diff --git a/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md b/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md index 18ea075b2636..186211d44b84 100644 --- a/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md +++ b/content/actions/reference/workflows-and-actions/events-that-trigger-workflows.md @@ -515,7 +515,16 @@ on: Runs your workflow when activity on a pull request in the workflow's repository occurs. For example, if no activity types are specified, the workflow runs when a pull request is opened or reopened or when the head branch of the pull request is updated. For activity related to pull request reviews, pull request review comments, or pull request comments, use the [`pull_request_review`](#pull_request_review), [`pull_request_review_comment`](#pull_request_review_comment), or [`issue_comment`](#issue_comment) events instead. For information about the pull request APIs, see [AUTOTITLE](/graphql/reference/objects#pullrequest) in the GraphQL API documentation or [AUTOTITLE](/rest/pulls). -Note that `GITHUB_SHA` for this event is the last merge commit of the pull request merge branch. If you want to get the commit ID for the last commit to the head branch of the pull request, use `github.event.pull_request.head.sha` instead. +Note that `GITHUB_SHA` for this event is the last merge commit of the pull request merge branch. If you want to get the commit ID for the last commit to the head branch of the pull request, use `github.event.pull_request.head.sha` instead. For more information about merge branches, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests#pull-request-refs-and-merge-branches). + +### How the merge branch affects your workflow + +For open, mergeable pull requests, workflows triggered by the `pull_request` event set `GITHUB_REF` to the merge branch. Because `actions/checkout` uses `GITHUB_REF` by default, it checks out the merge branch. Your CI tests run against the merged result, not just the head branch alone: + +* `GITHUB_REF` is set to `refs/pull/PULL_REQUEST_NUMBER/merge` +* `GITHUB_SHA` is the SHA of the merge commit on the merge branch + +To test only the head branch commits without simulating a merge, check out the head branch using `github.event.pull_request.head.sha` in your workflow. For example, you can run a workflow when a pull request has been opened or reopened. diff --git a/content/copilot/concepts/agents/code-review.md b/content/copilot/concepts/agents/code-review.md index 15d9cbcf3116..c2f4d94eb787 100644 --- a/content/copilot/concepts/agents/code-review.md +++ b/content/copilot/concepts/agents/code-review.md @@ -26,6 +26,7 @@ This article provides an overview of {% data variables.copilot.copilot_code-revi {% data variables.copilot.copilot_code-review_short %} is supported in: * {% data variables.product.prodname_dotcom_the_website %} +* {% data variables.product.prodname_cli %} * {% data variables.product.prodname_mobile %} * {% data variables.product.prodname_vscode_shortname %} * {% data variables.product.prodname_vs %} diff --git a/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md b/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md index af4667d86ae9..467fa8a47db1 100644 --- a/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md +++ b/content/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review.md @@ -235,3 +235,43 @@ These instructions explain how to use {% data variables.copilot.copilot_code-rev 1. If there is more than one comment, use the up and down arrows, at the top right of the popup, to navigate between comments. {% endjetbrains %} + +{% cli %} + +## Prerequisites + +* **Access to {% data variables.product.prodname_copilot_short %}**. {% data reusables.copilot.subscription-prerequisite %} +* **{% data variables.product.prodname_cli %}**. You must have the {% data variables.product.prodname_cli %} installed and authenticated. See [AUTOTITLE](/github-cli/github-cli/quickstart). + +## Using {% data variables.copilot.copilot_code-review_short %} + +These instructions explain how to use {% data variables.copilot.copilot_code-review_short %} with the {% data variables.product.prodname_cli %}. To see instructions for other popular coding environments, click the appropriate tab at the top of the page. + +### Requesting a review when creating a pull request + +You can request a review from {% data variables.product.prodname_copilot_short %} when creating a new pull request using `gh pr create`: + +```shell copy +gh pr create --reviewer @copilot +``` + +You can also select {% data variables.product.prodname_copilot_short %} interactively from the searchable reviewer prompt during `gh pr create`. + +```text +? Reviewers [Use arrows to move, space to select, to all, to none, type to filter] + [ ] Search (7472 more) + [x] monalisa (Mona Lisa) +> [x] Copilot (AI) +``` + +### Requesting a review on an existing pull request + +To request a review from {% data variables.product.prodname_copilot_short %} on an existing pull request, use `gh pr edit`. If you are not on the pull request's branch, specify the pull request number: + +```shell copy +gh pr edit PR-NUMBER --add-reviewer @copilot +``` + +Replace `PR-NUMBER` with the number of the pull request you want reviewed. If you have the pull request's branch checked out, you can omit the number. + +{% endcli %} diff --git a/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests.md b/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests.md index ddceef8f136e..d354a7e47883 100644 --- a/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests.md +++ b/content/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests.md @@ -35,6 +35,26 @@ When you create a pull request, you can choose to make it a draft pull request. {% data reusables.pull_requests.mark-ready-review %} You can convert a pull request to a draft at any time. See [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request). +## Pull request refs and merge branches + +When you open a pull request, {% data variables.product.github %} creates up to two temporary, read-only Git references for it: + +| Ref | Description | +| --- | --- | +| `refs/pull/PULL_REQUEST_NUMBER/head` | Points to the latest commit on the pull request's head branch. | +| `refs/pull/PULL_REQUEST_NUMBER/merge` | A merge branch—a simulated merge commit that represents what the repository would look like if the pull request were merged right now. This ref is only available when the pull request has no merge conflicts. | + +The merge branch automatically updates when the head branch or base branch changes. To fetch it locally: + +```shell +git fetch origin refs/pull/PULL_REQUEST_NUMBER/merge +git checkout FETCH_HEAD +``` + +Replace `PULL_REQUEST_NUMBER` with the number of your pull request. + +For information about how {% data variables.product.prodname_actions %} uses the merge branch, see [AUTOTITLE](/actions/reference/workflows-and-actions/events-that-trigger-workflows#how-the-merge-branch-affects-your-workflow). + ## Differences between commits on compare and pull request pages The compare and pull request pages use different methods to calculate the diff for changed files: diff --git a/data/reusables/actions/ref-description.md b/data/reusables/actions/ref-description.md index 55364ac1c021..193cbb2718b4 100644 --- a/data/reusables/actions/ref-description.md +++ b/data/reusables/actions/ref-description.md @@ -1 +1 @@ -The fully-formed ref of the branch or tag that triggered the workflow run. For workflows triggered by `push`, this is the branch or tag ref that was pushed. For workflows triggered by `pull_request` that were not merged, this is the pull request merge branch. If the pull request was merged, this is the head branch. For workflows triggered by `release`, this is the release tag created. For other triggers, this is the branch or tag ref that triggered the workflow run. This is only set if a branch or tag is available for the event type. The ref given is fully-formed, meaning that for branches the format is `refs/heads/`. For pull requests events except `pull_request_target` that were not merged, it is `refs/pull//merge`. `pull_request_target` events have the `ref` from the base branch. For tags it is `refs/tags/`. For example, `refs/heads/feature-branch-1`. +The fully-formed ref of the branch or tag that triggered the workflow run. For workflows triggered by `push`, this is the branch or tag ref that was pushed. For workflows triggered by `pull_request` that were not merged, this is the pull request merge branch. If the pull request was merged, this is the branch it was merged into. For workflows triggered by `release`, this is the release tag created. For other triggers, this is the branch or tag ref that triggered the workflow run. This is only set if a branch or tag is available for the event type. The ref given is fully-formed, meaning that for branches the format is `refs/heads/`. For pull request events except `pull_request_target` that were not merged, it is `refs/pull//merge`. `pull_request_target` events have the `ref` from the base branch. For tags it is `refs/tags/`. For example, `refs/heads/feature-branch-1`. For more information about pull request merge branches, see [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests#pull-request-refs-and-merge-branches). diff --git a/src/content-render/index.ts b/src/content-render/index.ts index 8cfd7771b05d..6591d079c024 100644 --- a/src/content-render/index.ts +++ b/src/content-render/index.ts @@ -38,9 +38,12 @@ export async function renderContent( try { template = await renderLiquid(template, context) if (context.markdownRequested) { - const md = await renderMarkdown(template, context) - - return md + // Skip the remark pipeline when there are no internal links to rewrite, + // since link rewriting is the only transformation the pipeline performs. + if (!/\]\(\s* p.pageVersion === version) @@ -178,18 +190,12 @@ async function checkVersion( totalPagesChecked++ - // Create context for rendering - const context: Context = { - currentVersion: version, - currentLanguage: language, - currentVersionObj: versionObj, - page, - pages: pageMap, - redirects, - } as Context + // Mutate the page property in place — safe because the loop is sequential (each iteration + // awaits before the next begins), so there is no concurrent access to baseContext. + baseContext.page = page // Get links from rendered page - const links = await getLinksFromRenderedPage(page, permalink, context) + const links = await getLinksFromRenderedPage(page, permalink, baseContext) totalLinksChecked += links.length // Check each link @@ -233,7 +239,7 @@ async function checkVersion( // Check anchors if enabled if (options.checkAnchors) { - const anchorFlaws = await checkAnchorsOnPage(page, permalink, context) + const anchorFlaws = await checkAnchorsOnPage(page, permalink, baseContext) brokenLinks.push(...anchorFlaws) } diff --git a/src/rest/data/fpt-2022-11-28/dependency-graph.json b/src/rest/data/fpt-2022-11-28/dependency-graph.json index 70fb8a8018b7..90607a62640a 100644 --- a/src/rest/data/fpt-2022-11-28/dependency-graph.json +++ b/src/rest/data/fpt-2022-11-28/dependency-graph.json @@ -836,6 +836,177 @@ ], "allowsPublicRead": true } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/fetch-report/{sbom_uuid}", + "title": "Fetch a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "sbom_uuid", + "in": "path", + "required": true, + "description": "

The unique identifier of the SBOM export.

", + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Fetches a previously generated software bill of materials (SBOM) for a repository.\nWhen the SBOM is ready, the response is a 302 redirect to a temporary download URL for the SBOM in SPDX JSON format.\nThe generated SBOM report may be retained for up to one week from the original request.\nThe temporary download URL returned by this endpoint expires separately, and its expiry is set when the fetch request is made.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "sbom_uuid": "SBOM_UUID" + } + }, + "response": { + "statusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + }, + { + "httpStatusCode": "302", + "description": "

Redirects to a temporary download URL for the completed SBOM.

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/generate-report", + "title": "Request generation of a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Triggers a job to generate a software bill of materials (SBOM) for a repository in SPDX JSON format.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": { + "sbom_url": "https://api.github.com/repos/github/example/dependency-graph/sbom/fetch-report/4bab1a7e-da63-4828-9488-44e0e01a7c1b" + }, + "schema": { + "type": "object", + "properties": { + "sbom_url": { + "type": "string", + "description": "URL to poll for the SBOM export result." + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } } ] } \ No newline at end of file diff --git a/src/rest/data/fpt-2026-03-10/dependency-graph.json b/src/rest/data/fpt-2026-03-10/dependency-graph.json index 70fb8a8018b7..90607a62640a 100644 --- a/src/rest/data/fpt-2026-03-10/dependency-graph.json +++ b/src/rest/data/fpt-2026-03-10/dependency-graph.json @@ -836,6 +836,177 @@ ], "allowsPublicRead": true } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/fetch-report/{sbom_uuid}", + "title": "Fetch a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "sbom_uuid", + "in": "path", + "required": true, + "description": "

The unique identifier of the SBOM export.

", + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Fetches a previously generated software bill of materials (SBOM) for a repository.\nWhen the SBOM is ready, the response is a 302 redirect to a temporary download URL for the SBOM in SPDX JSON format.\nThe generated SBOM report may be retained for up to one week from the original request.\nThe temporary download URL returned by this endpoint expires separately, and its expiry is set when the fetch request is made.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "sbom_uuid": "SBOM_UUID" + } + }, + "response": { + "statusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + }, + { + "httpStatusCode": "302", + "description": "

Redirects to a temporary download URL for the completed SBOM.

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/generate-report", + "title": "Request generation of a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Triggers a job to generate a software bill of materials (SBOM) for a repository in SPDX JSON format.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": { + "sbom_url": "https://api.github.com/repos/github/example/dependency-graph/sbom/fetch-report/4bab1a7e-da63-4828-9488-44e0e01a7c1b" + }, + "schema": { + "type": "object", + "properties": { + "sbom_url": { + "type": "string", + "description": "URL to poll for the SBOM export result." + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } } ] } \ No newline at end of file diff --git a/src/rest/data/ghec-2022-11-28/dependency-graph.json b/src/rest/data/ghec-2022-11-28/dependency-graph.json index 70fb8a8018b7..90607a62640a 100644 --- a/src/rest/data/ghec-2022-11-28/dependency-graph.json +++ b/src/rest/data/ghec-2022-11-28/dependency-graph.json @@ -836,6 +836,177 @@ ], "allowsPublicRead": true } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/fetch-report/{sbom_uuid}", + "title": "Fetch a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "sbom_uuid", + "in": "path", + "required": true, + "description": "

The unique identifier of the SBOM export.

", + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Fetches a previously generated software bill of materials (SBOM) for a repository.\nWhen the SBOM is ready, the response is a 302 redirect to a temporary download URL for the SBOM in SPDX JSON format.\nThe generated SBOM report may be retained for up to one week from the original request.\nThe temporary download URL returned by this endpoint expires separately, and its expiry is set when the fetch request is made.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "sbom_uuid": "SBOM_UUID" + } + }, + "response": { + "statusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + }, + { + "httpStatusCode": "302", + "description": "

Redirects to a temporary download URL for the completed SBOM.

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/generate-report", + "title": "Request generation of a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Triggers a job to generate a software bill of materials (SBOM) for a repository in SPDX JSON format.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": { + "sbom_url": "https://api.github.com/repos/github/example/dependency-graph/sbom/fetch-report/4bab1a7e-da63-4828-9488-44e0e01a7c1b" + }, + "schema": { + "type": "object", + "properties": { + "sbom_url": { + "type": "string", + "description": "URL to poll for the SBOM export result." + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } } ] } \ No newline at end of file diff --git a/src/rest/data/ghec-2026-03-10/dependency-graph.json b/src/rest/data/ghec-2026-03-10/dependency-graph.json index 70fb8a8018b7..90607a62640a 100644 --- a/src/rest/data/ghec-2026-03-10/dependency-graph.json +++ b/src/rest/data/ghec-2026-03-10/dependency-graph.json @@ -836,6 +836,177 @@ ], "allowsPublicRead": true } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/fetch-report/{sbom_uuid}", + "title": "Fetch a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "sbom_uuid", + "in": "path", + "required": true, + "description": "

The unique identifier of the SBOM export.

", + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Fetches a previously generated software bill of materials (SBOM) for a repository.\nWhen the SBOM is ready, the response is a 302 redirect to a temporary download URL for the SBOM in SPDX JSON format.\nThe generated SBOM report may be retained for up to one week from the original request.\nThe temporary download URL returned by this endpoint expires separately, and its expiry is set when the fetch request is made.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "sbom_uuid": "SBOM_UUID" + } + }, + "response": { + "statusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "202", + "description": "

SBOM is still being processed, no content is returned.

" + }, + { + "httpStatusCode": "302", + "description": "

Redirects to a temporary download URL for the completed SBOM.

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/dependency-graph/sbom/generate-report", + "title": "Request generation of a software bill of materials (SBOM) for a repository.", + "category": "dependency-graph", + "subcategory": "sboms", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Triggers a job to generate a software bill of materials (SBOM) for a repository in SPDX JSON format.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": { + "sbom_url": "https://api.github.com/repos/github/example/dependency-graph/sbom/fetch-report/4bab1a7e-da63-4828-9488-44e0e01a7c1b" + }, + "schema": { + "type": "object", + "properties": { + "sbom_url": { + "type": "string", + "description": "URL to poll for the SBOM export result." + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + }, + { + "httpStatusCode": "403", + "description": "

Forbidden

" + }, + { + "httpStatusCode": "404", + "description": "

Resource not found

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Contents\" repository permissions": "read" + } + ], + "allowsPublicRead": true + } } ] } \ No newline at end of file diff --git a/src/rest/lib/config.json b/src/rest/lib/config.json index b43b3c705a5e..b27d8b92644e 100644 --- a/src/rest/lib/config.json +++ b/src/rest/lib/config.json @@ -55,5 +55,5 @@ ] } }, - "sha": "e6a345665a64530821d4ebcd07e7805a0cdeff09" + "sha": "b8cc3c7e6d2050e2e0feb03abf5f32c17e2f964f" } \ No newline at end of file diff --git a/src/versions/middleware/features.ts b/src/versions/middleware/features.ts index 7467a847d313..5870e701477e 100644 --- a/src/versions/middleware/features.ts +++ b/src/versions/middleware/features.ts @@ -26,8 +26,8 @@ type FeatureVersions = { let allFeatures: Record -const cache = new Map() -function getFeaturesByVersion(currentVersion: string): Record { +const cache = new Map>() +export function getFeaturesByVersion(currentVersion: string): Record { if (!cache.has(currentVersion)) { if (!allFeatures) { // As of Oct 2022, the `data/features/**` reading is *not* JIT. @@ -55,5 +55,5 @@ function getFeaturesByVersion(currentVersion: string): Record { cache.set(currentVersion, featureFlags) } - return cache.get(currentVersion) + return cache.get(currentVersion) as Record } diff --git a/src/webhooks/lib/config.json b/src/webhooks/lib/config.json index 2180c6b1b980..930fb912056b 100644 --- a/src/webhooks/lib/config.json +++ b/src/webhooks/lib/config.json @@ -1,3 +1,3 @@ { - "sha": "e6a345665a64530821d4ebcd07e7805a0cdeff09" + "sha": "b8cc3c7e6d2050e2e0feb03abf5f32c17e2f964f" } \ No newline at end of file