Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

repo sync #23586

Merged
merged 2 commits into from
Jan 30, 2023
Merged

repo sync #23586

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
32e526a
Merge branch 'main' into repo-sync
Octomerger Jan 30, 2023
e4baefc
Merge pull request #34277 from github/repo-sync
Octomerger Jan 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/rest/static/decorated/api.github.com.2022-11-28.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -161298,7 +161298,7 @@
"description": "<p>Service unavailable</p>"
}
],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint for private repositories. You can also use tokens with the <code>public_repo</code> scope for public repositories only. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<br>\nSARIF upload supports a maximum number of entries per the following data objects, and an analysis will be rejected if any of these objects is above its maximum value. For some objects, there are additional values over which the entries will be ignored while keeping the most important entries whenever applicable.\nTo get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration (For example, for the CodeQL tool, identify and remove the most noisy queries).\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<table><thead><tr><th><strong>SARIF data</strong></th><th align=\"center\"><strong>Maximum values</strong></th><th><strong>Additional limits</strong></th></tr></thead><tbody><tr><td>Runs per file</td><td align=\"center\">20</td><td></td></tr><tr><td>Results per run</td><td align=\"center\">25,000</td><td>Only the top 5,000 results will be included, prioritized by severity.</td></tr><tr><td>Rules per run</td><td align=\"center\">25,000</td><td></td></tr><tr><td>Tool extensions per run</td><td align=\"center\">100</td><td></td></tr><tr><td>Thread Flow Locations per result</td><td align=\"center\">10,000</td><td>Only the top 1,000 Thread Flow Locations will be included, using prioritization.</td></tr><tr><td>Location per result</td><td align=\"center\">1,000</td><td>Only 100 locations will be included.</td></tr><tr><td>Tags per rule</td><td align=\"center\">20</td><td>Only 10 tags will be included.</td></tr></tbody></table>\n<p>The <code>202 Accepted</code> response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using it in the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint for private repositories. You can also use tokens with the <code>public_repo</code> scope for public repositories only. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<br>\nSARIF upload supports a maximum number of entries per the following data objects, and an analysis will be rejected if any of these objects is above its maximum value. For some objects, there are additional values over which the entries will be ignored while keeping the most important entries whenever applicable.\nTo get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration. For example, for the CodeQL tool, identify and remove the most noisy queries.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<table><thead><tr><th><strong>SARIF data</strong></th><th align=\"center\"><strong>Maximum values</strong></th><th><strong>Additional limits</strong></th></tr></thead><tbody><tr><td>Runs per file</td><td align=\"center\">20</td><td></td></tr><tr><td>Results per run</td><td align=\"center\">25,000</td><td>Only the top 5,000 results will be included, prioritized by severity.</td></tr><tr><td>Rules per run</td><td align=\"center\">25,000</td><td></td></tr><tr><td>Tool extensions per run</td><td align=\"center\">100</td><td></td></tr><tr><td>Thread Flow Locations per result</td><td align=\"center\">10,000</td><td>Only the top 1,000 Thread Flow Locations will be included, using prioritization.</td></tr><tr><td>Location per result</td><td align=\"center\">1,000</td><td>Only 100 locations will be included.</td></tr><tr><td>Tags per rule</td><td align=\"center\">20</td><td>Only 10 tags will be included.</td></tr></tbody></table>\n<p>The <code>202 Accepted</code> response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using it in the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"subcategory": "code-scanning"
},
{
Expand Down
4 changes: 2 additions & 2 deletions lib/rest/static/decorated/ghec.2022-11-28.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172733,7 +172733,7 @@
"description": "<p>Service unavailable</p>"
}
],
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint for private repositories. You can also use tokens with the <code>public_repo</code> scope for public repositories only. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<br>\nSARIF upload supports a maximum number of entries per the following data objects, and an analysis will be rejected if any of these objects is above its maximum value. For some objects, there are additional values over which the entries will be ignored while keeping the most important entries whenever applicable.\nTo get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration (For example, for the CodeQL tool, identify and remove the most noisy queries).\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<table><thead><tr><th><strong>SARIF data</strong></th><th align=\"center\"><strong>Maximum values</strong></th><th><strong>Additional limits</strong></th></tr></thead><tbody><tr><td>Runs per file</td><td align=\"center\">20</td><td></td></tr><tr><td>Results per run</td><td align=\"center\">25,000</td><td>Only the top 5,000 results will be included, prioritized by severity.</td></tr><tr><td>Rules per run</td><td align=\"center\">25,000</td><td></td></tr><tr><td>Tool extensions per run</td><td align=\"center\">100</td><td></td></tr><tr><td>Thread Flow Locations per result</td><td align=\"center\">10,000</td><td>Only the top 1,000 Thread Flow Locations will be included, using prioritization.</td></tr><tr><td>Location per result</td><td align=\"center\">1,000</td><td>Only 100 locations will be included.</td></tr><tr><td>Tags per rule</td><td align=\"center\">20</td><td>Only 10 tags will be included.</td></tr></tbody></table>\n<p>The <code>202 Accepted</code> response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using it in the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"descriptionHTML": "<p>Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the <code>security_events</code> scope to use this endpoint for private repositories. You can also use tokens with the <code>public_repo</code> scope for public repositories only. GitHub Apps must have the <code>security_events</code> write permission to use this endpoint.</p>\n<p>There are two places where you can upload code scanning results.</p>\n<ul>\n<li>If you upload to a pull request, for example <code>--ref refs/pull/42/merge</code> or <code>--ref refs/pull/42/head</code>, then the results appear as alerts in a pull request check. For more information, see \"<a href=\"/code-security/secure-coding/triaging-code-scanning-alerts-in-pull-requests\">Triaging code scanning alerts in pull requests</a>.\"</li>\n<li>If you upload to a branch, for example <code>--ref refs/heads/my-branch</code>, then the results appear in the <strong>Security</strong> tab for your repository. For more information, see \"<a href=\"/code-security/secure-coding/managing-code-scanning-alerts-for-your-repository#viewing-the-alerts-for-a-repository\">Managing code scanning alerts for your repository</a>.\"</li>\n</ul>\n<p>You must compress the SARIF-formatted analysis data that you want to upload, using <code>gzip</code>, and then encode it as a Base64 format string. For example:</p>\n<pre><code>gzip -c analysis-data.sarif | base64 -w0\n</code></pre>\n<br>\nSARIF upload supports a maximum number of entries per the following data objects, and an analysis will be rejected if any of these objects is above its maximum value. For some objects, there are additional values over which the entries will be ignored while keeping the most important entries whenever applicable.\nTo get the most out of your analysis when it includes data above the supported limits, try to optimize the analysis configuration. For example, for the CodeQL tool, identify and remove the most noisy queries.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<table><thead><tr><th><strong>SARIF data</strong></th><th align=\"center\"><strong>Maximum values</strong></th><th><strong>Additional limits</strong></th></tr></thead><tbody><tr><td>Runs per file</td><td align=\"center\">20</td><td></td></tr><tr><td>Results per run</td><td align=\"center\">25,000</td><td>Only the top 5,000 results will be included, prioritized by severity.</td></tr><tr><td>Rules per run</td><td align=\"center\">25,000</td><td></td></tr><tr><td>Tool extensions per run</td><td align=\"center\">100</td><td></td></tr><tr><td>Thread Flow Locations per result</td><td align=\"center\">10,000</td><td>Only the top 1,000 Thread Flow Locations will be included, using prioritization.</td></tr><tr><td>Location per result</td><td align=\"center\">1,000</td><td>Only 100 locations will be included.</td></tr><tr><td>Tags per rule</td><td align=\"center\">20</td><td>Only 10 tags will be included.</td></tr></tbody></table>\n<p>The <code>202 Accepted</code> response includes an <code>id</code> value.\nYou can use this ID to check the status of the upload by using it in the <code>/sarifs/{sarif_id}</code> endpoint.\nFor more information, see \"<a href=\"/rest/reference/code-scanning#get-information-about-a-sarif-upload\">Get information about a SARIF upload</a>.\"</p>",
"subcategory": "code-scanning"
},
{
Expand Down Expand Up @@ -252729,7 +252729,7 @@
},
{
"name": "phrase",
"description": "<p>A search phrase. For more information, see <a href=\"https://docs.github.com/enterprise-cloud@latest//github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#searching-the-audit-log\">Searching the audit log</a>.</p>",
"description": "<p>A search phrase. For more information, see <a href=\"https://docs.github.com/enterprise-cloud@latest//admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/searching-the-audit-log-for-your-enterprise#searching-the-audit-log\">Searching the audit log</a>.</p>",
"in": "query",
"required": false,
"schema": {
Expand Down
Loading