ] + }, + "relationships": { + "type": "array", + "items": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "example": "DEPENDS_ON", + "description": "The type of relationship between the two SPDX elements." + }, + "spdxElementId": { + "type": "string", + "description": "The SPDX identifier of the package that is the source of the relationship." + }, + "relatedSpdxElement": { + "type": "string", + "description": "The SPDX identifier of the package that is the target of the relationship." + } + } + }, + "required": [ + "relationshipType", + "spdxElementId", + "relatedSpdxElement" ] } }, @@ -226614,7 +226685,6 @@ "creationInfo", "name", "dataLicense", - "documentDescribes", "documentNamespace", "packages" ] @@ -226638,10 +226708,7 @@ }, "name": "github/example", "dataLicense": "CC0-1.0", - "documentDescribes": [ - "github/example" - ], - "documentNamespace": "https://github.com/github/example/dependency_graph/sbom-abcdef123456", + "documentNamespace": "https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57", "packages": [ { "SPDXID": "SPDXRef-Package", @@ -226652,6 +226719,18 @@ "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION" } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "spdxElementId": "SPDXRef-Repository", + "relatedSpdxElement": "SPDXRef-Package" + }, + { + "relationshipType": "DESCRIBES", + "spdxElementId": "SPDXRef-DOCUMENT", + "relatedSpdxElement": "SPDXRef-Repository" + } ] } } @@ -436077,6 +436156,11 @@ }, "size": { "type": "integer" + }, + "encoding": { + "type": "string", + "description": "The encoding used for `content`. Currently, `\"utf-8\"` and `\"base64\"` are supported.", + "default": "utf-8" } } } diff --git a/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.yaml b/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.yaml index a3698d8c8..1261553de 100644 --- a/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.yaml +++ b/descriptions/ghes-3.11/dereferenced/ghes-3.11.2022-11-28.deref.yaml @@ -15159,6 +15159,11 @@ paths: type: string size: type: integer + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15680,6 +15685,11 @@ paths: type: boolean content: type: string + encoding: + type: string + description: The encoding used for `content`. Currently, + `"utf-8"` and `"base64"` are supported. + default: utf-8 public: type: boolean created_at: @@ -15719,6 +15729,7 @@ paths: size: 23 truncated: false content: Hello world from GitHub + encoding: utf-8 public: true created_at: '2022-09-20T12:11:58Z' updated_at: '2022-09-21T10:28:06Z' @@ -54796,6 +54807,11 @@ paths: example: SPDX-2.3 description: The version of the SPDX specification that this document conforms to. + comment: + type: string + example: 'Exact versions could not be resolved for some packages. + For more information: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/' + description: An optional comment about the SPDX document. creationInfo: type: object properties: @@ -54822,16 +54838,9 @@ paths: example: CC0-1.0 description: The license under which the SPDX document is licensed. - documentDescribes: - type: array - items: - type: string - example: github/github - description: The name of the repository that the SPDX document - describes. documentNamespace: type: string - example: https://github.com/example/dependency_graph/sbom-123 + example: https://spdx.org/spdxdocs/protobom/15e41dd2-f961-4f4d-b8dc-f8f57ad70d57 description: The namespace for the SPDX document. packages: type: array @@ -54844,7 +54853,7 @@ p{"code":"internal","msg":"git-diff-tree: context deadline exceeded","meta":{"cause":"*fmt.wrapError"}}