Merge pull request github#7705 from github/repo-sync

repo sync

lib/rest/static/decorated/ghes-3.1.json

@@ -46697,7 +46697,7 @@
       }
     ],
     "summary": "Get a code scanning analysis for a repository",
-    "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\nFor an example response, see \"[Custom media type for code scanning](#custom-media-type-for-code-scanning).\"\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
+    "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
     "operationId": "code-scanning/get-analysis",
     "tags": [
       "code-scanning"
@@ -46717,7 +46717,7 @@
     "categoryLabel": "Code scanning",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Gets a specified code scanning analysis for a repository.\nYou must use an access token with the <code>security_events</code> scope to use this endpoint.\nGitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>\n<p>The default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.</p>\n<p>The <code>rules_count</code> field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand <code>0</code> is returned in this field.</p>\n<p>If you use the Accept header <code>application/sarif+json</code>,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n<a href=\"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html\">SARIF version 2.1.0</a>.\nFor an example response, see \"<a href=\"#custom-media-type-for-code-scanning\">Custom media type for code scanning</a>.\"</p>\n<p><strong>Deprecation notice</strong>:\nThe <code>tool_name</code> field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the <code>tool</code> field.</p>",
+    "descriptionHTML": "<p>Gets a specified code scanning analysis for a repository.\nYou must use an access token with the <code>security_events</code> scope to use this endpoint.\nGitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>\n<p>The default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.</p>\n<p>The <code>rules_count</code> field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand <code>0</code> is returned in this field.</p>\n<p>If you use the Accept header <code>application/sarif+json</code>,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n<a href=\"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html\">SARIF version 2.1.0</a>.</p>\n<p><strong>Deprecation notice</strong>:\nThe <code>tool_name</code> field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the <code>tool</code> field.</p>",
     "responses": [
       {
         "httpStatusCode": "200",

lib/rest/static/decorated/github.ae.json

@@ -39230,7 +39230,7 @@
       }
     ],
     "summary": "Get a code scanning analysis for a repository",
-    "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\nFor an example response, see \"[Custom media type for code scanning](#custom-media-type-for-code-scanning).\"\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
+    "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
     "operationId": "code-scanning/get-analysis",
     "tags": [
       "code-scanning"
@@ -39250,7 +39250,7 @@
     "categoryLabel": "Code scanning",
     "notes": [],
     "bodyParameters": [],
-    "descriptionHTML": "<p>Gets a specified code scanning analysis for a repository.\nYou must use an access token with the <code>security_events</code> scope to use this endpoint.\nGitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>\n<p>The default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.</p>\n<p>The <code>rules_count</code> field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand <code>0</code> is returned in this field.</p>\n<p>If you use the Accept header <code>application/sarif+json</code>,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n<a href=\"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html\">SARIF version 2.1.0</a>.\nFor an example response, see \"<a href=\"#custom-media-type-for-code-scanning\">Custom media type for code scanning</a>.\"</p>\n<p><strong>Deprecation notice</strong>:\nThe <code>tool_name</code> field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the <code>tool</code> field.</p>",
+    "descriptionHTML": "<p>Gets a specified code scanning analysis for a repository.\nYou must use an access token with the <code>security_events</code> scope to use this endpoint.\nGitHub Apps must have the <code>security_events</code> read permission to use this endpoint.</p>\n<p>The default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.</p>\n<p>The <code>rules_count</code> field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand <code>0</code> is returned in this field.</p>\n<p>If you use the Accept header <code>application/sarif+json</code>,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n<a href=\"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html\">SARIF version 2.1.0</a>.</p>\n<p><strong>Deprecation notice</strong>:\nThe <code>tool_name</code> field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the <code>tool</code> field.</p>",
     "responses": [
       {
         "httpStatusCode": "200",

lib/rest/static/dereferenced/api.github.com.deref.json

@@ -116289,12 +116289,22 @@
                   },
                   "security_and_analysis": {
                     "type": "object",
-                    "description": "Specify which security and analysis features to enable or disable.",
+                    "description": "Specify which security and analysis features to enable or disable. For example, to enable GitHub Advanced Security, use this data in the body of the PATCH request: `{\"security_and_analysis\": {\"advanced_security\": {\"status\": \"enabled\"}}}`. If you have admin permissions for a private repository covered by an Advanced Security license, you can check which security and analysis features are currently enabled by using a `GET /repos/{owner}/{repo}` request.",
                     "nullable": true,
                     "properties": {
                       "advanced_security": {
                         "type": "object",
-                        "description": "Use the `status` property to enable or disable GitHub Advanced Security for this repository. For more information, see \"[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security).\" If you're an admin user for a repository covered by an Advanced Security license, you can check whether Advanced Security is currently enabled by using a `GET /repos/{owner}/{repo}` request.",
+                        "description": "Use the `status` property to enable or disable GitHub Advanced Security for this repository. For more information, see \"[About GitHub Advanced Security](/github/getting-started-with-github/learning-about-github/about-github-advanced-security).\"",
+                        "properties": {
+                          "status": {
+                            "type": "string",
+                            "description": "Can be `enabled` or `disabled`."
+                          }
+                        }
+                      },
+                      "secret_scanning": {
+                        "type": "object",
+                        "description": "Use the `status` property to enable or disable secret scanning for this repository. For more information, see \"[About secret scanning](/code-security/secret-security/about-secret-scanning).\"",
                         "properties": {
                           "status": {
                             "type": "string",
@@ -171893,7 +171903,7 @@
     "/repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}": {
       "get": {
         "summary": "Get a code scanning analysis for a repository",
-        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\nFor an example response, see \"[Custom media type for code scanning](#custom-media-type-for-code-scanning).\"\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
+        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
         "operationId": "code-scanning/get-analysis",
         "tags": [
           "code-scanning"

lib/rest/static/dereferenced/ghes-3.1.deref.json

@@ -160614,7 +160614,7 @@
     "/repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}": {
       "get": {
         "summary": "Get a code scanning analysis for a repository",
-        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\nFor an example response, see \"[Custom media type for code scanning](#custom-media-type-for-code-scanning).\"\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
+        "description": "Gets a specified code scanning analysis for a repository.\nYou must use an access token with the `security_events` scope to use this endpoint.\nGitHub Apps must have the `security_events` read permission to use this endpoint.\n\nThe default JSON response contains fields that describe the analysis.\nThis includes the Git reference and commit SHA to which the analysis relates,\nthe datetime of the analysis, the name of the code scanning tool,\nand the number of alerts.\n\nThe `rules_count` field in the default response give the number of rules\nthat were run in the analysis.\nFor very old analyses this data is not available,\nand `0` is returned in this field.\n\nIf you use the Accept header `application/sarif+json`,\nthe response contains the analysis data that was uploaded.\nThis is formatted as\n[SARIF version 2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html).\n\n**Deprecation notice**:\nThe `tool_name` field is deprecated and will, in future, not be included in the response for this endpoint. The example response reflects this change. The tool name can now be found inside the `tool` field.",
         "operationId": "code-scanning/get-analysis",
         "tags": [
           "code-scanning"