diff --git a/content/account-and-profile/concepts/personal-profile.md b/content/account-and-profile/concepts/personal-profile.md index b8df38d62281..21810f3682dc 100644 --- a/content/account-and-profile/concepts/personal-profile.md +++ b/content/account-and-profile/concepts/personal-profile.md @@ -54,7 +54,7 @@ To hide parts of your profile page, you can make your profile private. This also After making your profile private, you can still view all your information when you visit your own profile. -For more information, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-github-profile/customizing-your-profile/setting-your-profile-to-private). +For more information, see [AUTOTITLE](/account-and-profile/how-tos/profile-customization/setting-your-profile-to-private). ### Differences between private and public profiles @@ -91,5 +91,5 @@ You can control the visibility of specific profile elements or set your entire p ## Next steps * For a general tutorial on personalizing your profile, see [AUTOTITLE](/account-and-profile/tutorials/personalize-your-profile). -* For more specific profile customization, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-github-profile). +* For more specific profile customization, see [AUTOTITLE](/account-and-profile/how-tos). * For reference information, see [AUTOTITLE](/account-and-profile/reference/profile-reference). diff --git a/content/account-and-profile/get-started/account.md b/content/account-and-profile/get-started/account.md index 423c27bf404f..50c8f9077ebe 100644 --- a/content/account-and-profile/get-started/account.md +++ b/content/account-and-profile/get-started/account.md @@ -25,10 +25,10 @@ If you're a member of an {% data variables.enterprise.prodname_emu_enterprise %} ## Next steps -* For conceptual information about accounts, see [AUTOTITLE](/account-and-profile/concepts/personal-account-management). +* For conceptual information about accounts, see [AUTOTITLE](/account-and-profile/concepts/account-management). * For information about managing your account, see [AUTOTITLE](/account-and-profile/how-tos/setting-up-and-managing-your-personal-account-on-github). * For reference information, see [AUTOTITLE](/account-and-profile/reference/personal-account-reference). {%- ifversion ghec %} * For information about {% data variables.enterprise.prodname_managed_users %}, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users). -* For information about managing multiple accounts, see [AUTOTITLE](/account-and-profile/concepts/personal-account-management#about-management-of-multiple-accounts). +* For information about managing multiple accounts, see [AUTOTITLE](/account-and-profile/concepts/account-management#about-management-of-multiple-accounts). {%- endif %} diff --git a/content/account-and-profile/how-tos/contribution-settings/viewing-contributions-on-your-profile.md b/content/account-and-profile/how-tos/contribution-settings/viewing-contributions-on-your-profile.md index 13d502596809..2fe561526db4 100644 --- a/content/account-and-profile/how-tos/contribution-settings/viewing-contributions-on-your-profile.md +++ b/content/account-and-profile/how-tos/contribution-settings/viewing-contributions-on-your-profile.md @@ -22,7 +22,7 @@ category: ## Prerequisites -Before you view contributions on your profile, you should understand what counts as a contribution, and what other information your profile displays. See [AUTOTITLE](/account-and-profile/concepts/contributions-visible-on-your-profile). +Before you view contributions on your profile, you should understand what counts as a contribution, and what other information your profile displays. See [AUTOTITLE](/account-and-profile/concepts/contributions-on-your-profile). ## Viewing contributions in a specific time range diff --git a/content/account-and-profile/how-tos/profile-customization/setting-your-profile-to-private.md b/content/account-and-profile/how-tos/profile-customization/setting-your-profile-to-private.md index 89c4951e9dfc..506a3bb83308 100644 --- a/content/account-and-profile/how-tos/profile-customization/setting-your-profile-to-private.md +++ b/content/account-and-profile/how-tos/profile-customization/setting-your-profile-to-private.md @@ -21,5 +21,5 @@ category: ## Next steps -* For more information about private profiles, see [AUTOTITLE](/account-and-profile/concepts/about-your-profile#private-profiles). +* For more information about private profiles, see [AUTOTITLE](/account-and-profile/concepts/personal-profile#private-profiles). * For reference information, see [AUTOTITLE](/account-and-profile/reference/profile-reference#limitations-of-private-profiles). diff --git a/content/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md b/content/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md index 3b9058958383..a38f8124df53 100644 --- a/content/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md +++ b/content/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens.md @@ -208,6 +208,9 @@ Repository permissions work for both user and organization resource owners. | `artifact_metadata` | Artifact Metadata | `read`, `write` | | {% endif %} | | `attestations` | Attestations | `read`, `write` | +| {% ifversion code-quality %} | +| `code_quality` | Code quality | `read`, `write` | +| {% endif %} | | `security_events` | Code scanning alerts | `read`, `write` | | `codespaces` | Codespaces | `read`, `write` | | `codespaces_lifecycle_admin` | Codespaces lifecycle admin | `read`, `write` | diff --git a/content/billing/concepts/product-billing/github-codespaces.md b/content/billing/concepts/product-billing/github-codespaces.md index 9930b2ab4d80..b713f0dd7c23 100644 --- a/content/billing/concepts/product-billing/github-codespaces.md +++ b/content/billing/concepts/product-billing/github-codespaces.md @@ -35,6 +35,11 @@ In addition, any prebuilt codespaces are generated using actions minutes, see [A The compute time for a codespace is the length of time for which that codespace is active. Total use of compute time for each processor type is calculated by summing the time used by all codespaces billable to a particular account. These totals are reported to the billing service every hour, and are billed monthly. +* **Compute time:** Your included compute hours reset to the full amount at the start of each billing cycle. Compute usage is charged to the account that owns the codespace. +* **Storage:** Storage charges accumulate throughout the month based on hourly usage. Your accrued storage charges reset to zero at the start of each billing cycle. + +For more information about billing cycles, see [AUTOTITLE](/billing/concepts/billing-cycles). + ### Storage volume for codespaces Storage is a time-based measurement of the amount of storage used in GB-hours. The storage measured for codespaces includes: diff --git a/content/billing/how-tos/set-up-payment/manage-payment-info.md b/content/billing/how-tos/set-up-payment/manage-payment-info.md index 2db5d355894a..6129ea66cdc3 100644 --- a/content/billing/how-tos/set-up-payment/manage-payment-info.md +++ b/content/billing/how-tos/set-up-payment/manage-payment-info.md @@ -24,7 +24,7 @@ category: - Set up payment --- -The payment methods available depend on your account type. Enterprise and organization accounts have more payment options than personal accounts. Invoiced enterprise accounts make their payments using other methods. For more information, see [AUTOTITLE](/billing/reference/supported-payment-methods). +The payment methods available depend on your account type. Enterprise and organization accounts have more payment options than personal accounts. Invoiced enterprise accounts make their payments using other methods. For more information, see [AUTOTITLE](/billing/reference/payment-methods). ## Managing payment information diff --git a/content/billing/reference/index.md b/content/billing/reference/index.md index d6a0bbf9bac3..9b1228245a4b 100644 --- a/content/billing/reference/index.md +++ b/content/billing/reference/index.md @@ -20,6 +20,6 @@ children: - /product-and-sku-names - /product-usage-included - /roles-for-visual-studio - - /supported-payment-methods + - /payment-methods contentType: reference --- diff --git a/content/billing/reference/payment-methods.md b/content/billing/reference/payment-methods.md new file mode 100644 index 000000000000..6b3ae47fda09 --- /dev/null +++ b/content/billing/reference/payment-methods.md @@ -0,0 +1,41 @@ +--- +title: Payment methods +shortTitle: Payment methods +intro: 'Reference information for supported payment methods for {% data variables.product.github %}.' +versions: + fpt: '*' + ghec: '*' + ghes: '*' +contentType: reference +category: + - Set up payment +redirect_from: + - /billing/reference/supported-payment-methods +--- + +The payment methods available to you depend on your account type and the products you use. + +## Self-serve accounts + +Self-serve accounts can use the following payment methods: + +* Credit card +* PayPal +* Azure Subscription ID (not personal accounts) + +## Invoiced accounts + +Invoiced accounts can use different payment methods for volume-licensed products (such as {% data variables.product.prodname_ghe_cloud %} and {% data variables.product.prodname_GH_advanced_security %}) and metered products (such as {% data variables.product.prodname_github_codespaces %}). You can combine payment methods for different product types. For example, you can use invoice for volume products and Azure Subscription ID for metered products. + +| Payment method | Volume products | Metered products | +|---|---|---| +| Credit card | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | +| PayPal | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | +| Azure Subscription ID | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | +| Invoice | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | +| Prepaid credits | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | +| Purchase order | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | +| ACH | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | + +> [!NOTE] +> For purchase orders, contact [{% data variables.product.github %}'s Sales team](https://github.com/enterprise/contact?scid=&utm_campaign=2023q3-site-ww-PremiumSupport&utm_content=Premium+Support&utm_medium=referral&utm_source=github). diff --git a/content/billing/reference/supported-payment-methods.md b/content/billing/reference/supported-payment-methods.md deleted file mode 100644 index bdf96ea2797a..000000000000 --- a/content/billing/reference/supported-payment-methods.md +++ /dev/null @@ -1,69 +0,0 @@ ---- -title: Supported payment methods for GitHub -intro: 'Reference information detailing the supported payment methods for {% data variables.product.github %}.' -versions: - fpt: '*' - ghec: '*' - ghes: '*' -shortTitle: Supported payment methods -contentType: reference -category: - - Set up payment ---- - -## Metered or usage-based billing options - -> [!NOTE] -> Prepaid credit/debit cards are not accepted as a valid form of payment. - -The supported payment methods for metered billing: - -* Invoice – Managed accounts only -* Credit card – Unmanaged accounts, or as a nonrecurring method for managed accounts -* PayPal – Unmanaged accounts, or as a nonrecurring method for managed accounts -* Azure Subscription ID – Not available for personal accounts -* Automated Clearing House (ACH) – Managed accounts only - -Accounts with volume licenses and metered billing can use multiple payment methods. - -* For unmanaged accounts, you might pay for volume licenses with a credit card or PayPal, and metered usage with an Azure Subscription ID. -* For managed accounts, you might pay for volume licenses via invoice, and metered usage via Azure Subscription ID. - -{% data variables.product.prodname_copilot_short %} standalone accounts, which traditionally used Azure Subscription IDs, can now also pay by credit card. Contact your {% data variables.product.github %} representative for details. - -## Unsupported Azure subscription types - -The following Azure subscription types cannot be used as a payment method for {% data variables.product.github %}: - -| Quota ID | Offer number(s) | -|---|---| -| `FreeTrial_2014-09-01` | MS-AZR-0044P | -| `AzureForStudents_2018-01-01` | MS-AZR-0170P | -| `DreamSpark_2015-02-01` | MS-AZR-0144P | -| `AzurePass_2014-09-01` | MS-AZR-0120P, MS-AZR-0122P–MS-AZR-0125P, MS-AZR-0128P–MS-AZR-0130P | -| `PayAsYouGo_2014-09-01` | MS-AZR-0017G | -| `Sponsored_2016-01-01` | MS-AZR-0036P | - -{% ifversion fpt or ghec %} - -## Usage-based billing availability - -{% data variables.product.github %} provides usage-based billing for the following products. - -* {% data variables.product.prodname_actions %}, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions) -* {% data variables.product.prodname_github_codespaces %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-codespaces/about-billing-for-github-codespaces) -* {% data variables.product.prodname_registry %}, see [AUTOTITLE](/billing/managing-billing-for-github-packages/about-billing-for-github-packages) -* {% data variables.large_files.product_name_long %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-git-large-file-storage/about-billing-for-git-large-file-storage) - -In addition, usage-based billing is available for the following licenses: - -* {% data variables.product.prodname_enterprise %}, see [AUTOTITLE](/billing/managing-your-billing/about-billing-for-your-enterprise) -* {% data variables.product.prodname_copilot %}, see [AUTOTITLE](/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot) -* {% data variables.product.prodname_GHAS %}, see [AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security) - -For information about controlling spending, see [AUTOTITLE](/billing/managing-your-billing/using-budgets-control-spending). - -> [!NOTE] -> Prepaid usage is not currently available for usage-based billing through Azure. - -{% endif %} diff --git a/content/code-security/reference/secret-security/supported-secret-scanning-patterns.md b/content/code-security/reference/secret-security/supported-secret-scanning-patterns.md index 2f930226c774..5a5e677b4673 100644 --- a/content/code-security/reference/secret-security/supported-secret-scanning-patterns.md +++ b/content/code-security/reference/secret-security/supported-secret-scanning-patterns.md @@ -109,11 +109,7 @@ Precision levels are estimated based on the pattern type's typical false positiv >[!NOTE] Push protection and validity checks are not supported for passwords. {% endif %} -<<<<<<< HEAD -### Default patterns -======= ## Supported provider patterns ->>>>>>> origin/main Use the table below to search, filter, and browse all supported patterns. You can filter by provider name, push protection support, validity checks, and more. diff --git a/content/copilot/concepts/mcp-management.md b/content/copilot/concepts/mcp-management.md index 1f47d082dcbd..7a7517115f97 100644 --- a/content/copilot/concepts/mcp-management.md +++ b/content/copilot/concepts/mcp-management.md @@ -10,7 +10,7 @@ category: - Manage Copilot for a team --- -You can manage Model Context Protocol (MCP) server usage in your organization or enterprise by configuring a series of MCP policies on {% data variables.product.prodname_dotcom_the_website %}. Through these policies, you can allow or block MCP server usage entirely, or restrict access to a list of servers that you define in an MCP registry. +You can manage Model Context Protocol (MCP) server usage in your organization or enterprise by configuring a series of MCP policies on {% data variables.product.prodname_dotcom_the_website %}. Through these policies, you can allow or block MCP server usage entirely, or restrict access to a list of servers that you define in an MCP registry. These policies apply to supported IDEs and {% data variables.copilot.copilot_cli_short %}. ## MCP registries diff --git a/content/copilot/get-started/resources-for-approval.md b/content/copilot/get-started/resources-for-approval.md index 795dc761d159..bcc7be7c3872 100644 --- a/content/copilot/get-started/resources-for-approval.md +++ b/content/copilot/get-started/resources-for-approval.md @@ -68,7 +68,3 @@ Even if you're only using {% data variables.product.github %} to grant access to ## Further questions If teams have questions that aren't addressed by these resources, contact your account manager or {% data variables.contact.contact_enterprise_sales %}. - -## Next steps - -Once teams have signed off on {% data variables.product.prodname_copilot_short %}, you can choose a plan for your enterprise. See [AUTOTITLE](/copilot/get-started/choose-enterprise-plan). diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-access/grant-access.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-access/grant-access.md index 126e858764f7..b6bce54b19f9 100644 --- a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-access/grant-access.md +++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-access/grant-access.md @@ -62,11 +62,4 @@ If your enterprise has a {% data variables.copilot.copilot_enterprise_short %} p * If your enterprise has a {% data variables.copilot.copilot_business_short %} plan, click **Enabled**. * If your enterprise has a {% data variables.copilot.copilot_enterprise_short %} plan, click either **Copilot: Enterprise** or **Copilot: Business** to assign a specific Copilot plan to the organization. -### Next steps - After you've enabled {% data variables.product.prodname_copilot_short %} for an organization in your enterprise, owners of the organization can grant access to some or all members of the organization. See [AUTOTITLE](/copilot/managing-github-copilot-in-your-organization/managing-access-for-copilot-business-in-your-organization). - -## Further reading - -* [AUTOTITLE](/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot) -* [AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-policies-and-features-for-copilot-in-your-enterprise) diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/monitor-agentic-activity.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/monitor-agentic-activity.md index a03d8e0bbf2a..1f70d8ef74b1 100644 --- a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/monitor-agentic-activity.md +++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/monitor-agentic-activity.md @@ -23,6 +23,4 @@ category: {% data reusables.enterprise-accounts.ai-controls-tab %} 1. To see a list of agentic activity in your enterprise over the last 180 days, at the bottom of the page, click {% octicon "log" aria-hidden="true" aria-label="log" %} **Audit logs**. -## Next steps - For help interpreting the audit log events for agentic activity, see [AUTOTITLE](/copilot/reference/agentic-audit-log-events). diff --git a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/review-audit-logs.md b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/review-audit-logs.md index 7944bde690f1..633c07f3d043 100644 --- a/content/copilot/how-tos/administer-copilot/manage-for-enterprise/review-audit-logs.md +++ b/content/copilot/how-tos/administer-copilot/manage-for-enterprise/review-audit-logs.md @@ -49,7 +49,3 @@ To view a record of agent activity, use the `actor:Copilot` search term. See [AU ## Retaining audit log history The audit log retains events for the last 180 days. We recommend streaming the audit log to a Security Information and Event Management (SIEM) platform, where you can view long-term history and set up alerts for anomalous activity. See [AUTOTITLE](/enterprise-cloud@latest/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise). - -## Further reading - -* [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization) diff --git a/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-registry.md b/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-registry.md index 8baf6cd910bc..2740d1f79634 100644 --- a/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-registry.md +++ b/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-registry.md @@ -41,9 +41,9 @@ For more details and example JSON responses to requests, see the [Official MCP R #### Support for the v0.1 specification -While the MCP registry launched using the v0 specification, that version is now considered unstable and should not be implemented. Instead, create your registry according to the v0.1 specification, which is supported in the following IDEs: +While the MCP registry launched using the v0 specification, that version is now considered unstable and should not be implemented. Instead, create your registry according to the v0.1 specification, which is supported in the following surfaces: -| IDE | v0.1 support | +| Surface | v0.1 support | | ---------------------- | ----------------- | | {% data variables.product.prodname_vscode_shortname %} Insiders | {% octicon "check" aria-label="Supported" %} | | {% data variables.product.prodname_vscode_shortname %} | {% octicon "check" aria-label="Supported" %} | @@ -51,6 +51,7 @@ While the MCP registry launched using the v0 specification, that version is now | Eclipse | {% octicon "check" aria-label="Supported" %} | | JetBrains IDEs | {% octicon "check" aria-label="Supported" %} | | Xcode | {% octicon "check" aria-label="Supported" %} | +| {% data variables.copilot.copilot_cli_short %} | {% octicon "check" aria-label="Supported" %} | ### Cross-Origin Resource Sharing requirements diff --git a/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-server-access.md b/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-server-access.md index a9cfb7cb7363..78cd4e1b9f4b 100644 --- a/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-server-access.md +++ b/content/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-server-access.md @@ -1,6 +1,6 @@ --- title: Configure MCP server access for your organization or enterprise -intro: You can configure an MCP registry URL and access control policy to determine which MCP servers developers can discover and use in supported IDEs with {% data variables.product.prodname_copilot %}. +intro: You can configure an MCP registry URL and access control policy to determine which MCP servers developers can discover and use in supported IDEs and {% data variables.copilot.copilot_cli_short %}. permissions: Enterprise owners and organization owners product: '{% data variables.copilot.copilot_enterprise_short %} or {% data variables.copilot.copilot_business_short %}' versions: diff --git a/content/copilot/how-tos/copilot-cli/administer-copilot-cli-for-your-enterprise.md b/content/copilot/how-tos/copilot-cli/administer-copilot-cli-for-your-enterprise.md index 857d2561c6db..6dc4ee6be073 100644 --- a/content/copilot/how-tos/copilot-cli/administer-copilot-cli-for-your-enterprise.md +++ b/content/copilot/how-tos/copilot-cli/administer-copilot-cli-for-your-enterprise.md @@ -4,6 +4,7 @@ shortTitle: Administer for enterprise intro: 'Control the use of {% data variables.copilot.copilot_cli_short %} within your enterprise.' versions: feature: copilot +permissions: Enterprise owners and AI managers contentType: how-tos allowTitleToDifferFromFilename: true category: @@ -15,7 +16,7 @@ docsTeamMetrics: ## Enabling or disabling {% data variables.copilot.copilot_cli_short %} -**Enterprise owners** can control the use of {% data variables.copilot.copilot_cli_short %} by configuring a policy. +You can control the use of {% data variables.copilot.copilot_cli_short %} by configuring a policy. {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.ai-controls-tab %} @@ -38,6 +39,10 @@ Users can only access AI models that are enabled at the enterprise level. When y Enterprise-configured custom agents are available to use with {% data variables.copilot.copilot_cli_short %}. +### MCP server policies + +Enterprise and organization MCP policies apply to {% data variables.copilot.copilot_cli_short %}. You can configure an MCP registry URL so developers can discover approved servers, and set an allowlist policy to restrict which MCP servers can run. For more information, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-mcp-usage/configure-mcp-server-access). + ### {% data variables.copilot.copilot_cloud_agent %} enablement Both the {% data variables.copilot.copilot_cli_short %} policy and the {% data variables.copilot.copilot_cloud_agent %} policy must be enabled for users to be able to use the `/delegate` command in {% data variables.copilot.copilot_cli_short %}. @@ -54,7 +59,6 @@ Users must have an assigned {% data variables.product.prodname_copilot %} seat t All other controls do **not** affect {% data variables.copilot.copilot_cli_short %}, notably: -* **Model Context Protocol (MCP) server policies**: Enterprise policies that control whether MCP servers can be used, or which MCP registry servers are allowed * **IDE-specific policies**: Policies configured for specific IDEs or editor extensions * **Content exclusions**: File path-based content exclusions * **User-configured model providers (BYOK)**: Users can configure {% data variables.copilot.copilot_cli_short %} to use their own model providers via environment variables. This is configured at the _user level_ and cannot be controlled by enterprise policies. diff --git a/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md b/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md index a510eaf30769..b2807e1c71f9 100644 --- a/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md +++ b/content/copilot/how-tos/copilot-cli/customize-copilot/add-mcp-servers.md @@ -20,6 +20,8 @@ The Model Context Protocol (MCP) is an open standard that defines how applicatio > [!NOTE] > The {% data variables.product.github %} MCP server is built into {% data variables.copilot.copilot_cli_short %} and is already available without any additional configuration. The steps below are for adding other MCP servers. +If your organization or enterprise has configured a registry URL and allowlist policy, those settings apply to {% data variables.copilot.copilot_cli_short %}. The configured registry URL will appear as a discovery source, and only servers permitted by the allowlist policy can run. + You can add MCP servers using the interactive `/mcp add` command within the CLI, or by editing the configuration file directly. For installation instructions, available tools, and URLs for specific MCP servers, see the [{% data variables.product.github %} MCP Registry](https://github.com/mcp). diff --git a/content/copilot/how-tos/copilot-on-github/set-up-copilot/enable-copilot/set-up-for-enterprise.md b/content/copilot/how-tos/copilot-on-github/set-up-copilot/enable-copilot/set-up-for-enterprise.md index 51c6593e0886..b66fa941f06d 100644 --- a/content/copilot/how-tos/copilot-on-github/set-up-copilot/enable-copilot/set-up-for-enterprise.md +++ b/content/copilot/how-tos/copilot-on-github/set-up-copilot/enable-copilot/set-up-for-enterprise.md @@ -49,7 +49,3 @@ If your enterprise is on {% data variables.enterprise.data_residency_site %}, us {% data reusables.copilot.enterprise-licensing %} For instructions, see [AUTOTITLE](/copilot/managing-copilot/managing-copilot-for-your-enterprise/managing-access-to-copilot-in-your-enterprise/enabling-copilot-for-organizations-in-your-enterprise). - -## Next steps - -{% data reusables.copilot.setup-next-steps %} diff --git a/content/copilot/tutorials/cloud-agent/build-guardrails.md b/content/copilot/tutorials/cloud-agent/build-guardrails.md index 92ccbf7fc107..6b6290c5026c 100644 --- a/content/copilot/tutorials/cloud-agent/build-guardrails.md +++ b/content/copilot/tutorials/cloud-agent/build-guardrails.md @@ -72,7 +72,3 @@ Review the default permissions for the `GITHUB_TOKEN` in your enterprise. See [A This policy does **not** affect the token that {% data variables.product.prodname_copilot_short %} will receive for its sessions, but the `GITHUB_TOKEN` _is_ used in environment setup steps defined in `copilot-setup-steps.yml` workflow files. Bear in mind that developers will be able to set their own `permissions` in these workflow files, and you should encourage them to use the minimum required permissions in all workflows. - -## Next steps - -When you're ready to enable {% data variables.copilot.copilot_cloud_agent %}, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-agents/manage-copilot-coding-agent). diff --git a/content/copilot/tutorials/roll-out-at-scale/establish-ai-managers.md b/content/copilot/tutorials/roll-out-at-scale/establish-ai-managers.md index 898a7aba4c5c..aa39d2b751b9 100644 --- a/content/copilot/tutorials/roll-out-at-scale/establish-ai-managers.md +++ b/content/copilot/tutorials/roll-out-at-scale/establish-ai-managers.md @@ -69,9 +69,3 @@ If you have created a ruleset targeting {% data variables.copilot.agent_profiles 1. In the "Bypass list" section, select the {% octicon "plus" aria-hidden="true" aria-label="plus" %} **Add bypass** dropdown menu, then click your AI management team. 1. At the bottom of the page, click **Save changes**. - -## Next steps - -Now that you have established AI managers for your enterprise, help them customize and manage your enterprise's AI experience by sharing the following resources: -* [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-enterprise-policies) -* [AUTOTITLE](/copilot/how-tos/use-copilot-agents/cloud-agent/test-custom-agents) diff --git a/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md b/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md index ebbf56f7e46e..f309b56f9c18 100644 --- a/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md +++ b/content/copilot/tutorials/roll-out-at-scale/maintain-codebase-standards.md @@ -84,7 +84,3 @@ To prepare for these scenarios, you should plan for how you will address problem ## 7. Check code quality If you're confident in your governance model but still concerned that {% data variables.product.prodname_copilot_short %} will reduce the quality of your codebase over time, you can measure this over the course of a rollout. If enabled, {% data variables.product.prodname_code_quality %} provides metrics on the code health of your repositories. See [AUTOTITLE](/code-security/concepts/about-code-quality). - -## Next steps - -Understand how your enterprise can use the audit log to monitor changes to configuration settings and license assignment. See [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-organization/review-activity/review-audit-logs). diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md index da9ca1d5262a..c1219f22f97d 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/troubleshooting-identity-and-access-management-for-your-organization.md @@ -94,6 +94,18 @@ To confirm that a user's SCIM identity is created, we recommend testing this pro If re-provisioning SCIM for users doesn't help, please contact {% data variables.product.prodname_dotcom %} Support. +## Error: "A verified email address is required to invite members via email address" + +This error can occur during SCIM provisioning when the {% data variables.product.prodname_dotcom %} user account that authorized the SCIM integration does not have a verified email address. + +For organizations using supported SCIM IdPs, these types of integrations use an OAuth app. When you first configure the integration from the IdP admin portal, a {% data variables.product.prodname_dotcom %} user authorizes the OAuth app, and {% data variables.product.prodname_dotcom %} then performs all subsequent SCIM operations (including inviting new members) on behalf of that user. If that user's email address is no longer verified, SCIM provisioning calls for new users will fail with this error, while existing members remain unaffected. + +### Resolving the error + +1. Identify the {% data variables.product.prodname_dotcom %} user account that last authorized the SCIM integration. You can review `org.invite_member` events in your organization audit log to find the user account on whose behalf SCIM operations are performed. +1. Log into that {% data variables.product.prodname_dotcom %} user account and verify the email address associated with the account. Only one {% data variables.product.prodname_dotcom %} account can verify a particular email address at a time. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/verifying-your-email-address). +1. After you verify the email, retry the SCIM provisioning operation from your identity provider. + ## Conflicting SAML identity error {% data reusables.saml.conflicting-identity %} diff --git a/content/rest/actions/concurrency-groups.md b/content/rest/actions/concurrency-groups.md index 4dbedf35bba3..40c7c5ec849f 100644 --- a/content/rest/actions/concurrency-groups.md +++ b/content/rest/actions/concurrency-groups.md @@ -1,7 +1,9 @@ --- title: REST API endpoints for Actions concurrency groups shortTitle: Actions concurrency groups -intro: Use the REST API to view and manage concurrency groups for GitHub Actions workflows. +intro: >- + Use the REST API to view and manage concurrency groups for GitHub Actions + workflows. versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖 fpt: '*' ghec: '*' @@ -15,4 +17,4 @@ category: You can use the REST API to read the state of {% data variables.product.prodname_actions %} concurrency groups, which ensure that only a single job or workflow using the same group will run at a time while additional runs are pending or canceled depending on configuration. For more information, see [AUTOTITLE](/actions/using-jobs/using-concurrency). - \ No newline at end of file + diff --git a/content/rest/agents/index.md b/content/rest/agents/index.md new file mode 100644 index 000000000000..88cfa1e5ab07 --- /dev/null +++ b/content/rest/agents/index.md @@ -0,0 +1,12 @@ +--- +title: REST endpoints for agents +autogenerated: rest +allowTitleToDifferFromFilename: true +children: + - /secrets + - /variables +versions: + fpt: '*' + ghec: '*' +--- + diff --git a/content/rest/agents/secrets.md b/content/rest/agents/secrets.md new file mode 100644 index 000000000000..deeabf934030 --- /dev/null +++ b/content/rest/agents/secrets.md @@ -0,0 +1,12 @@ +--- +title: REST API endpoints for agent secrets +shortTitle: Secrets +intro: Use the REST API to manage secrets for agents. +versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖 + fpt: '*' + ghec: '*' +autogenerated: rest +allowTitleToDifferFromFilename: true +--- + + diff --git a/content/rest/agents/variables.md b/content/rest/agents/variables.md new file mode 100644 index 000000000000..a6d173d9447e --- /dev/null +++ b/content/rest/agents/variables.md @@ -0,0 +1,12 @@ +--- +title: REST API endpoints for variables +shortTitle: Variables +intro: Use the REST API to manage variables. +versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖 + fpt: '*' + ghec: '*' +autogenerated: rest +allowTitleToDifferFromFilename: true +--- + + diff --git a/content/rest/authentication/keeping-your-api-credentials-secure.md b/content/rest/authentication/keeping-your-api-credentials-secure.md index a13cb7f69135..4c883dd13062 100644 --- a/content/rest/authentication/keeping-your-api-credentials-secure.md +++ b/content/rest/authentication/keeping-your-api-credentials-secure.md @@ -57,6 +57,11 @@ Never hardcode authentication credentials like tokens, keys, or app-related secr If you find another user's {% data variables.product.pat_generic %} exposed on {% data variables.product.github %} or elsewhere, you can submit a revocation request through the REST API. See [AUTOTITLE](/rest/credentials/revoke#revoke-a-list-of-credentials). +{% ifversion ghec %} +> [!NOTE] +> The credential revocation REST API is not currently available for enterprises that use {% data variables.enterprise.data_residency %}. + +{% endif %} {% endif %} When using a {% data variables.product.pat_generic %} in a script, consider storing your token as a {% data variables.product.prodname_actions %} secret and running your script through {% data variables.product.prodname_actions %}.{% ifversion fpt or ghec %} You can also store your token as a Codespaces secret and run your script in Codespaces.{% endif %} For more information, see [AUTOTITLE](/actions/security-guides/encrypted-secrets){% ifversion fpt or ghec %} and [AUTOTITLE](/codespaces/managing-your-codespaces/managing-encrypted-secrets-for-your-codespaces){% endif %}. diff --git a/content/rest/index.md b/content/rest/index.md index 3af01b3f7eed..ba61cd59a19f 100644 --- a/content/rest/index.md +++ b/content/rest/index.md @@ -50,6 +50,7 @@ children: - /actions - /activity - /agent-tasks + - /agents - /announcement-banners - /apps - /billing diff --git a/content/support/learning-about-github-support/about-ticket-priority.md b/content/support/learning-about-github-support/about-ticket-priority.md index 5c50a97e298c..a5d486af14e3 100644 --- a/content/support/learning-about-github-support/about-ticket-priority.md +++ b/content/support/learning-about-github-support/about-ticket-priority.md @@ -73,6 +73,17 @@ All tickets regarding security features follow this logic for ticket prioritizat For more information about what {% data variables.contact.github_support %} can assist with, see [AUTOTITLE](/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/about-support-for-actions-runner-controller). +## Ticket priorities for {% data variables.product.prodname_copilot %} + +{% data variables.product.prodname_copilot_short %} is a developer productivity tool that accelerates workflows but does not gate core platform operations. If {% data variables.product.prodname_copilot_short %} is unavailable, developers can continue to write, commit, review, and deploy code using the underlying {% data variables.product.github %} platform. Platform-level outages that affect {% data variables.product.prodname_copilot_short %} availability across all users are handled through {% data variables.product.company_short %}'s incident process and reflected on [githubstatus.com](https://www.githubstatus.com). + +| Priority | Description | Examples | +| --- | --- | --- | +| {% data variables.product.support_ticket_priority_normal %} | Issues with {% data variables.product.prodname_copilot_short %} features that affect usage or productivity for members of your organization or enterprise. | | +| {% data variables.product.support_ticket_priority_low %} | Questions, suggestions, or minor issues related to {% data variables.product.prodname_copilot_short %} that are not time-sensitive. | | + +{% ifversion ghec %}For troubleshooting steps before contacting {% data variables.contact.github_support %}, see [AUTOTITLE](/copilot/how-tos/troubleshoot-copilot/troubleshoot-common-issues). Many {% data variables.product.prodname_copilot_short %} issues are caused by network configuration, firewalls, or proxy settings in your environment. For guidance on resolving these, see [AUTOTITLE](/copilot/how-tos/troubleshoot-copilot/troubleshoot-firewall-settings) and [AUTOTITLE](/copilot/how-tos/troubleshoot-copilot/troubleshoot-network-errors).{% endif %} + ## Further reading * [AUTOTITLE](/support/contacting-github-support/creating-a-support-ticket) diff --git a/data/llms-txt/config-default.yml b/data/llms-txt/config-default.yml index fde1701774f5..9f07eacf23b0 100644 --- a/data/llms-txt/config-default.yml +++ b/data/llms-txt/config-default.yml @@ -10,7 +10,7 @@ how_to_use: | * [Versions API](https://docs.github.com/api/pagelist/versions): Lists all available documentation versions. * [Languages API](https://docs.github.com/api/pagelist/languages): Lists all available languages. - * [Page List API](https://docs.github.com/api/pagelist/en/free-pro-team@latest): Returns every docs page path for a given language and version + * [Page List API](https://docs.github.com/api/pagelist/en/free-pro-team@latest): Returns every docs page path for a given language and version. * [Article API](https://docs.github.com/api/article): Returns the full rendered content and context of any docs page as JSON. Example: `curl "https://docs.github.com/api/article?pathname=/en/get-started/start-your-journey/about-github-and-git"` * [Article Body API](https://docs.github.com/api/article/body): Returns the full rendered content of any docs page as markdown. Example: `curl "https://docs.github.com/api/article/body?pathname=/en/get-started/start-your-journey/about-github-and-git"` * [Search API](https://docs.github.com/api/search/v1): Search across all docs content. Example: `curl "https://docs.github.com/api/search/v1?query=actions&language=en&version=free-pro-team@latest"` diff --git a/data/llms-txt/docs.md b/data/llms-txt/docs.md index 2a5407292b61..0a2f0df2506a 100644 --- a/data/llms-txt/docs.md +++ b/data/llms-txt/docs.md @@ -6,168 +6,168 @@ To retrieve full article content, page lists, or search results programmatically, please use the APIs below. To find a specific article, use the **Search API** with a query. To browse all available pages, use the **Page List API** to get a list of paths, then fetch individual articles with the **Article API**. The `/api/article/body` endpoint returns markdown, ideal for LLM consumption. These APIs return structured markdown and JSON and are the preferred way for LLMs and automated tools to access GitHub documentation. -- [Versions API](https://docs.github.com/api/pagelist/versions): Lists all available documentation versions. -- [Languages API](https://docs.github.com/api/pagelist/languages): Lists all available languages. -- [Page List API](https://docs.github.com/api/pagelist/en/free-pro-team@latest): Returns every docs page path for a given language and version -- [Article API](https://docs.github.com/api/article): Returns the full rendered content and context of any docs page as JSON. Example: `curl "https://docs.github.com/api/article?pathname=/en/get-started/start-your-journey/about-github-and-git"` -- [Article Body API](https://docs.github.com/api/article/body): Returns the full rendered content of any docs page as markdown. Example: `curl "https://docs.github.com/api/article/body?pathname=/en/get-started/start-your-journey/about-github-and-git"` -- [Search API](https://docs.github.com/api/search/v1): Search across all docs content. Example: `curl "https://docs.github.com/api/search/v1?query=actions&language=en&version=free-pro-team@latest"` -- [GitHub MCP server](https://github.com/github/github-mcp-server): For agents that connect via Model Context Protocol, the GitHub MCP server provides tools for working with GitHub itself: repositories, issues, pull requests, workflows, and code. It does not currently include docs search. +* [Versions API](https://docs.github.com/api/pagelist/versions): Lists all available documentation versions. +* [Languages API](https://docs.github.com/api/pagelist/languages): Lists all available languages. +* [Page List API](https://docs.github.com/api/pagelist/en/free-pro-team@latest): Returns every docs page path for a given language and version. +* [Article API](https://docs.github.com/api/article): Returns the full rendered content and context of any docs page as JSON. Example: `curl "https://docs.github.com/api/article?pathname=/en/get-started/start-your-journey/about-github-and-git"` +* [Article Body API](https://docs.github.com/api/article/body): Returns the full rendered content of any docs page as markdown. Example: `curl "https://docs.github.com/api/article/body?pathname=/en/get-started/start-your-journey/about-github-and-git"` +* [Search API](https://docs.github.com/api/search/v1): Search across all docs content. Example: `curl "https://docs.github.com/api/search/v1?query=actions&language=en&version=free-pro-team@latest"` +* [GitHub MCP server](https://github.com/github/github-mcp-server): For agents that connect via Model Context Protocol, the GitHub MCP server provides tools for working with GitHub itself: repositories, issues, pull requests, workflows, and code. It does not currently include docs search. ## Building with GitHub, for coding agents and automation -- [Extend Copilot Chat with MCP](https://docs.github.com/en/copilot/how-tos/provide-context/use-mcp-in-your-ide/extend-copilot-chat-with-mcp): Connect MCP servers to Copilot Chat to share context from other applications. -- [Use the GitHub MCP Server](https://docs.github.com/en/copilot/how-tos/provide-context/use-mcp-in-your-ide/use-the-github-mcp-server): Learn how to use the GitHub Model Context Protocol (MCP) server to interact with repositories, issues, pull requests, and other GitHub features, directly from Copilot Chat in your IDE. -- [Set up the GitHub MCP Server](https://docs.github.com/en/copilot/how-tos/provide-context/use-mcp-in-your-ide/set-up-the-github-mcp-server): Learn how to configure the GitHub Model Context Protocol (MCP) server. -- [About cloud agent](https://docs.github.com/en/copilot/concepts/agents/cloud-agent/about-cloud-agent): Copilot can research a repository, create an implementation plan, and make code changes on a branch. You can review the diff, iterate, and create a pull request when you're ready. -- [Create custom agents in your IDE](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/cloud-agent/create-custom-agents-in-your-ide): You can create specialized agents with tailored expertise for specific development tasks. -- [GitHub CLI](https://docs.github.com/en/github-cli/github-cli): GitHub CLI is an open source tool for using GitHub from your computer's command line. When you're working from the command line, you can use the GitHub CLI to save time and avoid switching context. -- [Quickstart](https://docs.github.com/en/github-cli/github-cli/quickstart): Start using GitHub CLI to work with GitHub in the command line. -- [REST API](https://docs.github.com/en/rest): Create integrations, retrieve data, and automate your workflows with the GitHub REST API. -- [GraphQL API](https://docs.github.com/en/graphql): To create integrations, retrieve data, and automate your workflows, use the GitHub GraphQL API. The GitHub GraphQL API offers more precise and flexible queries than the GitHub REST API. -- [GitHub Actions](https://docs.github.com/en/actions): Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you'd like, including CI/CD, and combine actions in a completely customized workflow. +* [Extend Copilot Chat with MCP](https://docs.github.com/en/copilot/how-tos/provide-context/use-mcp-in-your-ide/extend-copilot-chat-with-mcp): Connect MCP servers to Copilot Chat to share context from other applications. +* [Use the GitHub MCP Server](https://docs.github.com/en/copilot/how-tos/provide-context/use-mcp-in-your-ide/use-the-github-mcp-server): Learn how to use the GitHub Model Context Protocol (MCP) server to interact with repositories, issues, pull requests, and other GitHub features, directly from Copilot Chat in your IDE. +* [Set up the GitHub MCP Server](https://docs.github.com/en/copilot/how-tos/provide-context/use-mcp-in-your-ide/set-up-the-github-mcp-server): Learn how to configure the GitHub Model Context Protocol (MCP) server. +* [About cloud agent](https://docs.github.com/en/copilot/concepts/agents/cloud-agent/about-cloud-agent): Copilot can research a repository, create an implementation plan, and make code changes on a branch. You can review the diff, iterate, and create a pull request when you're ready. +* [Create custom agents in your IDE](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/cloud-agent/create-custom-agents-in-your-ide): You can create specialized agents with tailored expertise for specific development tasks. +* [GitHub CLI](https://docs.github.com/en/github-cli/github-cli): GitHub CLI is an open source tool for using GitHub from your computer's command line. When you're working from the command line, you can use the GitHub CLI to save time and avoid switching context. +* [Quickstart](https://docs.github.com/en/github-cli/github-cli/quickstart): Start using GitHub CLI to work with GitHub in the command line. +* [REST API](https://docs.github.com/en/rest): Create integrations, retrieve data, and automate your workflows with the GitHub REST API. +* [GraphQL API](https://docs.github.com/en/graphql): To create integrations, retrieve data, and automate your workflows, use the GitHub GraphQL API. The GitHub GraphQL API offers more precise and flexible queries than the GitHub REST API. +* [GitHub Actions](https://docs.github.com/en/actions): Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you'd like, including CI/CD, and combine actions in a completely customized workflow. ## GitHub Copilot > You can use GitHub Copilot to enhance your productivity and assist as you work on code. -- [GitHub Copilot](https://docs.github.com/en/copilot): You can use GitHub Copilot to enhance your productivity and assist as you work on code. -- [Agent skills](https://docs.github.com/en/copilot/concepts/agents/about-agent-skills): Skills allow Copilot to perform specialized tasks. -- [About Copilot CLI](https://docs.github.com/en/copilot/concepts/agents/copilot-cli/about-copilot-cli): Find out about using Copilot from the command line. -- [Copilot requests](https://docs.github.com/en/copilot/concepts/billing/copilot-requests): Learn about requests in Copilot, including premium requests, how they work, and how to manage your usage effectively. -- [Individual plans](https://docs.github.com/en/copilot/concepts/billing/individual-plans): GitHub offers several Copilot plans for individual developers, each with different features, model access, and usage limits to support a wide range of coding needs. -- [Usage-based billing for individuals](https://docs.github.com/en/copilot/concepts/billing/usage-based-billing-for-individuals): Your Copilot plan will include a monthly allowance of GitHub AI Credits. If you exhaust your AI credits, you can pay extra to keep working. -- [Usage-based billing for organizations and enterprises](https://docs.github.com/en/copilot/concepts/billing/usage-based-billing-for-organizations-and-enterprises): Prepare for the transition to usage-based billing for Copilot Business and Copilot Enterprise. -- [Usage limits](https://docs.github.com/en/copilot/concepts/usage-limits): Learn about GitHub Copilot usage limits and what to do if you hit a limit. -- [Features](https://docs.github.com/en/copilot/get-started/features): GitHub Copilot offers a suite of features for users and administrators. -- [Plans](https://docs.github.com/en/copilot/get-started/plans): Learn about the available plans for Copilot. -- [Quickstart](https://docs.github.com/en/copilot/get-started/quickstart): Quickly learn how to use GitHub Copilot. -- [What is GitHub Copilot?](https://docs.github.com/en/copilot/get-started/what-is-github-copilot): Learn what Copilot is and what you can do with it. -- [Chat in IDE](https://docs.github.com/en/copilot/how-tos/chat-with-copilot/chat-in-ide): Use Copilot Chat in your editor to give you code suggestions, explain code, generate unit tests, and suggest code fixes. -- [Copilot CLI best practices](https://docs.github.com/en/copilot/how-tos/copilot-cli/cli-best-practices): Learn how to get the most out of GitHub Copilot CLI. -- [Copilot CLI quickstart](https://docs.github.com/en/copilot/how-tos/copilot-cli/cli-getting-started): Quickly learn how to use GitHub Copilot CLI. -- [Install Copilot CLI](https://docs.github.com/en/copilot/how-tos/copilot-cli/set-up-copilot-cli/install-copilot-cli): Learn how to install Copilot CLI so that you can use Copilot directly from the command line. -- [Overview](https://docs.github.com/en/copilot/how-tos/copilot-cli/use-copilot-cli/overview): Learn how to use GitHub Copilot from the command line. -- [Add repository instructions](https://docs.github.com/en/copilot/how-tos/copilot-on-github/customize-copilot/add-custom-instructions/add-repository-instructions): Create repository custom instructions files that give Copilot additional context on how to understand your project and how to build, test and validate its changes. -- [Add agent skills](https://docs.github.com/en/copilot/how-tos/copilot-on-github/customize-copilot/customize-cloud-agent/add-skills): You can modify Copilot's behavior and abilities when it works on particular tasks. -- [Get IDE code suggestions](https://docs.github.com/en/copilot/how-tos/get-code-suggestions/get-ide-code-suggestions): Use GitHub Copilot to get code suggestions in your editor. -- [Monitor premium requests](https://docs.github.com/en/copilot/how-tos/manage-and-track-spending/monitor-premium-requests): Learn how you can monitor your monthly usage of Copilot and get the most value out of your Copilot plan. -- [Preparing for usage-based billing](https://docs.github.com/en/copilot/how-tos/manage-and-track-spending/prepare-for-your-move-to-usage-based-billing): If you're on a Copilot Pro or Copilot Pro+ plan, review your estimated costs under usage-based billing and take steps to prepare before the transition. -- [Manage policies](https://docs.github.com/en/copilot/how-tos/manage-your-account/manage-policies): Find out how to change your personal settings on GitHub to configure GitHub Copilot's behavior. -- [Install Copilot extension](https://docs.github.com/en/copilot/how-tos/set-up/install-copilot-extension): To use Copilot in your preferred coding environment, follow the steps for your chosen IDE. -- [Troubleshoot common issues](https://docs.github.com/en/copilot/how-tos/troubleshoot-copilot/troubleshoot-common-issues): This guide describes the most common issues with GitHub Copilot and how to resolve them. -- [Use code review](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review): Learn how to request a code review from GitHub Copilot. -- [Model comparison](https://docs.github.com/en/copilot/reference/ai-models/model-comparison): Compare available AI models in Copilot Chat and choose the best model for your task. -- [Model hosting](https://docs.github.com/en/copilot/reference/ai-models/model-hosting): Learn how different AI models are hosted for GitHub Copilot. -- [Supported models](https://docs.github.com/en/copilot/reference/ai-models/supported-models): Learn about the supported AI models in GitHub Copilot. -- [Model multipliers for annual plans](https://docs.github.com/en/copilot/reference/copilot-billing/model-multipliers-for-annual-plans): After June 1, 2026, model multipliers will change for Copilot Pro and Copilot Pro+ subscribers staying on annual plans under request-based billing. -- [Models and pricing](https://docs.github.com/en/copilot/reference/copilot-billing/models-and-pricing): See per-token pricing for the models available in GitHub Copilot and reference rates for additional usage across plans. -- [Copilot in GitHub Desktop](https://docs.github.com/en/copilot/responsible-use/copilot-in-github-desktop): Learn how to use Copilot in GitHub Desktop responsibly by understanding its purposes, capabilities, and limitations. -- [GitHub Copilot Chat Cookbook](https://docs.github.com/en/copilot/tutorials/copilot-chat-cookbook): Find examples of prompts to use with GitHub Copilot Chat. +* [GitHub Copilot](https://docs.github.com/en/copilot): You can use GitHub Copilot to enhance your productivity and assist as you work on code. +* [Agent skills](https://docs.github.com/en/copilot/concepts/agents/about-agent-skills): Skills allow Copilot to perform specialized tasks. +* [About Copilot CLI](https://docs.github.com/en/copilot/concepts/agents/copilot-cli/about-copilot-cli): Find out about using Copilot from the command line. +* [Copilot requests](https://docs.github.com/en/copilot/concepts/billing/copilot-requests): Learn about requests in Copilot, including premium requests, how they work, and how to manage your usage effectively. +* [Individual plans](https://docs.github.com/en/copilot/concepts/billing/individual-plans): GitHub offers several Copilot plans for individual developers, each with different features, model access, and usage limits to support a wide range of coding needs. +* [Usage-based billing for individuals](https://docs.github.com/en/copilot/concepts/billing/usage-based-billing-for-individuals): Your Copilot plan will include a monthly allowance of GitHub AI Credits. If you exhaust your AI credits, you can pay extra to keep working. +* [Usage-based billing for organizations and enterprises](https://docs.github.com/en/copilot/concepts/billing/usage-based-billing-for-organizations-and-enterprises): Prepare for the transition to usage-based billing for Copilot Business and Copilot Enterprise. +* [Usage limits](https://docs.github.com/en/copilot/concepts/usage-limits): Learn about GitHub Copilot usage limits and what to do if you hit a limit. +* [Features](https://docs.github.com/en/copilot/get-started/features): GitHub Copilot offers a suite of features for users and administrators. +* [Plans](https://docs.github.com/en/copilot/get-started/plans): Learn about the available plans for Copilot. +* [Quickstart](https://docs.github.com/en/copilot/get-started/quickstart): Quickly learn how to use GitHub Copilot. +* [What is GitHub Copilot?](https://docs.github.com/en/copilot/get-started/what-is-github-copilot): Learn what Copilot is and what you can do with it. +* [Chat in IDE](https://docs.github.com/en/copilot/how-tos/chat-with-copilot/chat-in-ide): Use Copilot Chat in your editor to give you code suggestions, explain code, generate unit tests, and suggest code fixes. +* [Copilot CLI best practices](https://docs.github.com/en/copilot/how-tos/copilot-cli/cli-best-practices): Learn how to get the most out of GitHub Copilot CLI. +* [Copilot CLI quickstart](https://docs.github.com/en/copilot/how-tos/copilot-cli/cli-getting-started): Quickly learn how to use GitHub Copilot CLI. +* [Install Copilot CLI](https://docs.github.com/en/copilot/how-tos/copilot-cli/set-up-copilot-cli/install-copilot-cli): Learn how to install Copilot CLI so that you can use Copilot directly from the command line. +* [Overview](https://docs.github.com/en/copilot/how-tos/copilot-cli/use-copilot-cli/overview): Learn how to use GitHub Copilot from the command line. +* [Add repository instructions](https://docs.github.com/en/copilot/how-tos/copilot-on-github/customize-copilot/add-custom-instructions/add-repository-instructions): Create repository custom instructions files that give Copilot additional context on how to understand your project and how to build, test and validate its changes. +* [Add agent skills](https://docs.github.com/en/copilot/how-tos/copilot-on-github/customize-copilot/customize-cloud-agent/add-skills): You can modify Copilot's behavior and abilities when it works on particular tasks. +* [Get IDE code suggestions](https://docs.github.com/en/copilot/how-tos/get-code-suggestions/get-ide-code-suggestions): Use GitHub Copilot to get code suggestions in your editor. +* [Monitor premium requests](https://docs.github.com/en/copilot/how-tos/manage-and-track-spending/monitor-premium-requests): Learn how you can monitor your monthly usage of Copilot and get the most value out of your Copilot plan. +* [Preparing for usage-based billing](https://docs.github.com/en/copilot/how-tos/manage-and-track-spending/prepare-for-your-move-to-usage-based-billing): If you're on a Copilot Pro or Copilot Pro+ plan, review your estimated costs under usage-based billing and take steps to prepare before the transition. +* [Manage policies](https://docs.github.com/en/copilot/how-tos/manage-your-account/manage-policies): Find out how to change your personal settings on GitHub to configure GitHub Copilot's behavior. +* [Install Copilot extension](https://docs.github.com/en/copilot/how-tos/set-up/install-copilot-extension): To use Copilot in your preferred coding environment, follow the steps for your chosen IDE. +* [Troubleshoot common issues](https://docs.github.com/en/copilot/how-tos/troubleshoot-copilot/troubleshoot-common-issues): This guide describes the most common issues with GitHub Copilot and how to resolve them. +* [Use code review](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/request-a-code-review/use-code-review): Learn how to request a code review from GitHub Copilot. +* [Model comparison](https://docs.github.com/en/copilot/reference/ai-models/model-comparison): Compare available AI models in Copilot Chat and choose the best model for your task. +* [Model hosting](https://docs.github.com/en/copilot/reference/ai-models/model-hosting): Learn how different AI models are hosted for GitHub Copilot. +* [Supported models](https://docs.github.com/en/copilot/reference/ai-models/supported-models): Learn about the supported AI models in GitHub Copilot. +* [Model multipliers for annual plans](https://docs.github.com/en/copilot/reference/copilot-billing/model-multipliers-for-annual-plans): After June 1, 2026, model multipliers will change for Copilot Pro and Copilot Pro+ subscribers staying on annual plans under request-based billing. +* [Models and pricing](https://docs.github.com/en/copilot/reference/copilot-billing/models-and-pricing): See per-token pricing for the models available in GitHub Copilot and reference rates for additional usage across plans. +* [Copilot in GitHub Desktop](https://docs.github.com/en/copilot/responsible-use/copilot-in-github-desktop): Learn how to use Copilot in GitHub Desktop responsibly by understanding its purposes, capabilities, and limitations. +* [GitHub Copilot Chat Cookbook](https://docs.github.com/en/copilot/tutorials/copilot-chat-cookbook): Find examples of prompts to use with GitHub Copilot Chat. ## Authentication > Authenticate securely to GitHub with passwords, tokens, SSH keys, and more—and keep your account protected. -- [Connect with SSH](https://docs.github.com/en/authentication/connecting-to-github-with-ssh): You can connect to GitHub using the Secure Shell Protocol (SSH), which provides a secure channel over an unsecured network. -- [Add a new SSH key](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account): To configure your account on GitHub.com to use your new (or existing) SSH key, you'll also need to add the key to your account. -- [Check for existing SSH key](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys): Before you generate an SSH key, you can check to see if you have any existing SSH keys. -- [Generate new SSH key](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent): After you've checked for existing SSH keys, you can generate a new SSH key to use for authentication, then add it to the ssh-agent. -- [Managing deploy keys](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys): Learn different ways to manage SSH keys on your servers when you automate deployment scripts and which way is best for you. -- [Test your SSH connection](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection): After you've set up your SSH key and added it to GitHub, you can test your connection. -- [Authentication to GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github): You can securely access your account's resources by authenticating to GitHub, using different credentials depending on where you authenticate. -- [Manage personal access tokens](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens): You can use a personal access token in place of a password when authenticating to GitHub in the command line or with the API. -- [Displaying verification for all commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits): You can enable vigilant mode for commit signature verification to mark all of your commits and tags with a signature verification status. -- [Configure 2FA](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication): You can choose among multiple options to add a second source of authentication to your account. -- [Configure 2FA recovery](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods): You can set up a variety of recovery methods to access your account if you lose your two-factor authentication credentials. -- [Recover an account with 2FA](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials): If you lose access to your two-factor authentication credentials, you can use your recovery codes, or another recovery option, to regain access to your account. +* [Connect with SSH](https://docs.github.com/en/authentication/connecting-to-github-with-ssh): You can connect to GitHub using the Secure Shell Protocol (SSH), which provides a secure channel over an unsecured network. +* [Add a new SSH key](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account): To configure your account on GitHub.com to use your new (or existing) SSH key, you'll also need to add the key to your account. +* [Check for existing SSH key](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys): Before you generate an SSH key, you can check to see if you have any existing SSH keys. +* [Generate new SSH key](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent): After you've checked for existing SSH keys, you can generate a new SSH key to use for authentication, then add it to the ssh-agent. +* [Managing deploy keys](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys): Learn different ways to manage SSH keys on your servers when you automate deployment scripts and which way is best for you. +* [Test your SSH connection](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/testing-your-ssh-connection): After you've set up your SSH key and added it to GitHub, you can test your connection. +* [Authentication to GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github): You can securely access your account's resources by authenticating to GitHub, using different credentials depending on where you authenticate. +* [Manage personal access tokens](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens): You can use a personal access token in place of a password when authenticating to GitHub in the command line or with the API. +* [Displaying verification for all commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits): You can enable vigilant mode for commit signature verification to mark all of your commits and tags with a signature verification status. +* [Configure 2FA](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication): You can choose among multiple options to add a second source of authentication to your account. +* [Configure 2FA recovery](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication-recovery-methods): You can set up a variety of recovery methods to access your account if you lose your two-factor authentication credentials. +* [Recover an account with 2FA](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/recovering-your-account-if-you-lose-your-2fa-credentials): If you lose access to your two-factor authentication credentials, you can use your recovery codes, or another recovery option, to regain access to your account. ## Get started > Learn how to start building, shipping, and maintaining software with GitHub. Explore our products, sign up for an account, and connect with the world's largest development community. -- [Get started](https://docs.github.com/en/get-started): Learn how to start building, shipping, and maintaining software with GitHub. Explore our products, sign up for an account, and connect with the world's largest development community. -- [About remote repositories](https://docs.github.com/en/get-started/git-basics/about-remote-repositories): GitHub's collaborative approach to development depends on publishing commits from your local repository to GitHub for other people to view, fetch, and update. -- [Set up Git](https://docs.github.com/en/get-started/git-basics/set-up-git): At the heart of GitHub is an open-source version control system (VCS) called Git. Git is responsible for everything GitHub-related that happens locally on your computer. -- [GitHub's plans](https://docs.github.com/en/get-started/learning-about-github/githubs-plans): An overview of GitHub's pricing plans. -- [Types of GitHub accounts](https://docs.github.com/en/get-started/learning-about-github/types-of-github-accounts): Accounts on GitHub allow you to organize and control access to code. -- [About GitHub and Git](https://docs.github.com/en/get-started/start-your-journey/about-github-and-git): You can use GitHub and Git to collaborate on work. -- [Create an account](https://docs.github.com/en/get-started/start-your-journey/creating-an-account-on-github): Create a personal account to get started with GitHub. -- [Hello World](https://docs.github.com/en/get-started/start-your-journey/hello-world): Follow this Hello World exercise to learn GitHub's pull request workflow. -- [Connectivity problems](https://docs.github.com/en/get-started/using-github/troubleshooting-connectivity-problems): If you're having trouble connecting to GitHub, you can troubleshoot your connection, then use the GitHub Debug tool to diagnose problems. -- [Basic formatting syntax](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax): Create sophisticated formatting for your prose and code on GitHub with simple syntax. +* [Get started](https://docs.github.com/en/get-started): Learn how to start building, shipping, and maintaining software with GitHub. Explore our products, sign up for an account, and connect with the world's largest development community. +* [About remote repositories](https://docs.github.com/en/get-started/git-basics/about-remote-repositories): GitHub's collaborative approach to development depends on publishing commits from your local repository to GitHub for other people to view, fetch, and update. +* [Set up Git](https://docs.github.com/en/get-started/git-basics/set-up-git): At the heart of GitHub is an open-source version control system (VCS) called Git. Git is responsible for everything GitHub-related that happens locally on your computer. +* [GitHub's plans](https://docs.github.com/en/get-started/learning-about-github/githubs-plans): An overview of GitHub's pricing plans. +* [Types of GitHub accounts](https://docs.github.com/en/get-started/learning-about-github/types-of-github-accounts): Accounts on GitHub allow you to organize and control access to code. +* [About GitHub and Git](https://docs.github.com/en/get-started/start-your-journey/about-github-and-git): You can use GitHub and Git to collaborate on work. +* [Create an account](https://docs.github.com/en/get-started/start-your-journey/creating-an-account-on-github): Create a personal account to get started with GitHub. +* [Hello World](https://docs.github.com/en/get-started/start-your-journey/hello-world): Follow this Hello World exercise to learn GitHub's pull request workflow. +* [Connectivity problems](https://docs.github.com/en/get-started/using-github/troubleshooting-connectivity-problems): If you're having trouble connecting to GitHub, you can troubleshoot your connection, then use the GitHub Debug tool to diagnose problems. +* [Basic formatting syntax](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax): Create sophisticated formatting for your prose and code on GitHub with simple syntax. ## GitHub Pages > GitHub Pages turns any GitHub repository into a live website—no separate hosting required. -- [GitHub Pages](https://docs.github.com/en/pages): GitHub Pages turns any GitHub repository into a live website—no separate hosting required. -- [Configure a custom domain](https://docs.github.com/en/pages/configuring-a-custom-domain-for-your-github-pages-site): You can customize the domain name of your GitHub Pages site. -- [Custom domains in GitHub Pages](https://docs.github.com/en/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages): GitHub Pages supports using custom domains, or changing the root of your site's URL from the default, like octocat.github.io, to any domain you own. -- [Configure publishing source](https://docs.github.com/en/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site): You can configure your GitHub Pages site to publish when changes are pushed to a specific branch, or you can write a GitHub Actions workflow to publish your site. -- [Create a GitHub Pages site](https://docs.github.com/en/pages/getting-started-with-github-pages/creating-a-github-pages-site): You can create a GitHub Pages site in a new or existing repository. -- [What is GitHub Pages?](https://docs.github.com/en/pages/getting-started-with-github-pages/what-is-github-pages): You can use GitHub Pages to host a website about yourself, your organization, or your project directly from a repository on GitHub. -- [Quickstart](https://docs.github.com/en/pages/quickstart): You can use GitHub Pages to showcase some open source projects, host a blog, or even share your résumé. This guide will help get you started on creating your next website. -- [Add theme to Pages site](https://docs.github.com/en/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll): You can personalize your Jekyll site by adding and customizing a theme. +* [GitHub Pages](https://docs.github.com/en/pages): GitHub Pages turns any GitHub repository into a live website—no separate hosting required. +* [Configure a custom domain](https://docs.github.com/en/pages/configuring-a-custom-domain-for-your-github-pages-site): You can customize the domain name of your GitHub Pages site. +* [Custom domains in GitHub Pages](https://docs.github.com/en/pages/configuring-a-custom-domain-for-your-github-pages-site/about-custom-domains-and-github-pages): GitHub Pages supports using custom domains, or changing the root of your site's URL from the default, like octocat.github.io, to any domain you own. +* [Configure publishing source](https://docs.github.com/en/pages/getting-started-with-github-pages/configuring-a-publishing-source-for-your-github-pages-site): You can configure your GitHub Pages site to publish when changes are pushed to a specific branch, or you can write a GitHub Actions workflow to publish your site. +* [Create a GitHub Pages site](https://docs.github.com/en/pages/getting-started-with-github-pages/creating-a-github-pages-site): You can create a GitHub Pages site in a new or existing repository. +* [What is GitHub Pages?](https://docs.github.com/en/pages/getting-started-with-github-pages/what-is-github-pages): You can use GitHub Pages to host a website about yourself, your organization, or your project directly from a repository on GitHub. +* [Quickstart](https://docs.github.com/en/pages/quickstart): You can use GitHub Pages to showcase some open source projects, host a blog, or even share your résumé. This guide will help get you started on creating your next website. +* [Add theme to Pages site](https://docs.github.com/en/pages/setting-up-a-github-pages-site-with-jekyll/adding-a-theme-to-your-github-pages-site-using-jekyll): You can personalize your Jekyll site by adding and customizing a theme. ## Account and profile > Make GitHub work best for you by customizing your personal account settings and personalizing your profile page. -- [Account and profile](https://docs.github.com/en/account-and-profile): Make GitHub work best for you by customizing your personal account settings and personalizing your profile page. -- [Username changes](https://docs.github.com/en/account-and-profile/concepts/username-changes): You can change the username for your GitHub account. -- [How-tos](https://docs.github.com/en/account-and-profile/how-tos): Learn how to accomplish specific tasks for your GitHub account and profile. -- [Troubleshoot missing contributions](https://docs.github.com/en/account-and-profile/how-tos/contribution-settings/troubleshooting-missing-contributions): Learn common reasons that contributions may be missing from your contributions graph. -- [Primary email address](https://docs.github.com/en/account-and-profile/how-tos/email-preferences/changing-your-primary-email-address): To change your primary email address, you'll add a new email, then delete the old one. -- [Set commit email address](https://docs.github.com/en/account-and-profile/how-tos/email-preferences/setting-your-commit-email-address): You can set the email address that is used to author commits on GitHub and on your computer. -- [Personalize your profile](https://docs.github.com/en/account-and-profile/tutorials/personalize-your-profile): You can share information about yourself with other users by setting a profile picture and adding a bio to your profile. +* [Account and profile](https://docs.github.com/en/account-and-profile): Make GitHub work best for you by customizing your personal account settings and personalizing your profile page. +* [Username changes](https://docs.github.com/en/account-and-profile/concepts/username-changes): You can change the username for your GitHub account. +* [How-tos](https://docs.github.com/en/account-and-profile/how-tos): Learn how to accomplish specific tasks for your GitHub account and profile. +* [Troubleshoot missing contributions](https://docs.github.com/en/account-and-profile/how-tos/contribution-settings/troubleshooting-missing-contributions): Learn common reasons that contributions may be missing from your contributions graph. +* [Primary email address](https://docs.github.com/en/account-and-profile/how-tos/email-preferences/changing-your-primary-email-address): To change your primary email address, you'll add a new email, then delete the old one. +* [Set commit email address](https://docs.github.com/en/account-and-profile/how-tos/email-preferences/setting-your-commit-email-address): You can set the email address that is used to author commits on GitHub and on your computer. +* [Personalize your profile](https://docs.github.com/en/account-and-profile/tutorials/personalize-your-profile): You can share information about yourself with other users by setting a profile picture and adding a bio to your profile. ## Repositories > Learn to use and manage the repositories that allow you to store and collaborate on your project's code. -- [About protected branches](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches): You can protect important branches by setting branch protection rules, which define whether collaborators can delete or force push to the branch and set requirements for any pushes to the branch, such as passing status checks or a linear commit history. -- [About rulesets](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets): Rulesets help you to control how people can interact with branches and tags in a repository. -- [Cloning a repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository): When you create a repository on GitHub, it exists as a remote repository. You can clone your repository to create a local copy on your computer and sync between the two locations. -- [Quickstart for repositories](https://docs.github.com/en/repositories/creating-and-managing-repositories/quickstart-for-repositories): Learn how to create a new repository and commit your first change in 5 minutes. -- [About READMEs](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes): You can add a README file to your repository to tell other people why your project is useful, what they can do with your project, and how they can use it. -- [Licensing a repository](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository): Public repositories on GitHub are often used to share open source software. For your repository to truly be open source, you'll need to license it so that others are free to use, change, and distribute the software. -- [About releases](https://docs.github.com/en/repositories/releasing-projects-on-github/about-releases): You can create a release to package software, along with release notes and links to binary files, for other people to use. +* [About protected branches](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches): You can protect important branches by setting branch protection rules, which define whether collaborators can delete or force push to the branch and set requirements for any pushes to the branch, such as passing status checks or a linear commit history. +* [About rulesets](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets): Rulesets help you to control how people can interact with branches and tags in a repository. +* [Cloning a repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository): When you create a repository on GitHub, it exists as a remote repository. You can clone your repository to create a local copy on your computer and sync between the two locations. +* [Quickstart for repositories](https://docs.github.com/en/repositories/creating-and-managing-repositories/quickstart-for-repositories): Learn how to create a new repository and commit your first change in 5 minutes. +* [About READMEs](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-readmes): You can add a README file to your repository to tell other people why your project is useful, what they can do with your project, and how they can use it. +* [Licensing a repository](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository): Public repositories on GitHub are often used to share open source software. For your repository to truly be open source, you'll need to license it so that others are free to use, change, and distribute the software. +* [About releases](https://docs.github.com/en/repositories/releasing-projects-on-github/about-releases): You can create a release to package software, along with release notes and links to binary files, for other people to use. ## GitHub Actions > Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you'd like, including CI/CD, and combine actions in a completely customized workflow. -- [Quickstart](https://docs.github.com/en/actions/get-started/quickstart): Try out the core features of GitHub Actions in minutes. -- [Understand GitHub Actions](https://docs.github.com/en/actions/get-started/understand-github-actions): Learn the basics of core concepts and essential terminology in GitHub Actions. -- [Events that trigger workflows](https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows): You can configure your workflows to run when specific activity on GitHub happens, at a scheduled time, or when an event outside of GitHub occurs. -- [Workflow commands](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-commands): You can use workflow commands when running shell commands in a workflow or in an action's code. -- [Workflow syntax](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax): A workflow is a configurable automated process made up of one or more jobs. You must create a YAML file to define your workflow configuration. +* [Quickstart](https://docs.github.com/en/actions/get-started/quickstart): Try out the core features of GitHub Actions in minutes. +* [Understand GitHub Actions](https://docs.github.com/en/actions/get-started/understand-github-actions): Learn the basics of core concepts and essential terminology in GitHub Actions. +* [Events that trigger workflows](https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows): You can configure your workflows to run when specific activity on GitHub happens, at a scheduled time, or when an event outside of GitHub occurs. +* [Workflow commands](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-commands): You can use workflow commands when running shell commands in a workflow or in an action's code. +* [Workflow syntax](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax): A workflow is a configurable automated process made up of one or more jobs. You must create a YAML file to define your workflow configuration. ## Billing and payments > Learn about the different components of your bill, and how you can view and manage those components. -- [GitHub Actions](https://docs.github.com/en/billing/concepts/product-billing/github-actions): Learn how usage of GitHub Actions is measured against your free allowance and how to pay for additional use. -- [GitHub Copilot licenses](https://docs.github.com/en/billing/concepts/product-billing/github-copilot-licenses): Learn how licenses for Copilot work, including usage measurement and managing your budget. -- [GitHub Models](https://docs.github.com/en/billing/concepts/product-billing/github-models): If you want to use GitHub Models beyond the free usage included in your account, you can choose to opt in to paid usage. +* [GitHub Actions](https://docs.github.com/en/billing/concepts/product-billing/github-actions): Learn how usage of GitHub Actions is measured against your free allowance and how to pay for additional use. +* [GitHub Copilot licenses](https://docs.github.com/en/billing/concepts/product-billing/github-copilot-licenses): Learn how licenses for Copilot work, including usage measurement and managing your budget. +* [GitHub Models](https://docs.github.com/en/billing/concepts/product-billing/github-models): If you want to use GitHub Models beyond the free usage included in your account, you can choose to opt in to paid usage. ## More pages -- [About creating apps](https://docs.github.com/en/apps/creating-github-apps/about-creating-github-apps/about-creating-github-apps): GitHub Apps let you build integrations to automate processes and extend GitHub's functionality. -- [Authorize](https://docs.github.com/en/apps/using-github-apps/authorizing-github-apps): You can authorize a GitHub App to retrieve information about your GitHub account and to make changes on your behalf. -- [Codespaces](https://docs.github.com/en/codespaces): Create a codespace to start developing in a secure, configurable, and dedicated development environment that works how and where you want it to. -- [Prototype with AI models](https://docs.github.com/en/github-models/use-github-models/prototyping-with-ai-models): Find and experiment with AI models for free. -- [About Projects](https://docs.github.com/en/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects): Projects is an adaptable, flexible tool for planning and tracking work on GitHub. -- [About GitHub Importer](https://docs.github.com/en/migrations/importing-source-code/using-github-importer/about-github-importer): If your source code is stored on another Git-based hosting service, you can move the code to GitHub.com using GitHub Importer. -- [OAuth app restrictions](https://docs.github.com/en/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions): Organizations can choose which OAuth apps have access to their repositories and other resources by enabling OAuth app access restrictions. -- [Roles in an organization](https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization): Organization owners can assign roles to individuals and teams giving them different sets of permissions in the organization. -- [Container registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry): You can store and manage Docker and OCI images in the Container registry. -- [Compare branches](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-comparing-branches-in-pull-requests): Pull requests display diffs to compare the changes you made in your topic branch against the base branch that you want to merge your changes into. -- [About pull requests](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests): Pull requests let you propose, review, and merge code changes. -- [Authenticating](https://docs.github.com/en/rest/authentication/authenticating-to-the-rest-api): You can authenticate to the REST API to access more endpoints and have a higher rate limit. -- [Permissions for fine-grained PATs](https://docs.github.com/en/rest/authentication/permissions-required-for-fine-grained-personal-access-tokens): For each permission granted to a fine-grained personal access token, these are the REST API endpoints that the app can use. -- [Code search syntax](https://docs.github.com/en/search-github/github-code-search/understanding-github-code-search-syntax): You can build search queries for the results you want with specialized code qualifiers, regular expressions, and boolean operations. -- [Search issues & PRs](https://docs.github.com/en/search-github/searching-on-github/searching-issues-and-pull-requests): You can search for issues and pull requests on GitHub and narrow the results using these search qualifiers in any combination. +* [About creating apps](https://docs.github.com/en/apps/creating-github-apps/about-creating-github-apps/about-creating-github-apps): GitHub Apps let you build integrations to automate processes and extend GitHub's functionality. +* [Authorize](https://docs.github.com/en/apps/using-github-apps/authorizing-github-apps): You can authorize a GitHub App to retrieve information about your GitHub account and to make changes on your behalf. +* [Codespaces](https://docs.github.com/en/codespaces): Create a codespace to start developing in a secure, configurable, and dedicated development environment that works how and where you want it to. +* [Prototype with AI models](https://docs.github.com/en/github-models/use-github-models/prototyping-with-ai-models): Find and experiment with AI models for free. +* [About Projects](https://docs.github.com/en/issues/planning-and-tracking-with-projects/learning-about-projects/about-projects): Projects is an adaptable, flexible tool for planning and tracking work on GitHub. +* [About GitHub Importer](https://docs.github.com/en/migrations/importing-source-code/using-github-importer/about-github-importer): If your source code is stored on another Git-based hosting service, you can move the code to GitHub.com using GitHub Importer. +* [OAuth app restrictions](https://docs.github.com/en/organizations/managing-oauth-access-to-your-organizations-data/about-oauth-app-access-restrictions): Organizations can choose which OAuth apps have access to their repositories and other resources by enabling OAuth app access restrictions. +* [Roles in an organization](https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization): Organization owners can assign roles to individuals and teams giving them different sets of permissions in the organization. +* [Container registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry): You can store and manage Docker and OCI images in the Container registry. +* [Compare branches](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-comparing-branches-in-pull-requests): Pull requests display diffs to compare the changes you made in your topic branch against the base branch that you want to merge your changes into. +* [About pull requests](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests): Pull requests let you propose, review, and merge code changes. +* [Authenticating](https://docs.github.com/en/rest/authentication/authenticating-to-the-rest-api): You can authenticate to the REST API to access more endpoints and have a higher rate limit. +* [Permissions for fine-grained PATs](https://docs.github.com/en/rest/authentication/permissions-required-for-fine-grained-personal-access-tokens): For each permission granted to a fine-grained personal access token, these are the REST API endpoints that the app can use. +* [Code search syntax](https://docs.github.com/en/search-github/github-code-search/understanding-github-code-search-syntax): You can build search queries for the results you want with specialized code qualifiers, regular expressions, and boolean operations. +* [Search issues & PRs](https://docs.github.com/en/search-github/searching-on-github/searching-issues-and-pull-requests): You can search for issues and pull requests on GitHub and narrow the results using these search qualifiers in any combination. diff --git a/data/reusables/actions/github-token-available-permissions.md b/data/reusables/actions/github-token-available-permissions.md index 93d1c75b4411..678ba634aa50 100644 --- a/data/reusables/actions/github-token-available-permissions.md +++ b/data/reusables/actions/github-token-available-permissions.md @@ -5,7 +5,8 @@ permissions: actions: read|write|none{% ifversion artifact-metadata %} artifact-metadata: read|write|none{% endif %}{% ifversion artifact-attestations %} attestations: read|write|none{% endif %} - checks: read|write|none + checks: read|write|none{% ifversion code-quality %} + code-quality: read|write|none{% endif %} contents: read|write|none deployments: read|write|none{% ifversion fpt or ghec %} id-token: write|none{% endif %} diff --git a/data/reusables/actions/github-token-scope-descriptions.md b/data/reusables/actions/github-token-scope-descriptions.md index 840dbe7b5bf3..c17d5c1bfd8d 100644 --- a/data/reusables/actions/github-token-scope-descriptions.md +++ b/data/reusables/actions/github-token-scope-descriptions.md @@ -12,6 +12,9 @@ Available permissions and details of what each allows an action to do: | `attestations` | Work with artifact attestations. For example, `attestations: write` permits an action to generate an artifact attestation for a build. For more information, see [AUTOTITLE](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds) | | {% endif %} | | `checks` | Work with check runs and check suites. For example, `checks: write` permits an action to create a check run. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-checks). | +| {% ifversion code-quality %} | +| `code-quality` | Work with code quality. For example, `code-quality: write` permits an action to upload code coverage reports. For more information, see [AUTOTITLE](/code-security/concepts/about-code-quality). | +| {% endif %} | | `contents` | Work with the contents of the repository. For example, `contents: read` permits an action to list the commits, and `contents: write` allows the action to create a release. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-contents). | | `deployments` | Work with deployments. For example, `deployments: write` permits an action to create a new deployment. For more information, see [AUTOTITLE](/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28#repository-permissions-for-deployments). | | `discussions` | Work with GitHub Discussions. For example, `discussions: write` permits an action to close or delete a discussion. For more information, see [AUTOTITLE](/graphql/guides/using-the-graphql-api-for-discussions). | diff --git a/src/audit-logs/data/ghes-3.14/enterprise.json b/src/audit-logs/data/ghes-3.14/enterprise.json new file mode 100644 index 000000000000..ce1e81f99085 --- /dev/null +++ b/src/audit-logs/data/ghes-3.14/enterprise.json @@ -0,0 +1,24512 @@ +[ + { + "action": "account.billing_date_change", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "account.plan_change", + "description": "The account's plan changed.", + "docs_reference_links": "/billing/managing-the-plan-for-your-github-account/about-billing-for-plans", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "How GitHub billing works" + }, + { + "action": "account_recovery_token.confirm", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "account_recovery_token.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "account_recovery_token.recover", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "actions_cache.delete", + "description": "A GitHub Actions cache was deleted using the REST API.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "actions_cache_id", + "actions_cache_key", + "actions_cache_version", + "actions_cache_scope", + "created_at", + "operation_type" + ] + }, + { + "action": "api.request", + "description": "An API request was made to an endpoint for the enterprise, or an enterprise owned resource. This event is only included if API Request Events is enabled in the enterprise's audit log settings. This event is only available via audit log streaming.", + "docs_reference_links": "/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/streaming-the-audit-log-for-your-enterprise#enabling-audit-log-streaming-of-api-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "request_method", + "query_string", + "request_body", + "status_code", + "url_path", + "public_repo", + "created_at", + "operation_type", + "route", + "rate_limit_remaining", + "actor_is_bot" + ], + "docs_reference_titles": "Streaming the audit log for your enterprise" + }, + { + "action": "artifact.destroy", + "description": "A workflow run artifact was manually deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "audit_log_streaming.check", + "description": "A manual check of the endpoint configured for audit log streaming was performed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "audit_log_stream_result", + "created_at", + "operation_type", + "audit_log_stream_sink_details" + ] + }, + { + "action": "audit_log_streaming.create", + "description": "An endpoint was added for audit log streaming.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "audit_log_stream_sink", + "created_at", + "operation_type", + "audit_log_stream_id" + ] + }, + { + "action": "audit_log_streaming.destroy", + "description": "An audit log streaming endpoint was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "audit_log_stream_id", + "audit_log_stream_sink_details" + ] + }, + { + "action": "audit_log_streaming.update", + "description": "An endpoint configuration was updated for audit log streaming, such as the stream was paused, enabled, or disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "audit_log_stream_enabled", + "audit_log_stream_sink", + "created_at", + "operation_type", + "new_s3_bucket", + "old_s3_bucket", + "secrets_updated", + "new_s3_arn_role", + "old_s3_arn_role", + "new_azure_blob_container", + "old_azure_blob_container", + "new_event_hub_instance", + "old_event_hub_instance", + "new_splunk_domain", + "old_splunk_domain", + "ssl_verify", + "old_gc_bucket" + ] + }, + { + "action": "billing.change_billing_type", + "description": "The way the account pays for GitHub was changed.", + "docs_reference_links": "/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing your payment and billing information" + }, + { + "action": "billing.change_email", + "description": "The billing email address changed.", + "docs_reference_links": "/billing/managing-your-github-billing-settings/setting-your-billing-email", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "email" + ], + "docs_reference_titles": "Managing your payment and billing information" + }, + { + "action": "billing.lock", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "billing.unlock", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "billing.update_bill_cycle_day", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business.add_admin", + "description": "An enterprise owner was added to an enterprise.", + "docs_reference_links": "/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Inviting people to manage your enterprise" + }, + { + "action": "business.add_organization", + "description": "An organization was added to an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "created_at", + "organization_upgrade" + ] + }, + { + "action": "business_advanced_security.disabled", + "description": "GitHub Advanced Security was disabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_advanced_security.disabled_for_new_repos", + "description": "GitHub Advanced Security was disabled for new repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_advanced_security.disabled_for_new_user_namespace_repos", + "description": "GitHub Advanced Security was disabled for new user namespace repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_advanced_security.enabled", + "description": "GitHub Advanced Security was enabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_advanced_security.enabled_for_new_repos", + "description": "GitHub Advanced Security was enabled for new repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_advanced_security.enabled_for_new_user_namespace_repos", + "description": "GitHub Advanced Security was enabled for new user namespace repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business.advanced_security_policy_update", + "description": "An enterprise owner created, updated, or removed a policy for GitHub Advanced Security.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "new_policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "business.advanced_security_repo_admin_enablement_policy_update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "new_policy", + "created_at", + "operation_type" + ] + }, + { + "action": "business_advanced_security.user_namespace_repos_disabled", + "description": "GitHub Advanced Security was disabled for user namespace repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_advanced_security.user_namespace_repos_enabled", + "description": "GitHub Advanced Security was enabled for user namespace repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business.clear_actions_settings", + "description": "An enterprise owner or site administrator cleared GitHub Actions policy settings for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.clear_default_repository_permission", + "description": "An enterprise owner cleared the base repository permission policy setting for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-base-repository-permissions", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "business.clear_members_can_create_repos", + "description": "An enterprise owner cleared a restriction on repository creation in organizations in the enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#setting-a-policy-for-repository-creation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "visibility", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "business.code_scanning_autofix_policy_update", + "description": "The policy for Code scanning autofix was updated for an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "new_policy", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "business.create", + "description": "An enterprise was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ] + }, + { + "action": "business_dependabot_alerts_new_repos.disable", + "description": "Dependabot alerts were disabled for new repositories in your enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business_dependabot_alerts_new_repos.enable", + "description": "Dependabot alerts were enabled for new repositories in your enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business.dependabot_alerts_repo_admin_enablement_policy_update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "new_policy", + "created_at", + "operation_type" + ] + }, + { + "action": "business.disable_open_scim", + "description": "SCIM provisioning for custom integrations that use the REST API was disabled for the enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business.disable_source_ip_disclosure", + "description": "Display of IP addresses within audit log events for the enterprise was disabled.", + "docs_reference_links": "/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Displaying IP addresses in the audit log for your enterprise" + }, + { + "action": "business.disable_two_factor_requirement", + "description": "The requirement for members to have two-factor authentication enabled to access an enterprise was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "name" + ] + }, + { + "action": "business.enable_open_scim", + "description": "SCIM provisioning for custom integrations that use the REST API was enabled for the enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business.enable_source_ip_disclosure", + "description": "Display of IP addresses within audit log events for the enterprise was enabled.", + "docs_reference_links": "/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/displaying-ip-addresses-in-the-audit-log-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Displaying IP addresses in the audit log for your enterprise" + }, + { + "action": "business.enable_two_factor_requirement", + "description": "The requirement for members to have two-factor authentication enabled to access an enterprise was enabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "name" + ] + }, + { + "action": "business.members_can_update_protected_branches.clear", + "description": "An enterprise owner unset a policy for whether members of an enterprise can update protected branches on repositories for individual organizations. Organization owners can choose whether to allow updating protected branches settings.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "operation_type" + ] + }, + { + "action": "business.members_can_update_protected_branches.disable", + "description": "The ability for enterprise members to update branch protection rules was disabled. Only enterprise owners can update protected branches.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ] + }, + { + "action": "business.members_can_update_protected_branches.enable", + "description": "The ability for enterprise members to update branch protection rules was enabled. Enterprise owners and members can update protected branches.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ] + }, + { + "action": "business.remove_admin", + "description": "An enterprise owner was removed from an enterprise.", + "docs_reference_links": "/admin/user-management/managing-users-in-your-enterprise/inviting-people-to-manage-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "name" + ], + "docs_reference_titles": "Inviting people to manage your enterprise" + }, + { + "action": "business.remove_organization", + "description": "An organization was removed from an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "name" + ] + }, + { + "action": "business.rename_slug", + "description": "The slug for the enterprise URL was renamed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ] + }, + { + "action": "business.revoke_sso_session", + "description": "The SAML single sign-on session for a member in an enterprise was revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "created_at" + ] + }, + { + "action": "business_secret_scanning_automatic_validity_checks.disabled", + "description": "Automatic partner validation checks have been disabled at the business level", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_automatic_validity_checks.enabled", + "description": "Automatic partner validation checks have been enabled at the business level", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise#managing-advanced-security-features", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_custom_pattern.create", + "description": "An enterprise-level custom pattern was created for secret scanning.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "business_secret_scanning_custom_pattern.delete", + "description": "An enterprise-level custom pattern was removed from secret scanning.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business_secret_scanning_custom_pattern.publish", + "description": "An enterprise-level custom pattern was published for secret scanning.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business_secret_scanning_custom_pattern_push_protection.disabled", + "description": "Push protection for a custom pattern for secret scanning was disabled for your enterprise.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "business_secret_scanning_custom_pattern_push_protection.enabled", + "description": "Push protection for a custom pattern for secret scanning was enabled for your enterprise.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "business_secret_scanning_custom_pattern.update", + "description": "Changes to an enterprise-level custom pattern were saved and a dry run was executed for secret scanning.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business_secret_scanning.disable", + "description": "Secret scanning was disabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning.disabled_for_new_repos", + "description": "Secret scanning was disabled for new repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning.enable", + "description": "Secret scanning was enabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning.enabled_for_new_repos", + "description": "Secret scanning was enabled for new repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_non_provider_patterns.disabled", + "description": "Secret scanning for non-provider patterns was disabled at the enterprise level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "business_secret_scanning_non_provider_patterns.enabled", + "description": "Secret scanning for non-provider patterns was enabled at the enterprise level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "business_secret_scanning_push_protection_custom_message.disable", + "description": "The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_push_protection_custom_message.enable", + "description": "The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_push_protection_custom_message.update", + "description": "The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_push_protection.disable", + "description": "Push protection for secret scanning was disabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_push_protection.disabled_for_new_repos", + "description": "Push protection for secret scanning was disabled for new repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_push_protection.enable", + "description": "Push protection for secret scanning was enabled for your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business_secret_scanning_push_protection.enabled_for_new_repos", + "description": "Push protection for secret scanning was enabled for new repositories in your enterprise.", + "docs_reference_links": "/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing GitHub Advanced Security features for your enterprise" + }, + { + "action": "business.secret_scanning_repo_admin_settings_policy_update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "new_policy", + "created_at", + "operation_type" + ] + }, + { + "action": "business.set_actions_fork_pr_approvals_policy", + "description": "The policy for requiring approvals for workflows from public forks was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-artifact-and-log-retention-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_fork_pr_workflows_policy", + "description": "The policy for fork pull request workflows was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.sso_response", + "description": "A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your enterprise. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "issuer", + "name", + "created_at", + "operation_type" + ] + }, + { + "action": "business.update_actions_settings", + "description": "An enterprise owner or site administrator updated GitHub Actions policy settings for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "updated_github_owned_allowed", + "updated_verified_allowed", + "updated_patterns", + "new_policy", + "old_policy", + "updated_access_policy" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.update_default_repository_permission", + "description": "The base repository permission setting was updated for all organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-base-repository-permissions", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "permission", + "created_at", + "name", + "old_permission" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "business.update_member_repository_creation_permission", + "description": "The repository creation setting was updated for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "operation_type", + "permission", + "visibility" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "business.update_member_repository_invitation_permission", + "description": "The policy setting for enterprise members inviting outside collaborators to repositories was updated.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-inviting-outside-collaborators-to-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "permission", + "name" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "checks.auto_trigger_disabled", + "description": "Automatic creation of check suites was disabled on a repository in the organization or enterprise.", + "docs_reference_links": "/rest/checks#update-repository-preferences-for-check-suites", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/checks#update-repository-preferences-for-check-suites" + }, + { + "action": "checks.auto_trigger_enabled", + "description": "Automatic creation of check suites was enabled on a repository in the organization or enterprise.", + "docs_reference_links": "/rest/checks#update-repository-preferences-for-check-suites", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "/rest/checks#update-repository-preferences-for-check-suites" + }, + { + "action": "checks.delete_logs", + "description": "Logs in a check suite were deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "codespaces.allow_permissions", + "description": "A codespace using custom permissions from its devcontainer.json file was launched.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "origin_repository", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.connect", + "description": "Credentials for a codespace were refreshed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot", + "machine_type", + "devcontainer_path" + ] + }, + { + "action": "codespaces.create", + "description": "A codespace was created", + "docs_reference_links": "/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at", + "actor_is_bot", + "machine_type", + "devcontainer_path" + ], + "docs_reference_titles": "Creating a codespace for a repository" + }, + { + "action": "codespaces.destroy", + "description": "A user deleted a codespace.", + "docs_reference_links": "/codespaces/developing-in-codespaces/deleting-a-codespace", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Deleting a codespace" + }, + { + "action": "codespaces.export_environment", + "description": "A codespace was exported to a branch on GitHub.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "owner", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "codespaces.restore", + "description": "A codespace was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.start_environment", + "description": "A codespace was started.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "pull_request_id", + "machine_type", + "devcontainer_path", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.suspend_environment", + "description": "A codespace was stopped.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "codespaces.trusted_repositories_access_update", + "description": "A personal account's access and security setting for Codespaces were updated.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "copilot.cfb_seat_added", + "description": "A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_created", + "description": "A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.", + "docs_reference_links": "/copilot/overview-of-github-copilot/about-github-copilot-for-business", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "What is GitHub Copilot?" + }, + { + "action": "copilot.cfb_seat_assignment_refreshed", + "description": "A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_reused", + "description": "A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_unassigned", + "description": "A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_cancelled", + "description": "A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "seat_assignment" + ] + }, + { + "action": "copilot.cfb_seat_cancelled_by_staff", + "description": "A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_property_definition.create", + "description": "A new custom property definition was created.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "property_name", + "created_at", + "operation_type", + "value_type", + "required", + "default_value", + "definition_id" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_definition.destroy", + "description": "A custom property definition was deleted.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "property_name", + "created_at", + "operation_type", + "value_type", + "required", + "default_value", + "definition_id", + "allowed_values" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_definition.update", + "description": "A custom property definition was updated.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "property_name", + "created_at", + "operation_type", + "value_type", + "required", + "default_value", + "old_allowed_values", + "allowed_values", + "definition_id", + "old_required", + "old_default_value", + "old_value_type", + "old_values_editable_by", + "values_editable_by" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_value.create", + "description": "A repository's custom property value was manually set for the first time.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "definition_id", + "property_name", + "value", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_value.destroy", + "description": "A repository's custom property value was deleted.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_value.update", + "description": "A repository's custom property value was updated.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "definition_id" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "dependabot_alerts.disable", + "description": "Dependabot alerts were disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories" + }, + { + "action": "dependabot_alerts.enable", + "description": "Dependabot alerts were enabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories" + }, + { + "action": "dependabot_alerts_new_repos.disable", + "description": "Dependabot alerts were disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added" + }, + { + "action": "dependabot_alerts_new_repos.enable", + "description": "Dependabot alerts were enabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added" + }, + { + "action": "dependabot_repository_access.repositories_updated", + "description": "The repositories that Dependabot can access were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "dependabot_security_updates.disable", + "description": "Dependabot security updates were disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependabot_security_updates.enable", + "description": "Dependabot security updates were enabled for all existing repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "dependabot_security_updates_new_repos.disable", + "description": " Dependabot security updates were disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependabot_security_updates_new_repos.enable", + "description": "Dependabot security updates were enabled for all new repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "dependency_graph.disable", + "description": "The dependency graph was disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependency_graph.enable", + "description": "The dependency graph was enabled for all existing repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "dependency_graph_new_repos.disable", + "description": "The dependency graph was disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependency_graph_new_repos.enable", + "description": "The dependency graph was enabled for all new repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "discussion_post.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "number", + "title", + "operation_type" + ] + }, + { + "action": "discussion_post_reply.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "number", + "created_at" + ] + }, + { + "action": "discussion_post_reply.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "number", + "team", + "created_at" + ] + }, + { + "action": "discussion_post.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "title", + "operation_type", + "team", + "number" + ] + }, + { + "action": "enterprise_announcement.create", + "description": "A global announcement banner was created for the enterprise.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "message", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Customizing user messages for your enterprise" + }, + { + "action": "enterprise_announcement.destroy", + "description": "A global announcement banner was removed from the enterprise.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Customizing user messages for your enterprise" + }, + { + "action": "enterprise_announcement.update", + "description": "A global announcement banner was updated for the enterprise.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "message", + "old_message", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Customizing user messages for your enterprise" + }, + { + "action": "enterprise.configure_self_hosted_jit_runner", + "description": "A new just-in-time GitHub Actions self-hosted runner was configured", + "docs_reference_links": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise" + }, + { + "action": "enterprise_domain.approve", + "description": "A domain was approved for an enterprise.", + "docs_reference_links": "/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#approving-a-domain-for-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "domain_name", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Verifying or approving a domain for your enterprise" + }, + { + "action": "enterprise_domain.create", + "description": "A domain was added to an enterprise.", + "docs_reference_links": "/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner_type", + "domain_name", + "owner", + "operation_type" + ], + "docs_reference_titles": "Verifying or approving a domain for your enterprise" + }, + { + "action": "enterprise_domain.destroy", + "description": "A domain was removed from an enterprise.", + "docs_reference_links": "/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#removing-an-approved-or-verified-domain", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner_type", + "domain_name", + "owner", + "operation_type" + ], + "docs_reference_titles": "Verifying or approving a domain for your enterprise" + }, + { + "action": "enterprise_domain.verify", + "description": "A domain was verified for an enterprise.", + "docs_reference_links": "/admin/configuration/configuring-your-enterprise/verifying-or-approving-a-domain-for-your-enterprise#verifying-a-domain-for-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "domain_name", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Verifying or approving a domain for your enterprise" + }, + { + "action": "enterprise.register_self_hosted_runner", + "description": "A new GitHub Actions self-hosted runner was registered.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Adding self-hosted runners" + }, + { + "action": "enterprise.remove_self_hosted_runner", + "description": "A GitHub Actions self-hosted runner was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "enterprise.runner_group_created", + "description": "A GitHub Actions self-hosted runner group was created.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at", + "runner_group_restricted_to_workflows" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "enterprise.runner_group_removed", + "description": "A GitHub Actions self-hosted runner group was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "enterprise.runner_group_runner_removed", + "description": "The REST API was used to remove a GitHub Actions self-hosted runner from a group.", + "docs_reference_links": "/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "runner_group_id", + "runner_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization" + }, + { + "action": "enterprise.runner_group_runners_added", + "description": "A GitHub Actions self-hosted runner was added to a group.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "enterprise.runner_group_runners_updated", + "description": "A GitHub Actions runner group's list of members was updated.", + "docs_reference_links": "/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization" + }, + { + "action": "enterprise.runner_group_updated", + "description": "The configuration of a GitHub Actions self-hosted runner group was changed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "runner_group_name", + "runner_group_allow_public", + "operation_type", + "created_at", + "runner_group_restricted_to_workflows", + "runner_group_selected_workflow_refs", + "network_configuration_id" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "enterprise.self_hosted_runner_offline", + "description": "The GitHub Actions runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "enterprise.self_hosted_runner_online", + "description": "The GitHub Actions runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "enterprise.self_hosted_runner_updated", + "description": "The GitHub Actions runner application was updated. This event is not included in the JSON/CSV export.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "source_version", + "target_version", + "runner_group_id", + "runner_group_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Self-hosted runners" + }, + { + "action": "enterprise_team.add_member", + "description": "A new member was added to the enterprise team or an IdP group linked to an enterprise team, or an IdP group was linked to an enterprise team.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type" + ] + }, + { + "action": "enterprise_team.copilot_assignment", + "description": "A license for GitHub Copilot was assigned to an enterprise team.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "enterprise_team.copilot_unassignment", + "description": "A license for GitHub Copilot was unassigned from an enterprise team.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "enterprise_team.create", + "description": "A new enterprise team was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type" + ] + }, + { + "action": "enterprise_team.destroy", + "description": "An enterprise team was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "enterprise_team.remove_member", + "description": "A member was removed from the enterprise team or an IdP group linked to an enterprise team, or an IdP group was unlinked from an enterprise team.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type" + ] + }, + { + "action": "enterprise_team.rename", + "description": "The name of an enterprise team was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "enterprise_team_id", + "enterprise_team", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "environment.add_protection_rule", + "description": "A GitHub Actions deployment protection rule was created via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "environment.create_actions_secret", + "description": "A secret was created for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.create_actions_variable", + "description": "A variable was created for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "environment_name", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.delete", + "description": "An environment was deleted.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deleting-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.remove_actions_secret", + "description": "A secret was deleted for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.remove_actions_variable", + "description": "A variable was deleted for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.remove_protection_rule", + "description": "A GitHub Actions deployment protection rule was deleted via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.update_actions_secret", + "description": "A secret was updated for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.update_actions_variable", + "description": "A variable was updated for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.update_protection_rule", + "description": "A GitHub Actions deployment protection rule was updated via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "new_value", + "approvers_was", + "approvers", + "can_admins_bypass", + "prevent_self_review" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "external_group.add_member", + "description": "A user was added to an external group.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "external_group", + "external_group_id", + "created_at", + "operation_type", + "scim_group_id" + ] + }, + { + "action": "external_group.delete", + "description": "An external group was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at", + "scim_group_id" + ] + }, + { + "action": "external_group.link", + "description": "An external group was linked to a GitHub team.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "external_group_id", + "operation_type", + "created_at", + "external_group", + "scim_group_id" + ] + }, + { + "action": "external_group.provision", + "description": "An external group was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "external_group.remove_member", + "description": "A user was removed from an external group.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "external_group", + "external_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "external_group.scim_api_failure", + "description": "Failed external group SCIM API request.", + "docs_reference_links": "/rest/scim/scim", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "request_method", + "query_string", + "api_request_body", + "route", + "status_code", + "url_path", + "scim_group_id", + "message", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "REST API endpoints for SCIM" + }, + { + "action": "external_group.scim_api_success", + "description": "Successful external group SCIM API request. Excludes GET API requests.", + "docs_reference_links": "/rest/scim/scim", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "request_method", + "query_string", + "api_request_body", + "route", + "status_code", + "url_path", + "scim_group_id", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "REST API endpoints for SCIM" + }, + { + "action": "external_group.unlink", + "description": "An external group was unlinked to a GitHub team.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "external_group_id", + "operation_type", + "created_at", + "external_group" + ] + }, + { + "action": "external_group.update", + "description": "An external group was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at", + "scim_group_id" + ] + }, + { + "action": "external_group.update_display_name", + "description": "An external group's display name was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "external_group_id", + "external_group", + "created_at", + "operation_type", + "scim_group_id" + ] + }, + { + "action": "external_identity.deprovision", + "description": "An external identity was deprovisioned, suspending the linked GitHub user.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "external_identity.provision", + "description": "An external identity was created and linked to a GitHub user.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "scim_user_id" + ] + }, + { + "action": "external_identity.scim_api_failure", + "description": "Failed external identity SCIM API request.", + "docs_reference_links": "/rest/scim/scim", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "request_method", + "query_string", + "api_request_body", + "route", + "status_code", + "url_path", + "scim_user_id", + "message", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "REST API endpoints for SCIM" + }, + { + "action": "external_identity.scim_api_success", + "description": "Successful external identity SCIM API request. Excludes GET API requests.", + "docs_reference_links": "/rest/scim/scim", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "request_method", + "query_string", + "api_request_body", + "route", + "status_code", + "url_path", + "scim_user_id", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "REST API endpoints for SCIM" + }, + { + "action": "external_identity.update", + "description": "An external identity was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "scim_user_id" + ] + }, + { + "action": "gist.create", + "description": "A gist was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "gist_id", + "created_at", + "operation_type", + "visibility" + ] + }, + { + "action": "gist.destroy", + "description": "A gist was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "gist_id", + "visibility", + "created_at", + "operation_type" + ] + }, + { + "action": "gist.visibility_change", + "description": "The visibility of a gist was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "gist_id", + "visibility", + "created_at" + ] + }, + { + "action": "git.clone", + "description": "A repository was cloned. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "transport_protocol", + "repository_public", + "transport_protocol_name" + ] + }, + { + "action": "git.fetch", + "description": "Changes were fetched from a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "transport_protocol", + "repository_public", + "transport_protocol_name" + ] + }, + { + "action": "git.push", + "description": "Changes were pushed to a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "transport_protocol", + "repository_public", + "transport_protocol_name" + ] + }, + { + "action": "git_signing_ssh_public_key.create", + "description": "An SSH key was added to a user account as a Git commit signing key.", + "docs_reference_links": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key" + }, + { + "action": "git_signing_ssh_public_key.delete", + "description": "An SSH key was removed from a user account as a Git commit signing key.", + "docs_reference_links": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "explanation", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key" + }, + { + "action": "github_hosted_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "github_hosted_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "github_hosted_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "gpg_key.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "gpg_key.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "hook.active_changed", + "description": "A hook's active status was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "events", + "active", + "active_was", + "hook_id", + "operation_type" + ] + }, + { + "action": "hook.config_changed", + "description": "A hook's configuration was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "hook_id", + "created_at", + "oauth_application_id", + "events" + ] + }, + { + "action": "hook.create", + "description": "A new hook was added.", + "docs_reference_links": "/get-started/exploring-integrations/about-webhooks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "hook_id", + "events", + "operation_type", + "name", + "created_at" + ], + "docs_reference_titles": "About webhooks" + }, + { + "action": "hook.destroy", + "description": "A hook was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "events", + "created_at", + "name", + "operation_type", + "oauth_application_id", + "hook_id" + ] + }, + { + "action": "hook.events_changed", + "description": "A hook's configured events were changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "events", + "operation_type", + "name", + "events_were", + "created_at", + "hook_id", + "oauth_application_id" + ] + }, + { + "action": "integration.create", + "description": "A GitHub App was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "integration", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.destroy", + "description": "A GitHub App was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "integration.generate_client_secret", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration_installation.create", + "description": "A GitHub App was installed.", + "docs_reference_links": "/apps/using-github-apps/authorizing-github-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "repository_selection", + "created_at", + "integration", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/authorizing-github-apps" + }, + { + "action": "integration_installation.destroy", + "description": "A GitHub App was uninstalled.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "repository_selection", + "integration", + "operation_type", + "name", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.repositories_added", + "description": "Repositories were added to a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "repository_selection", + "name", + "integration", + "operation_type", + "repositories_added", + "created_at", + "repositories_added_names", + "actor_is_bot", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access" + }, + { + "action": "integration_installation.repositories_removed", + "description": "Repositories were removed from a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "repository_selection", + "repositories_removed", + "integration", + "created_at", + "name", + "repositories_removed_names", + "actor_is_bot", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access" + }, + { + "action": "integration_installation.suspend", + "description": "A GitHub App was suspended.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "repository_selection", + "integration", + "operation_type", + "created_at", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.unsuspend", + "description": "A GitHub App was unsuspended.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "repository_selection", + "integration", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.version_updated", + "description": "Permissions for a GitHub App were updated.", + "docs_reference_links": "/apps/using-github-apps/approving-updated-permissions-for-a-github-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "integration", + "name", + "operation_type", + "created_at", + "repository_selection", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/approving-updated-permissions-for-a-github-app" + }, + { + "action": "integration.manager_added", + "description": "A member of an enterprise or organization was added as a GitHub App manager.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "manager", + "operation_type", + "integration" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization" + }, + { + "action": "integration.manager_removed", + "description": "A member of an enterprise or organization was removed from being a GitHub App manager.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "integration", + "name", + "created_at", + "manager" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization" + }, + { + "action": "integration.remove_client_secret", + "description": "A client secret for a GitHub App was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "integration.revoke_all_tokens", + "description": "All user tokens for a GitHub App were requested to be revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.revoke_tokens", + "description": "Token(s) for a GitHub App were revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.suspend", + "description": "A GitHub App was suspended.", + "docs_reference_links": "/apps/maintaining-github-apps/suspending-a-github-app-installation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "created_at", + "operation_type", + "application_client_id" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/suspending-a-github-app-installation" + }, + { + "action": "integration.transfer", + "description": "Ownership of a GitHub App was transferred to another user or organization.", + "docs_reference_links": "/apps/maintaining-github-apps/transferring-ownership-of-a-github-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "transfer_to_id", + "requester", + "requester_id", + "created_at", + "transfer_to", + "operation_type", + "integration", + "transfer_from", + "transfer_from_id", + "transfer_from_type", + "transfer_to_type" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/transferring-ownership-of-a-github-app" + }, + { + "action": "integration.unsuspend", + "description": "A GitHub App was unsuspended.", + "docs_reference_links": "/apps/maintaining-github-apps/suspending-a-github-app-installation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "created_at", + "operation_type", + "application_client_id" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/suspending-a-github-app-installation" + }, + { + "action": "ip_allow_list.disable", + "description": "An IP allow list was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "ip_allow_list.disable_for_installed_apps", + "description": "An IP allow list was disabled for installed GitHub Apps.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "ip_allow_list.disable_user_level_enforcement", + "description": "IP allow list user level enforcement was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "ip_allow_list.enable", + "description": "An IP allow list was enabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "ip_allow_list.enable_for_installed_apps", + "description": "An IP allow list was enabled for installed GitHub Apps.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "ip_allow_list.enable_user_level_enforcement", + "description": "IP allow list user level enforcement was enabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "ip_allow_list_entry.create", + "description": "An IP address was added to an IP allow list.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "active", + "ip_allow_list_entry", + "operation_type", + "created_at" + ] + }, + { + "action": "ip_allow_list_entry.destroy", + "description": "An IP address was deleted from an IP allow list.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ip_allow_list_entry", + "operation_type", + "created_at", + "active" + ] + }, + { + "action": "ip_allow_list_entry.update", + "description": "An IP address or its description was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "ip_allow_list_entry", + "active" + ] + }, + { + "action": "marketplace_agreement_signature.create", + "description": "The GitHub Marketplace Developer Agreement was signed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.approve", + "description": "A listing was approved for inclusion in GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "secondary_category", + "primary_category", + "operation_type", + "created_at", + "marketplace_listing", + "integration" + ] + }, + { + "action": "marketplace_listing.change_category", + "description": "A category for a listing for an app in GitHub Marketplace was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "marketplace_listing", + "integration", + "secondary_category", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.create", + "description": "A listing for an app in GitHub Marketplace was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "created_at", + "oauth_application", + "marketplace_listing", + "secondary_category", + "oauth_application_id", + "operation_type" + ] + }, + { + "action": "marketplace_listing.delist", + "description": "A listing was removed from GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "secondary_category", + "operation_type", + "marketplace_listing", + "primary_category", + "integration" + ] + }, + { + "action": "marketplace_listing_plan.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "marketplace_listing", + "has_free_trial", + "yearly_price_in_cents", + "description", + "bullets", + "monthly_price_in_cents", + "marketplace_listing_plan" + ] + }, + { + "action": "marketplace_listing_plan.publish", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "marketplace_listing_plan", + "marketplace_listing", + "description", + "bullets", + "has_free_trial", + "created_at", + "operation_type", + "monthly_price_in_cents", + "yearly_price_in_cents" + ] + }, + { + "action": "marketplace_listing_plan.retire", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "marketplace_listing_plan", + "description", + "yearly_price_in_cents", + "created_at", + "bullets", + "has_free_trial", + "marketplace_listing", + "monthly_price_in_cents", + "operation_type" + ] + }, + { + "action": "marketplace_listing_plan.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "monthly_price_in_cents", + "marketplace_listing", + "description", + "bullets", + "yearly_price_in_cents", + "has_free_trial", + "marketplace_listing_plan", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.redraft", + "description": "A listing was sent back to draft state.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "secondary_category", + "oauth_application_id", + "operation_type", + "oauth_application", + "created_at", + "marketplace_listing", + "primary_category" + ] + }, + { + "action": "marketplace_listing.reject", + "description": "A listing was not accepted for inclusion in GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "secondary_category", + "marketplace_listing", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "merge_queue.pull_request_dequeued", + "description": "A pull request was removed from a merge queue.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.pull_request_queue_jump", + "description": "A pull request was moved ahead in a merge queue.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.queue_cleared", + "description": "A merge queue was cleared.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.update_settings", + "description": "The settings for a merge queue were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "max_entries_to_build", + "min_entries_to_merge", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "metered_billing_configuration.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "metered_billing_configuration.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "metered_billing_configuration.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "migration.create", + "description": "A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "oauth_access.create", + "description": "An OAuth access token was generated.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, /authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, Managing your personal access tokens" + }, + { + "action": "oauth_access.destroy", + "description": "An OAuth access token was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "explanation", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps" + }, + { + "action": "oauth_access.regenerate", + "description": "An OAuth access token was regenerated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "oauth_application_name" + ] + }, + { + "action": "oauth_access.update", + "description": "An OAuth access token was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "oauth_application.create", + "description": "An OAuth application was created.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "oauth_application" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.destroy", + "description": "An OAuth application was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "oauth_application" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.generate_client_secret", + "description": "An OAuth application's secret key was generated.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.remove_client_secret", + "description": "An OAuth application's secret key was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.reset_secret", + "description": "The secret key for an OAuth application was reset.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "operation_type", + "created_at", + "oauth_application_id" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.revoke_all_tokens", + "description": "All user tokens for an OAuth application were requested to be revoked.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.revoke_tokens", + "description": "Token(s) for an OAuth application were revoked.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "oauth_application", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.suspend", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "oauth_application_id", + "created_at", + "oauth_application" + ] + }, + { + "action": "oauth_application.transfer", + "description": "An OAuth application was transferred from one account to another.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "oauth_application", + "oauth_application_id" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.unsuspend", + "description": "An OAuth application was unsuspended for a user or organization account.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "oauth_application_id", + "oauth_application", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_authorization.create", + "description": "An authorization for an OAuth application was created.", + "docs_reference_links": "/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps" + }, + { + "action": "oauth_authorization.destroy", + "description": "An authorization for an OAuth application was deleted.", + "docs_reference_links": "/apps/using-github-apps/reviewing-your-authorized-integrations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "explanation", + "actor_is_bot", + "oauth_application_name" + ], + "docs_reference_titles": "Reviewing and revoking authorization of GitHub Apps" + }, + { + "action": "oauth_authorization.update", + "description": "An authorization for an OAuth application was updated.", + "docs_reference_links": "/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps" + }, + { + "action": "org.accept_business_invitation", + "description": "An invitation sent to an organization to join an enterprise was accepted.", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.add_billing_manager", + "description": "A billing manager was added to an organization.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization" + }, + { + "action": "org.add_member", + "description": "A user joined an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "org.add_outside_collaborator", + "description": "An outside collaborator was added to a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "inviter", + "public_repo", + "permission", + "invitee", + "created_at", + "operation_type" + ] + }, + { + "action": "org.add_security_manager", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "org.advanced_security_disabled_for_new_repos", + "description": "GitHub Advanced Security was disabled for new repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_disabled_on_all_repos", + "description": "GitHub Advanced Security was disabled for all repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_enabled_for_new_repos", + "description": "GitHub Advanced Security was enabled for new repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_enabled_on_all_repos", + "description": "GitHub Advanced Security was enabled for all repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_policy_selected_member_disabled", + "description": "An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "org.advanced_security_policy_selected_member_enabled", + "description": "An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "org.async_delete", + "description": "A user initiated a background job to delete an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.billing_signup_error", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.block_user", + "description": "An organization owner blocked a user from accessing the organization's repositories.", + "docs_reference_links": "/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "blocked_user", + "operation_type" + ], + "docs_reference_titles": "/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization" + }, + { + "action": "org.cancel_business_invitation", + "description": "An invitation for an organization to join an enterprise was revoked", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "initiated_from" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.cancel_invitation", + "description": "An invitation sent to a user to join an organization was revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "email", + "operation_type", + "invitation_id", + "created_at", + "invitee_email" + ] + }, + { + "action": "org.clear_custom_invitation_rate_limit", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.code_scanning_autofix_disabled", + "description": "Autofix for code scanning alerts was disabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.code_scanning_autofix_enabled", + "description": "Autofix for code scanning alerts was enabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.code_scanning_scan_inactive_repos_disabled", + "description": "Scanning inactive repositories was disabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.code_scanning_scan_inactive_repos_enabled", + "description": "Scanning inactive repositories was enabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.codeql_disabled", + "description": "Code scanning using the default setup was disabled for an organization.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Configuring default setup for code scanning at scale" + }, + { + "action": "org.codeql_enabled", + "description": "Code scanning using the default setup was enabled for an organization.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Configuring default setup for code scanning at scale" + }, + { + "action": "org.config.disable_collaborators_only", + "description": "The interaction limit for collaborators only for an organization was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.disable_contributors_only", + "description": "The interaction limit for prior contributors only for an organization was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.disable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only for an organization was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.enable_collaborators_only", + "description": "The interaction limit for collaborators only for an organization was enabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.enable_contributors_only", + "description": "The interaction limit for prior contributors only for an organization was enabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.enable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only for an organization was enabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.configure_self_hosted_jit_runner", + "description": "A new just-in-time GitHub Actions self-hosted runner was configured", + "docs_reference_links": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization" + }, + { + "action": "org.confirm_business_invitation", + "description": "An invitation for an organization to join an enterprise was confirmed.", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.create", + "description": "An organization was created.", + "docs_reference_links": "/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch" + }, + { + "action": "org.delete", + "description": "An organization was deleted by a user or staff.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.disable_member_team_creation_permission", + "description": "Team creation was limited to owners.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization" + }, + { + "action": "org.disable_reader_discussion_creation_permission", + "description": "An organization owner limited discussion creation to users with at least triage permission in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization" + }, + { + "action": "org.disable_saml", + "description": "SAML single sign-on was disabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sso_url", + "issuer", + "created_at", + "operation_type" + ] + }, + { + "action": "org.disable_two_factor_requirement", + "description": "A two-factor authentication requirement was disabled for the organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.display_commenter_full_name_disabled", + "description": "An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.display_commenter_full_name_enabled", + "description": "An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.enable_member_team_creation_permission", + "description": "Team creation by members was allowed.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization" + }, + { + "action": "org.enable_reader_discussion_creation_permission", + "description": "An organization owner allowed users with read access to create discussions in an organization", + "docs_reference_links": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization" + }, + { + "action": "org.enable_saml", + "description": "SAML single sign-on was enabled for the organization.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "sso_url", + "created_at", + "issuer" + ], + "docs_reference_titles": "Enabling and testing SAML single sign-on for your organization" + }, + { + "action": "org.enable_two_factor_requirement", + "description": "Two-factor authentication is now required for the organization.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization" + }, + { + "action": "org.integration_manager_added", + "description": "An organization owner granted a member access to manage all GitHub Apps owned by an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "manager", + "operation_type", + "created_at" + ] + }, + { + "action": "org.integration_manager_removed", + "description": "An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "manager", + "operation_type", + "created_at" + ] + }, + { + "action": "org.invite_member", + "description": "A new user was invited to join an organization.", + "docs_reference_links": "/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitation_id", + "operation_type", + "created_at", + "invitee_email" + ], + "docs_reference_titles": "/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization" + }, + { + "action": "org.invite_to_business", + "description": "An organization was invited to join an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.members_can_update_protected_branches.disable", + "description": "The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.members_can_update_protected_branches.enable", + "description": "The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.rate_limited_invites", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.recreate", + "description": "An organization was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.register_self_hosted_runner", + "description": "A new self-hosted runner was registered.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "Adding self-hosted runners" + }, + { + "action": "org.remove_billing_manager", + "description": "A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization" + }, + { + "action": "org.remove_member", + "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.remove_outside_collaborator", + "description": "An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.remove_security_manager", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "org.remove_self_hosted_runner", + "description": "A self-hosted runner was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "org.rename", + "description": "An organization was renamed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_login", + "operation_type", + "created_at" + ] + }, + { + "action": "org.restore_member", + "description": "An organization member was restored.", + "docs_reference_links": "/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization" + }, + { + "action": "org.runner_group_created", + "description": "A self-hosted runner group was created.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#creating-a-self-hosted-runner-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at", + "runner_group_restricted_to_workflows", + "runner_group_selected_workflow_refs", + "network_configuration_id" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_removed", + "description": "A self-hosted runner group was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_runner_removed", + "description": "The REST API was used to remove a self-hosted runner from a group.", + "docs_reference_links": "/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "runner_group_id", + "runner_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization" + }, + { + "action": "org.runner_group_runners_added", + "description": "A self-hosted runner was added to a group.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_runners_updated", + "description": "A runner group's list of members was updated.", + "docs_reference_links": "/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization" + }, + { + "action": "org.runner_group_updated", + "description": "The configuration of a self-hosted runner group was changed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "runner_group_name", + "runner_group_allow_public", + "operation_type", + "created_at", + "runner_group_restricted_to_workflows", + "runner_group_selected_workflow_refs", + "network_configuration_id" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org_secret_scanning_automatic_validity_checks.disabled", + "description": "Automatic partner validation checks have been disabled at the organization level", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization" + }, + { + "action": "org_secret_scanning_automatic_validity_checks.enabled", + "description": "Automatic partner validation checks have been enabled at the organization level", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization" + }, + { + "action": "org_secret_scanning_custom_pattern.create", + "description": "A custom pattern was created for secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_custom_pattern.delete", + "description": "A custom pattern was removed from secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_custom_pattern.publish", + "description": "A custom pattern was published for secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org.secret_scanning_custom_pattern_push_protection_disabled", + "description": "Push protection for a custom pattern for secret scanning was disabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org.secret_scanning_custom_pattern_push_protection_enabled", + "description": "Push protection for a custom pattern for secret scanning was enabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_custom_pattern.update", + "description": "Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_non_provider_patterns.disabled", + "description": "Secret scanning for non-provider patterns was disabled at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "org_secret_scanning_non_provider_patterns.enabled", + "description": "Secret scanning for non-provider patterns was enabled at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.add", + "description": "A role or team was added to the push protection bypass list at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.disable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.enable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.remove", + "description": "A role or team was removed from the push protection bypass list at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_custom_message_disabled", + "description": "The custom message triggered by an attempted push to a push-protected repository was disabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_custom_message_enabled", + "description": "The custom message triggered by an attempted push to a push-protected repository was enabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_custom_message_updated", + "description": "The custom message triggered by an attempted push to a push-protected repository was updated for an organization.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_disable", + "description": "Push protection for secret scanning was disabled.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_enable", + "description": "Push protection for secret scanning was enabled.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_new_repos_disable", + "description": "Push protection for secret scanning was disabled for all new repositories in the organization.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_new_repos_enable", + "description": "Push protection for secret scanning was enabled for all new repositories in the organization.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.self_hosted_runner_offline", + "description": "The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "org.self_hosted_runner_online", + "description": "The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "org.self_hosted_runner_updated", + "description": "The runner application was updated. This event is not included in the JSON/CSV export.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "source_version", + "target_version", + "runner_group_id", + "runner_group_name" + ], + "docs_reference_titles": "Self-hosted runners" + }, + { + "action": "org.set_actions_fork_pr_approvals_policy", + "description": "The setting for requiring approvals for workflows from public forks was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks" + }, + { + "action": "org.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks" + }, + { + "action": "org.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs in an organization was changed.", + "docs_reference_links": "/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization" + }, + { + "action": "org.set_custom_invitation_rate_limit", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization" + }, + { + "action": "org.set_fork_pr_workflows_policy", + "description": "The policy for workflows on private repository forks was changed.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks" + }, + { + "action": "org.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests" + }, + { + "action": "org.sso_response", + "description": "A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "issuer", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "org.transform", + "description": "A user account was converted into an organization.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-your-personal-account/converting-a-user-into-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "owner" + ], + "docs_reference_titles": "Converting a user into an organization" + }, + { + "action": "org.unblock_user", + "description": "A user was unblocked from an organization.", + "docs_reference_links": "/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "blocked_user", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization" + }, + { + "action": "org.update_actions_settings", + "description": "An organization owner or site administrator updated GitHub Actions policy settings for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "new_policy", + "updated_allowed_types", + "old_policy", + "updated_access_policy" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization" + }, + { + "action": "org.update_default_repository_permission", + "description": "The default repository permission level for organization members was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "permission", + "old_permission" + ] + }, + { + "action": "org.update_member", + "description": "A person's role was changed from owner to member or member to owner.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "old_permission", + "permission", + "operation_type" + ] + }, + { + "action": "org.update_member_repository_creation_permission", + "description": "The create repository permission for organization members was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "org.update_member_repository_invitation_permission", + "description": "An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Setting permissions for adding outside collaborators" + }, + { + "action": "org.update_saml_provider_settings", + "description": "An organization's SAML provider settings were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sso_url", + "operation_type", + "issuer", + "created_at" + ] + }, + { + "action": "org.update_terms_of_service", + "description": "An organization changed between the Standard Terms of Service and the GitHub Customer Agreement.", + "docs_reference_links": "/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement" + }, + { + "action": "organization_domain.approve", + "description": "A domain was approved for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "domain_name", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization" + }, + { + "action": "organization_domain.create", + "description": "A domain was added to an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "domain_name", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization" + }, + { + "action": "organization_domain.destroy", + "description": "A domain was removed from an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "domain_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain" + }, + { + "action": "organization_domain.verify", + "description": "A domain was verified for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "domain_name", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization" + }, + { + "action": "packages.package_deleted", + "description": "An entire package was deleted.", + "docs_reference_links": "/packages/learn-github-packages/deleting-and-restoring-a-package", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "package", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "/packages/learn-github-packages/deleting-and-restoring-a-package" + }, + { + "action": "packages.package_published", + "description": "A package was published or republished to an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "package", + "ecosystem", + "version_count", + "is_republished", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "packages.package_version_deleted", + "description": "A specific package version was deleted.", + "docs_reference_links": "/packages/learn-github-packages/deleting-and-restoring-a-package", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "package", + "version", + "operation_type", + "created_at", + "ecosystem", + "actor_is_bot" + ], + "docs_reference_titles": "/packages/learn-github-packages/deleting-and-restoring-a-package" + }, + { + "action": "packages.package_version_published", + "description": "A specific package version was published or republished to a package.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ecosystem", + "package", + "version", + "is_republished", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "pages_protected_domain.create", + "description": "A GitHub Pages verified domain was created for an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "pages_protected_domain.delete", + "description": "A GitHub Pages verified domain was deleted from an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "pages_protected_domain.verify", + "description": "A GitHub Pages domain was verified for an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "passkey.register", + "description": "A new passkey was added.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "nickname", + "created_at", + "operation_type" + ] + }, + { + "action": "passkey.remove", + "description": "A new passkey was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "nickname", + "created_at", + "operation_type" + ] + }, + { + "action": "payment_method.create", + "description": "A new payment method was added, such as a new credit card or PayPal account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "payment_method.remove", + "description": "A payment method was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "payment_method.update", + "description": "An existing payment method was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "personal_access_token.access_granted", + "description": "A fine-grained personal access token was granted access to resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.access_revoked", + "description": "A fine-grained personal access token was revoked. The token can still read public organization resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.create", + "description": "Triggered when you create a fine-grained personal access token.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ] + }, + { + "action": "personal_access_token.credential_regenerated", + "description": "Triggered when you regenerate a fine-grained personal access token.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "created_at", + "operation_type" + ] + }, + { + "action": "personal_access_token.credential_revoked", + "description": "A fine-grained personal access token was revoked by GitHub Advanced Security.", + "docs_reference_links": "/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users" + }, + { + "action": "personal_access_token.destroy", + "description": "Triggered when you delete a fine-grained personal access token.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "explanation", + "created_at", + "operation_type" + ] + }, + { + "action": "personal_access_token.request_cancelled", + "description": "A pending request for a fine-grained personal access token to access organization resources was canceled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ] + }, + { + "action": "personal_access_token.request_created", + "description": "Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.request_denied", + "description": "A request for a fine-grained personal access token to access organization resources was denied.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.update", + "description": "A fine-grained personal access token was updated.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens" + }, + { + "action": "premium_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "premium_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "premium_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting_new_repos.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting_new_repos.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "profile_picture.update", + "description": "A profile picture was updated.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner", + "operation_type" + ], + "docs_reference_titles": "Personalize your profile" + }, + { + "action": "project.access", + "description": "A project board visibility was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.close", + "description": "A project board was closed.", + "docs_reference_links": "/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "project_id", + "project_kind" + ], + "docs_reference_titles": "Closing a project (classic)" + }, + { + "action": "project.create", + "description": "A project board was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.delete", + "description": "A project board was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project_field.create", + "description": "A field was created in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/understanding-fields", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/understanding-fields" + }, + { + "action": "project_field.delete", + "description": "A field was deleted in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields" + }, + { + "action": "project.link", + "description": "A repository was linked to a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.open", + "description": "A project board was reopened.", + "docs_reference_links": "/issues/organizing-your-work-with-project-boards/managing-project-boards/reopening-a-closed-project-board", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "project_id", + "operation_type", + "created_at", + "project_kind", + "project_name" + ], + "docs_reference_titles": "Reopening a closed project (classic)" + }, + { + "action": "project.rename", + "description": "A project board was renamed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "old_name", + "operation_type" + ] + }, + { + "action": "project.unlink", + "description": "A repository was unlinked from a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.update_org_permission", + "description": "The project's base-level permission for all organization members was changed or removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.update_team_permission", + "description": "A team's project board permission level was changed or when a team was added or removed from a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "team" + ] + }, + { + "action": "project.update_user_permission", + "description": "A user was added to or removed from a project board or had their permission level changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project_view.create", + "description": "A view was created in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views" + }, + { + "action": "project_view.delete", + "description": "A view was deleted in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views" + }, + { + "action": "protected_branch.authorized_users_teams", + "description": "The users, teams, or integrations allowed to bypass a branch protection were changed.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type", + "oauth_application_id" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches" + }, + { + "action": "protected_branch.branch_allowances", + "description": "A protected branch allowance was given to a specific user, team or integration.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "authorized_actors", + "policy", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "protected_branch.create", + "description": "Branch protection was enabled on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "created_at", + "authorized_actor_names", + "required_deployments_enforcement_level", + "merge_queue_enforcement_level", + "create_protected" + ] + }, + { + "action": "protected_branch.destroy", + "description": "Branch protection was disabled on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "required_deployments_enforcement_level", + "merge_queue_enforcement_level", + "create_protected" + ] + }, + { + "action": "protected_branch.dismiss_stale_reviews", + "description": "Enforcement of dismissing stale pull requests was updated on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "dismiss_stale_reviews_on_push", + "created_at", + "operation_type", + "name" + ] + }, + { + "action": "protected_branch.dismissal_restricted_users_teams", + "description": "Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "authorized_actors_only", + "authorized_actors", + "created_at", + "name", + "operation_type" + ] + }, + { + "action": "protected_branch.policy_override", + "description": "A branch protection requirement was overridden by a repository administrator.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "reasons", + "before", + "after", + "operation_type", + "branch", + "overridden_codes", + "referrer", + "deploy_key_fingerprint", + "compliant_pull_request_ids", + "rule_suite_id" + ] + }, + { + "action": "protected_branch.rejected_ref_update", + "description": "A branch update attempt was rejected.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "branch", + "before", + "overridden_codes", + "after", + "reasons", + "deploy_key_fingerprint", + "compliant_pull_request_ids", + "actor_is_bot", + "rule_suite_id" + ] + }, + { + "action": "protected_branch.update_admin_enforced", + "description": "Branch protection was enforced for repository administrators.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "admin_enforced", + "operation_type", + "name", + "created_at" + ] + }, + { + "action": "protected_branch.update_allow_deletions_enforcement_level", + "description": "Branch deletion was enabled or disabled for a protected branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "allow_deletions_enforcement_level", + "created_at" + ] + }, + { + "action": "protected_branch.update_allow_force_pushes_enforcement_level", + "description": "Force pushes were enabled or disabled for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "allow_force_pushes_enforcement_level", + "created_at" + ] + }, + { + "action": "protected_branch.update_ignore_approvals_from_contributors", + "description": "Ignoring of approvals from contributors to a pull request was enabled or disabled for a branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "ignore_approvals_from_contributors", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "action": "protected_branch.update_linear_history_requirement_enforcement_level", + "description": "Required linear commit history was enabled or disabled for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "linear_history_requirement_enforcement_level", + "name", + "created_at" + ] + }, + { + "action": "protected_branch.update_lock_allows_fetch_and_merge", + "description": "Fork syncing was enabled or disabled for a read-only branch", + "docs_reference_links": "repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "lock_allows_fetch_and_merge", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch" + }, + { + "action": "protected_branch.update_lock_branch_enforcement_level", + "description": "The enforcement of a branch lock was updated.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "enforcement_level", + "lock_branch_enforcement_level", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch" + }, + { + "action": "protected_branch.update_merge_queue_enforcement_level", + "description": "Enforcement of the merge queue was modified for a branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "merge_queue_enforcement_level", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue" + }, + { + "action": "protected_branch.update_name", + "description": "A branch name pattern was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "old_name", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "protected_branch.update_pull_request_reviews_enforcement_level", + "description": "Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone).", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "pull_request_reviews_enforcement_level", + "created_at", + "operation_type" + ] + }, + { + "action": "protected_branch.update_require_code_owner_review", + "description": "Enforcement of required code owner review was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "require_code_owner_review", + "operation_type", + "name" + ] + }, + { + "action": "protected_branch.update_require_last_push_approval", + "description": "Someone other than the person who pushed the last code-modifying commit to the branch must approve pull requests for the branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "require_last_push_approval", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging" + }, + { + "action": "protected_branch.update_required_approving_review_count", + "description": "Enforcement of the required number of approvals before merging was updated on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "required_approving_review_count", + "created_at", + "operation_type", + "name" + ] + }, + { + "action": "protected_branch.update_required_status_checks_enforcement_level", + "description": "Enforcement of required status checks was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "required_status_checks_enforcement_level" + ] + }, + { + "action": "protected_branch.update_signature_requirement_enforcement_level", + "description": "Enforcement of required commit signing was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "created_at", + "signature_requirement_enforcement_level" + ] + }, + { + "action": "protected_branch.update_strict_required_status_checks_policy", + "description": "Enforcement of required status checks was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "operation_type", + "strict_required_status_checks_policy" + ] + }, + { + "action": "public_key.create", + "description": "An SSH key was added to a user account or a deploy key was added to a repository.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "read_only", + "operation_type", + "created_at", + "key", + "fingerprint", + "title" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account" + }, + { + "action": "public_key.delete", + "description": "An SSH key was removed from a user account or a deploy key was removed from a repository.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "fingerprint", + "read_only", + "explanation", + "key", + "operation_type", + "title", + "created_at" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys" + }, + { + "action": "public_key.unverification_failure", + "description": "A user account's SSH key or a repository's deploy key was unable to be unverified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "read_only", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.unverify", + "description": "A user account's SSH key or a repository's deploy key was unverified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "title", + "key", + "read_only", + "explanation", + "fingerprint" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.update", + "description": "A user account's SSH key or a repository's deploy key was updated.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "fingerprint", + "read_only", + "operation_type", + "created_at", + "title" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.verification_failure", + "description": "A user account's SSH key or a repository's deploy key was unable to be verified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "fingerprint", + "oauth_application_id", + "title", + "created_at", + "read_only", + "operation_type" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.verify", + "description": "A user account's SSH key or a repository's deploy key was verified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "key", + "fingerprint", + "title", + "read_only" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "pull_request.close", + "description": "A pull request was closed without being merged.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_bot" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request" + }, + { + "action": "pull_request.converted_to_draft", + "description": "A pull request was converted to a draft.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft" + }, + { + "action": "pull_request.create", + "description": "A pull request was created.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_bot", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request" + }, + { + "action": "pull_request.create_review_request", + "description": "A review was requested on a pull request.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "reviewer_type", + "reviewer", + "reviewer_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews" + }, + { + "action": "pull_request.in_progress", + "description": "A pull request was marked as in progress.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at" + ] + }, + { + "action": "pull_request.indirect_merge", + "description": "A pull request was considered merged because the pull request's commits were merged into the target branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ] + }, + { + "action": "pull_request.merge", + "description": "A pull request was merged.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_bot" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request" + }, + { + "action": "pull_request.ready_for_review", + "description": "A pull request was marked as ready for review.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review" + }, + { + "action": "pull_request.rebase", + "description": "A pull request was rebased.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "pull_request_url", + "pull_request_title", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "pull_request.remove_review_request", + "description": "A review request was removed from a pull request.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "reviewer_type", + "reviewer", + "reviewer_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews" + }, + { + "action": "pull_request.reopen", + "description": "A pull request was reopened after previously being closed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ] + }, + { + "action": "pull_request_review_comment.create", + "description": "A review comment was added to a pull request.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "comment_id", + "operation_type", + "created_at", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews" + }, + { + "action": "pull_request_review_comment.delete", + "description": "A review comment on a pull request was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "comment_id", + "operation_type" + ] + }, + { + "action": "pull_request_review_comment.update", + "description": "A review comment on a pull request was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "comment_id" + ] + }, + { + "action": "pull_request_review.delete", + "description": "A review on a pull request was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "review_id", + "operation_type", + "created_at", + "pull_request_url" + ] + }, + { + "action": "pull_request_review.dismiss", + "description": "A review on a pull request was dismissed.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "review_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review" + }, + { + "action": "pull_request_review.submit", + "description": "A review on a pull request was submitted.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "review_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review" + }, + { + "action": "repo.access", + "description": "The visibility of a repository changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility", + "previous_visibility" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility" + }, + { + "action": "repo.actions_enabled", + "description": "GitHub Actions was enabled for a repository.", + "docs_reference_links": "organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api" + }, + { + "action": "repo.add_member", + "description": "A collaborator was added to a repository.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type", + "oauth_application_id" + ], + "docs_reference_titles": "Inviting collaborators to a personal repository" + }, + { + "action": "repo.add_topic", + "description": "A topic was added to a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "topic", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics" + }, + { + "action": "repo.advanced_security_disabled", + "description": "GitHub Advanced Security was disabled for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository" + }, + { + "action": "repo.advanced_security_enabled", + "description": "GitHub Advanced Security was enabled for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository" + }, + { + "action": "repo.archived", + "description": "A repository was archived.", + "docs_reference_links": "/repositories/archiving-a-github-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository" + }, + { + "action": "repo.change_merge_setting", + "description": "Pull request merge options were changed for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_analysis_deleted", + "description": "Code scanning analysis for a repository was deleted.", + "docs_reference_links": "/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at", + "public_repo", + "tool", + "category" + ], + "docs_reference_titles": "/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository" + }, + { + "action": "repo.code_scanning_autofix_disabled", + "description": "Autofix for code scanning alerts was disabled for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_autofix_enabled", + "description": "Autofix for code scanning alerts was enabled for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_configuration_for_branch_deleted", + "description": "A code scanning configuration for a branch of a repository was deleted.", + "docs_reference_links": "/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "tool", + "branch", + "category", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Resolving code scanning alerts" + }, + { + "action": "repo.codeql_disabled", + "description": "Code scanning using the default setup was disabled for a repository.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Configuring default setup for code scanning" + }, + { + "action": "repo.codeql_enabled", + "description": "Code scanning using the default setup was enabled for a repository.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "query_suite", + "threat_model", + "languages" + ], + "docs_reference_titles": "Configuring default setup for code scanning" + }, + { + "action": "repo.codeql_updated", + "description": "Code scanning using the default setup was updated for a repository.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "query_suite", + "threat_model", + "languages", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Configuring default setup for code scanning" + }, + { + "action": "repo.collaborators_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.config.disable_collaborators_only", + "description": "The interaction limit for collaborators only was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.disable_contributors_only", + "description": "The interaction limit for prior contributors only was disabled in a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.disable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only was disabled in a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_collaborators_only", + "description": "The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_contributors_only", + "description": "The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_sockpuppet_disallowed", + "description": "The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.configure_self_hosted_jit_runner", + "description": "A new just-in-time GitHub Actions self-hosted runner was configured", + "docs_reference_links": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository" + }, + { + "action": "repo.create", + "description": "A repository was created.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/creating-a-new-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "request_category", + "created_at", + "oauth_application_id", + "request_method", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/creating-a-new-repository" + }, + { + "action": "repo.create_actions_secret", + "description": "A GitHub Actions secret was created for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.create_actions_variable", + "description": "A GitHub Actions variable was created for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.create_integration_secret", + "description": "A Codespaces or Dependabot secret was created for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.destroy", + "description": "A repository was deleted.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/deleting-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "request_category", + "visibility", + "created_at", + "request_method", + "oauth_application_id", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/deleting-a-repository" + }, + { + "action": "repo.disk_archive", + "description": "A repository was archived on disk.", + "docs_reference_links": "/repositories/archiving-a-github-repository/archiving-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository/archiving-repositories" + }, + { + "action": "repo.download_zip", + "description": "A source code archive of a repository was downloaded as a ZIP file.", + "docs_reference_links": "/repositories/working-with-files/using-files/downloading-source-code-archives", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/working-with-files/using-files/downloading-source-code-archives" + }, + { + "action": "repo.hide_from_discovery", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "visibility", + "created_at" + ] + }, + { + "action": "repo.noindex", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "repo.override_unlock", + "description": "The repository was unlocked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_build", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ] + }, + { + "action": "repo.pages_cname", + "description": "A GitHub Pages custom domain was modified in a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "cname", + "created_at", + "operation_type", + "old_cname" + ] + }, + { + "action": "repo.pages_create", + "description": "A GitHub Pages site was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_destroy", + "description": "A GitHub Pages site was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.pages_https_redirect_disabled", + "description": "HTTPS redirects were disabled for a GitHub Pages site.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_https_redirect_enabled", + "description": "HTTPS redirects were enabled for a GitHub Pages site.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.pages_private", + "description": "A GitHub Pages site visibility was changed to private.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_public", + "description": "A GitHub Pages site visibility was changed to public.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_soft_delete", + "description": "A GitHub Pages site was soft-deleted because its owner's plan changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.pages_soft_delete_restore", + "description": "A GitHub Pages site that was previously soft-deleted was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.pages_source", + "description": "A GitHub Pages source was modified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "visibility", + "created_at" + ] + }, + { + "action": "repo.register_self_hosted_runner", + "description": "A new self-hosted runner was registered.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Adding self-hosted runners" + }, + { + "action": "repo.remove_actions_secret", + "description": "A GitHub Actions secret was deleted for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.remove_actions_variable", + "description": "A GitHub Actions variable was deleted for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.remove_integration_secret", + "description": "A Codespaces or Dependabot secret was deleted for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.remove_member", + "description": "A collaborator was removed from a repository.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "Removing a collaborator from a personal repository" + }, + { + "action": "repo.remove_self_hosted_runner", + "description": "A self-hosted runner was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "repo.remove_topic", + "description": "A topic was removed from a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "topic", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.rename", + "description": "A repository was renamed.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/renaming-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_name", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/renaming-a-repository" + }, + { + "action": "repo.require_login", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.restore", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.self_hosted_runner_offline", + "description": "The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "repo.self_hosted_runner_online", + "description": "The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "repo.self_hosted_runner_updated", + "description": "The runner application was updated. This event is not included in the JSON/CSV export.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "source_version", + "target_version", + "runner_group_id", + "runner_group_name" + ], + "docs_reference_titles": "Self-hosted runners" + }, + { + "action": "repo.set_actions_fork_pr_approvals_policy", + "description": "The setting for requiring approvals for workflows from public forks was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks" + }, + { + "action": "repo.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories" + }, + { + "action": "repo.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs in a repository was changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository" + }, + { + "action": "repo.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository" + }, + { + "action": "repo.set_fork_pr_workflows_policy", + "description": "Triggered when the policy for workflows on private repository forks is changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks" + }, + { + "action": "repo.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests" + }, + { + "action": "repo.staff_unlock", + "description": "An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.temporary_access_granted", + "description": "Temporary access was enabled for a repository.", + "docs_reference_links": "/admin/user-management/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Accessing user-owned repositories in your enterprise" + }, + { + "action": "repo.transfer", + "description": "A user accepted a request to receive a transferred repository.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/transferring-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "old_user", + "operation_type", + "created_at", + "visibility", + "repo_was" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/transferring-a-repository" + }, + { + "action": "repo.transfer_outgoing", + "description": "A repository was transferred to another repository network.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "new_nwo", + "visibility", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "repo.transfer_start", + "description": "A user sent a request to transfer a repository to another user or organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ] + }, + { + "action": "repo.unarchived", + "description": "A repository was unarchived.", + "docs_reference_links": "/repositories/archiving-a-github-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository" + }, + { + "action": "repo.update_actions_access_settings", + "description": "The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "old_policy", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.update_actions_secret", + "description": "A GitHub Actions secret was updated for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.update_actions_settings", + "description": "A repository administrator changed GitHub Actions policy settings for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "new_policy", + "old_policy", + "updated_access_policy", + "actor_is_bot" + ] + }, + { + "action": "repo.update_actions_variable", + "description": "A GitHub Actions variable was updated for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.update_default_branch", + "description": "The default branch for a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "repo.update_integration_secret", + "description": "A Codespaces or Dependabot secret was updated for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.update_member", + "description": "A user's permission to a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "visibility", + "old_permission", + "old_base_role", + "old_repo_permission", + "old_repo_base_role", + "new_repo_base_role", + "new_repo_permission", + "actor_is_bot" + ] + }, + { + "action": "repository_branch_protection_evaluation.disable", + "description": "Branch protections were disabled for the repository.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "action": "repository_branch_protection_evaluation.enable", + "description": "Branch protections were enabled for this repository.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "action": "repository_image.create", + "description": "An image to represent a repository was uploaded.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "content_type" + ] + }, + { + "action": "repository_image.destroy", + "description": "An image to represent a repository was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "content_type", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_invitation.accept", + "description": "An invitation to join a repository was accepted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "invitee", + "operation_type", + "inviter" + ] + }, + { + "action": "repository_invitation.cancel", + "description": "An invitation to join a repository was canceled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "inviter", + "operation_type", + "invitee", + "created_at" + ] + }, + { + "action": "repository_invitation.create", + "description": "An invitation to join a repository was sent.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitee", + "inviter", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_invitation.reject", + "description": "An invitation to join a repository was declined.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitee", + "operation_type", + "created_at", + "inviter" + ] + }, + { + "action": "repository_ruleset.create", + "description": "A repository ruleset was created.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules", + "ruleset_conditions", + "ruleset_bypass_actors" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository" + }, + { + "action": "repository_ruleset.destroy", + "description": "A repository ruleset was deleted.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules", + "ruleset_bypass_actors" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset" + }, + { + "action": "repository_ruleset.update", + "description": "A repository ruleset was edited.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules_updated", + "ruleset_conditions_added", + "ruleset_conditions_deleted", + "ruleset_old_enforcement", + "ruleset_rules_added", + "ruleset_rules_deleted", + "ruleset_old_name", + "ruleset_conditions_updated", + "ruleset_bypass_actors_added", + "ruleset_bypass_actors_deleted", + "ruleset_bypass_actors_updated", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset" + }, + { + "action": "repository_secret_scanning_automatic_validity_checks.disabled", + "description": "Automatic partner validation checks have been disabled at the repository level", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository" + }, + { + "action": "repository_secret_scanning_automatic_validity_checks.enabled", + "description": "Automatic partner validation checks have been enabled at the repository level", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository" + }, + { + "action": "repository_secret_scanning_custom_pattern.create", + "description": "A custom pattern was created for secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern.delete", + "description": "A custom pattern was removed from secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern.publish", + "description": "A custom pattern was published for secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern_push_protection.disabled", + "description": "Push protection for a custom pattern for secret scanning was disabled for your repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern_push_protection.enabled", + "description": "Push protection for a custom pattern for secret scanning was enabled for your repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern.update", + "description": "Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning.disable", + "description": "Secret scanning was disabled for a repository.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "repository_secret_scanning.enable", + "description": "Secret scanning was enabled for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_secret_scanning_non_provider_patterns.disabled", + "description": "Secret scanning for non-provider patterns was disabled at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "repository_secret_scanning_non_provider_patterns.enabled", + "description": "Secret scanning for non-provider patterns was enabled at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.add", + "description": "A role or team was added to the push protection bypass list at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.disable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.enable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.remove", + "description": "A role or team was removed from the push protection bypass list at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection.disable", + "description": "Secret scanning push protection was disabled for a repository.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection.enable", + "description": "Secret scanning push protection was enabled for a repository.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "restrict_notification_delivery.disable", + "description": "Email notification restrictions for an organization or enterprise were disabled.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Restricting email notifications for your organization, Restricting email notifications for your enterprise" + }, + { + "action": "restrict_notification_delivery.enable", + "description": "Email notification restrictions for an organization or enterprise were enabled.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Restricting email notifications for your organization, Restricting email notifications for your enterprise" + }, + { + "action": "secret_scanning_alert.create", + "description": "GitHub detected a secret and created a secret scanning alert.", + "docs_reference_links": "/code-security/secret-scanning/managing-alerts-from-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo" + ], + "docs_reference_titles": "Manage secret scanning alerts" + }, + { + "action": "secret_scanning_alert.reopen", + "description": "A secret scanning alert was reopened.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "secret_type_display_name" + ] + }, + { + "action": "secret_scanning_alert.resolve", + "description": "A secret scanning alert was resolved.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "resolution", + "public_repo", + "created_at", + "operation_type", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo" + ] + }, + { + "action": "secret_scanning_alert.revoke", + "description": "A secret scanning alert was revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "secret_scanning_alert.validate", + "description": "A secret scanning alert was validated.", + "docs_reference_links": "/code-security/secret-scanning/managing-alerts-from-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "created_at", + "previous_validity", + "current_validity", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo" + ], + "docs_reference_titles": "Manage secret scanning alerts" + }, + { + "action": "secret_scanning.disable", + "description": "Secret scanning was disabled for all existing repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning.enable", + "description": "Secret scanning was enabled for all existing repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning_new_repos.disable", + "description": "Secret scanning was disabled for all new repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning_new_repos.enable", + "description": "Secret scanning was enabled for all new repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning_push_protection.bypass", + "description": "Triggered when a user bypasses the push protection on a secret detected by secret scanning.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "created_at", + "push_protection_bypass_reason", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo", + "request_reviewer", + "request_reviewer_id" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "secret_scanning_push_protection_request.approve", + "description": "A request to bypass secret scanning push protection was approved by a user.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "secret_scanning_push_protection_request.deny", + "description": "A request to bypass secret scanning push protection was denied by a user.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot", + "request_reviewer_comment" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "secret_scanning_push_protection_request.request", + "description": "A user requested to bypass secret scanning push protection.", + "docs_reference_links": "/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line" + }, + { + "action": "security_key.register", + "description": "A security key was registered for an account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "security_key.remove", + "description": "A security key was removed from an account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "sponsors.agreement_sign", + "description": "A GitHub Sponsors agreement was signed on behalf of an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.custom_amount_settings_change", + "description": "Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers" + }, + { + "action": "sponsors.fiscal_host_change", + "description": "The fiscal host for a GitHub Sponsors listing was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.repo_funding_links_file_action", + "description": "The FUNDING file in a repository was changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository" + }, + { + "action": "sponsors.sponsor_sponsorship_cancel", + "description": "A sponsorship was canceled.", + "docs_reference_links": "/billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Downgrading a sponsorship" + }, + { + "action": "sponsors.sponsor_sponsorship_create", + "description": "A sponsorship was created, by sponsoring an account.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes" + }, + { + "action": "sponsors.sponsor_sponsorship_payment_complete", + "description": "After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "active", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes" + }, + { + "action": "sponsors.sponsor_sponsorship_preference_change", + "description": "The option to receive email updates from a sponsored account was changed.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship" + }, + { + "action": "sponsors.sponsor_sponsorship_tier_change", + "description": "A sponsorship was upgraded or downgraded.", + "docs_reference_links": "/billing/managing-billing-for-github-sponsors/upgrading-a-sponsorship, /billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Upgrading a sponsorship, Downgrading a sponsorship" + }, + { + "action": "sponsors.sponsored_developer_approve", + "description": "A GitHub Sponsors account was approved.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_create", + "description": "A GitHub Sponsors account was created.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_disable", + "description": "A GitHub Sponsors account was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "operation_type", + "created_at" + ] + }, + { + "action": "sponsors.sponsored_developer_profile_update", + "description": "The profile for GitHub Sponsors account was edited.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors" + }, + { + "action": "sponsors.sponsored_developer_redraft", + "description": "A GitHub Sponsors account was returned to draft state from approved state.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.sponsored_developer_request_approval", + "description": "An application for GitHub Sponsors was submitted for approval.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_tier_description_update", + "description": "The description for a sponsorship tier was changed.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers" + }, + { + "action": "sponsors.sponsored_developer_update_newsletter_send", + "description": "Triggered when you send an email update to your sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors" + }, + { + "action": "sponsors.sponsors_patreon_user_create", + "description": "A Patreon account was linked to a user account for use with GitHub Sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "patreon_email", + "patreon_username", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account" + }, + { + "action": "sponsors.sponsors_patreon_user_destroy", + "description": "A Patreon account for use with GitHub Sponsors was unlinked from a user account.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/unlinking-your-patreon-account-from-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "patreon_email", + "patreon_username", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Unlinking your Patreon account from GitHub" + }, + { + "action": "sponsors.update_tier_repository", + "description": "A GitHub Sponsors tier changed access for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.update_tier_welcome_message", + "description": "The welcome message for a GitHub Sponsors tier for an organization was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.waitlist_join", + "description": "You join the waitlist to join GitHub Sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.withdraw_agreement_signature", + "description": "A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "ssh_certificate_authority.create", + "description": "An SSH certificate authority for an organization or enterprise was created.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "fingerprint", + "operation_type", + "openssh_public_key", + "created_at" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "ssh_certificate_authority.destroy", + "description": "An SSH certificate authority for an organization or enterprise was deleted.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "fingerprint", + "operation_type", + "openssh_public_key" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "ssh_certificate_requirement.disable", + "description": "The requirement for members to use SSH certificates to access an organization resources was disabled.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "ssh_certificate_requirement.enable", + "description": "The requirement for members to use SSH certificates to access an organization resources was enabled.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "staff.set_domain_token_expiration", + "description": "The verification code expiry time for an organization or enterprise domain was set.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "domain_name", + "token_expires_at", + "owner", + "operation_type", + "created_at" + ] + }, + { + "action": "staff.unverify_domain", + "description": "An organization or enterprise domain was unverified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner_type", + "domain_name", + "owner", + "operation_type" + ] + }, + { + "action": "staff.verify_domain", + "description": "An organization or enterprise domain was verified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "domain_name", + "operation_type", + "created_at" + ] + }, + { + "action": "successor_invitation.accept", + "description": "Triggered when you accept a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.cancel", + "description": "Triggered when you cancel a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.create", + "description": "Triggered when you create a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.decline", + "description": "Triggered when you decline a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "successor_invitation.revoke", + "description": "Triggered when you revoke a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "team.add_member", + "description": "A member of an organization was added to a team.", + "docs_reference_links": "/organizations/organizing-members-into-teams/adding-organization-members-to-a-team", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type", + "team_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/adding-organization-members-to-a-team" + }, + { + "action": "team.add_repository", + "description": "A team was given access and permissions to a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "team.change_parent_team", + "description": "A child team was created or a child team's parent was changed.", + "docs_reference_links": "/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "team", + "operation_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy" + }, + { + "action": "team.change_privacy", + "description": "A team's privacy level was changed.", + "docs_reference_links": "/organizations/organizing-members-into-teams/changing-team-visibility", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type", + "team_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/changing-team-visibility" + }, + { + "action": "team.create", + "description": "A new team is created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "team", + "created_at", + "team_type" + ] + }, + { + "action": "team.demote_maintainer", + "description": "A user was demoted from a team maintainer to a team member.", + "docs_reference_links": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member" + }, + { + "action": "team.destroy", + "description": "A team was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "team", + "operation_type", + "team_type" + ] + }, + { + "action": "team_discussions.clear", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team_discussions.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team_discussions.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team.promote_maintainer", + "description": "A user was promoted from a team member to a team maintainer.", + "docs_reference_links": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer" + }, + { + "action": "team.remove_member", + "description": "An organization member was removed from a team.", + "docs_reference_links": "/organizations/organizing-members-into-teams/removing-organization-members-from-a-team", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "team", + "team_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/removing-organization-members-from-a-team" + }, + { + "action": "team.remove_repository", + "description": "A repository was removed from a team's control.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "team", + "operation_type" + ] + }, + { + "action": "team.rename", + "description": "A team's name was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "team", + "operation_type", + "team_type" + ] + }, + { + "action": "team_sync_tenant.disabled", + "description": "Team synchronization with a tenant was disabled.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise" + }, + { + "action": "team_sync_tenant.enabled", + "description": "Team synchronization with a tenant was enabled.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise" + }, + { + "action": "team.update_repository_permission", + "description": "A team's permission to a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "old_permission", + "operation_type", + "created_at", + "permission", + "new_repo_permission", + "new_repo_base_role", + "old_repo_permission", + "old_repo_base_role" + ] + }, + { + "action": "trusted_device.register", + "description": "A new trusted device was added.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "trusted_device.remove", + "description": "A trusted device was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_account_recovery.abort", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.complete", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.ignore", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.staff_approve", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.staff_decline", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_account_recovery.start", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_account_recovery.two_factor_destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.add_factor", + "description": "A secondary authentication factor was added to a user account.", + "docs_reference_links": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication" + }, + { + "action": "two_factor_authentication.disabled", + "description": "Two-factor authentication was disabled for a user account.", + "docs_reference_links": "https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/disabling-two-factor-authentication-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Disabling two-factor authentication for your personal account" + }, + { + "action": "two_factor_authentication.enabled", + "description": "Two-factor authentication was enabled for a user account.", + "docs_reference_links": "https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Configuring two-factor authentication" + }, + { + "action": "two_factor_authentication.password_reset_fallback_sms", + "description": "A one-time password code was sent to a user account fallback phone number.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.recovery_codes_regenerated", + "description": "Two factor recovery codes were regenerated for a user account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.remove_factor", + "description": "A secondary authentication factor was removed from a user account.", + "docs_reference_links": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication" + }, + { + "action": "two_factor_authentication.sign_in_fallback_sms", + "description": "A one-time password code was sent to a user account fallback phone number.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.update_fallback", + "description": "The two-factor authentication fallback for a user account was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.add_email", + "description": "An email address was added to a user account.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "email", + "created_at" + ], + "docs_reference_titles": "Adding an email address to your GitHub account" + }, + { + "action": "user.async_delete", + "description": "An asynchronous job was started to destroy a user account, eventually triggering a user.delete event.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.audit_log_export", + "description": "Audit log entries were exported.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.block_user", + "description": "A user was blocked by another user.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "blocked_user", + "operation_type", + "created_at" + ] + }, + { + "action": "user.change_password", + "description": "A user changed their password.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.codespaces_trusted_repo_access_granted", + "description": "Triggered when you allow the codespaces you create for a repository to access other repositories owned by your personal account.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "user.codespaces_trusted_repo_access_revoked", + "description": "Triggered when you disallow the codespaces you create for a repository to access other repositories owned by your personal account.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "user.correct_password_from_unrecognized_device", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.correct_password_from_unrecognized_device_and_location", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.correct_password_from_unrecognized_location", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.create", + "description": "A new user account was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "email", + "operation_type", + "created_at" + ] + }, + { + "action": "user.create_integration_secret", + "description": "A user secret for Codespaces was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "created_at", + "operation_type" + ] + }, + { + "action": "user.creation_rate_limit_exceeded", + "description": "The rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "oauth_application_id" + ] + }, + { + "action": "user.delete", + "description": "A user account was destroyed by an asynchronous job.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.demote", + "description": "A site administrator was demoted to an ordinary user account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type" + ] + }, + { + "action": "user.destroy", + "description": "A user deleted his or her account, triggering user.async_delete.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.device_verification_failure", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.device_verification_requested", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.device_verification_success", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.disable_collaborators_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.disable_contributors_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.disable_sockpuppet_disallowed", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user_email.confirm_claim", + "description": "An enterprise managed user claimed an email address.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "user_email.mark_as_unclaimed", + "description": "N/A", + "docs_reference_links": "An enterprise managed user unclaimed an email address.", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "An, GitHub Help Documentation, managed, user, unclaimed, an, email, address." + }, + { + "action": "user.enable_collaborators_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.enable_contributors_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.enable_sockpuppet_disallowed", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.failed_login", + "description": "A user tried to sign in with an incorrect username, password, or two-factor authentication code.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.flag_as_large_scale_contributor", + "description": "A user account was flagged as a large scale contributor. Only contributions from public repositories the user owns will be shown in their contribution graph, in order to prevent timeouts.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.forgot_password", + "description": "A user requested a password reset.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "email", + "created_at" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials" + }, + { + "action": "user.grant_github_developer", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.hide_private_contributions_count", + "description": "A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Manage visibility settings for private contributions" + }, + { + "action": "user.login", + "description": "A user signed in.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "passkey_nickname" + ] + }, + { + "action": "user.logout", + "description": "A user signed out.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.minimize_comment", + "description": "A comment made by a user was minimized.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.new_device_used", + "description": "A user signed in from a new device.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.partial_two_factor_email_followup", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.promote", + "description": "An ordinary user account was promoted to a site administrator.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type" + ] + }, + { + "action": "user.recreate", + "description": "A user's account was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.remove_email", + "description": "An email address was removed from a user account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "email" + ] + }, + { + "action": "user.remove_integration_secret", + "description": "A user secret for Codespaces was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "integration", + "created_at", + "operation_type" + ] + }, + { + "action": "user.remove_large_scale_contributor_flag", + "description": "A user account was no longer flagged as a large scale contributor.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.rename", + "description": "A username was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_login", + "created_at", + "operation_type" + ] + }, + { + "action": "user.report_abuse", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.report_content", + "description": "Triggered when you report an issue or pull request, or a comment on an issue, pull request, or commit.", + "docs_reference_links": "/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/maintaining-your-safety-on-github/reporting-abuse-or-spam" + }, + { + "action": "user.reset_password", + "description": "A user reset their account password.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user_session.country_change", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.show_private_contributions_count", + "description": "A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Manage visibility settings for private contributions" + }, + { + "action": "user.sign_in_from_unrecognized_device", + "description": "A user signed in from an unrecognized device.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.sign_in_from_unrecognized_device_and_location", + "description": "A user signed in from an unrecognized device and location.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.sign_in_from_unrecognized_location", + "description": "A user signed in from an unrecognized location.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user_status.destroy", + "description": "Triggered when you clear the status on your profile.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "message", + "created_at", + "limited_availability", + "emoji", + "operation_type" + ] + }, + { + "action": "user_status.update", + "description": "Triggered when you set or change the status on your profile.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "limited_availability", + "message", + "created_at", + "emoji", + "operation_type" + ], + "docs_reference_titles": "Personalize your profile" + }, + { + "action": "user.suspend", + "description": "A user account was suspended.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "user.toggle_warn_private_email", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_challenge_failure", + "description": "A 2FA challenge issued for a user account failed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_challenge_success", + "description": "A 2FA challenge issued for a user account succeeded.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recover", + "description": "A user used their 2FA recovery codes.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recovery_codes_downloaded", + "description": "A user downloaded 2FA recovery codes for their account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recovery_codes_printed", + "description": "A user printed 2FA recovery codes for their account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recovery_codes_viewed", + "description": "A user viewed 2FA recovery codes for their account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.two_factor_requested", + "description": "A user was prompted for a two-factor authentication code.", + "docs_reference_links": "/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication" + }, + { + "action": "user.unblock_user", + "description": "A user was unblocked by another user.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "blocked_user", + "operation_type", + "created_at" + ] + }, + { + "action": "user.unminimize_comment", + "description": "A comment made by a user was unminimized.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.unsuspend", + "description": "A user account was unsuspended.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "user.update_integration_secret", + "description": "A user secret for Codespaces was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "created_at", + "operation_type" + ] + }, + { + "action": "user.update_new_repository_default_branch_setting", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.approve_workflow_job", + "description": "A workflow job was approved.", + "docs_reference_links": "/actions/managing-workflow-runs/reviewing-deployments", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Reviewing deployments" + }, + { + "action": "workflows.bypass_protection_rules", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.cancel_workflow_run", + "description": "A workflow run was cancelled.", + "docs_reference_links": "/actions/managing-workflow-runs/canceling-a-workflow", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "run_number", + "cancelled_at", + "workflow_id", + "operation_type", + "trigger_id", + "public_repo" + ], + "docs_reference_titles": "Canceling a workflow run" + }, + { + "action": "workflows.comment_workflow_job", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.completed_workflow_run", + "description": "A workflow status changed to completed. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "completed_at", + "conclusion", + "run_number", + "workflow_id", + "operation_type", + "trigger_id", + "run_attempt", + "actor_is_bot", + "actor_is_agent" + ], + "docs_reference_titles": "Viewing workflow run history" + }, + { + "action": "workflows.created_workflow_run", + "description": "A workflow run was create. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/learn-github-actions/understanding-github-actions#create-an-example-workflow", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "workflow_id", + "operation_type", + "trigger_id", + "public_repo", + "actor_is_bot", + "actor_is_agent" + ], + "docs_reference_titles": "Understanding GitHub Actions" + }, + { + "action": "workflows.delete_workflow_run", + "description": "A workflow run was deleted.", + "docs_reference_links": "/actions/managing-workflow-runs/deleting-a-workflow-run", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "workflow_run_id", + "started_at", + "head_branch", + "head_sha", + "trigger_id" + ], + "docs_reference_titles": "Deleting a workflow run" + }, + { + "action": "workflows.disable_workflow", + "description": "A workflow was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_id", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "workflows.enable_workflow", + "description": "A workflow was enabled, after previously being disabled by disable_workflow.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_id", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "workflows.pin_workflow", + "description": "A workflow was pinned.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "workflow_id", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "workflows.prepared_workflow_job", + "description": "A workflow job was started. Includes the list of secrets that were provided to the job. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/using-workflows/events-that-trigger-workflows", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "job_name", + "runner_labels", + "is_hosted_runner", + "environment_name", + "secrets_passed", + "operation_type", + "created_at", + "runner_owner_type", + "job_workflow_ref", + "calling_workflow_refs", + "calling_workflow_shas", + "imposer_repo" + ], + "docs_reference_titles": "Events that trigger workflows" + }, + { + "action": "workflows.reject_workflow_job", + "description": "A workflow job was rejected.", + "docs_reference_links": "/actions/managing-workflow-runs/reviewing-deployments", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Reviewing deployments" + }, + { + "action": "workflows.rerun_workflow_run", + "description": "A workflow run was re-run.", + "docs_reference_links": "/actions/managing-workflow-runs/re-running-workflows-and-jobs", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "run_number", + "workflow_id", + "operation_type", + "trigger_id", + "run_attempt", + "rerun_type", + "check_run_id", + "actor_is_bot" + ], + "docs_reference_titles": "Re-running workflows and jobs" + }, + { + "action": "workflows.unpin_workflow", + "description": "A workflow was unpinned after previously being pinned.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "workflow_id", + "created_at", + "operation_type", + "actor_is_bot" + ] + } +] \ No newline at end of file diff --git a/src/audit-logs/data/ghes-3.14/organization.json b/src/audit-logs/data/ghes-3.14/organization.json new file mode 100644 index 000000000000..75b575cceb28 --- /dev/null +++ b/src/audit-logs/data/ghes-3.14/organization.json @@ -0,0 +1,22542 @@ +[ + { + "action": "account.billing_date_change", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "account.plan_change", + "description": "The account's plan changed.", + "docs_reference_links": "/billing/managing-the-plan-for-your-github-account/about-billing-for-plans", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "How GitHub billing works" + }, + { + "action": "actions_cache.delete", + "description": "A GitHub Actions cache was deleted using the REST API.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "actions_cache_id", + "actions_cache_key", + "actions_cache_version", + "actions_cache_scope", + "created_at", + "operation_type" + ] + }, + { + "action": "advisory_credit.accept", + "description": "Credit was accepted for a security advisory.", + "docs_reference_links": "/code-security/security-advisories/working-with-repository-security-advisories/editing-a-repository-security-advisory", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ghsa_id", + "recipient", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Editing a repository security advisory" + }, + { + "action": "advisory_credit.create", + "description": "Someone was added to the credit section of a security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ghsa_id", + "recipient", + "operation_type", + "created_at" + ] + }, + { + "action": "advisory_credit.decline", + "description": "Credit was declined for a security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ghsa_id", + "recipient", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "advisory_credit.destroy", + "description": "Someone was removed from the credit section of a security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ghsa_id", + "recipient", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "artifact.destroy", + "description": "A workflow run artifact was manually deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "auto_approve_personal_access_token_requests.disable", + "description": "Triggered when the organization must approve fine-grained personal access tokens before the tokens can access organization resources. See also: personal_access_token.auto_approve_grant_requests_disabled", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization" + }, + { + "action": "auto_approve_personal_access_token_requests.enable", + "description": "Triggered when fine-grained personal access tokens can access organization resources without prior approval. See also: personal_access_token.auto_approve_grant_requests_enabled", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/setting-a-personal-access-token-policy-for-your-organization" + }, + { + "action": "billing.change_billing_type", + "description": "The way the account pays for GitHub was changed.", + "docs_reference_links": "/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing your payment and billing information" + }, + { + "action": "billing.change_email", + "description": "The billing email address changed.", + "docs_reference_links": "/billing/managing-your-github-billing-settings/setting-your-billing-email", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "email" + ], + "docs_reference_titles": "Managing your payment and billing information" + }, + { + "action": "billing.lock", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "billing.unlock", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "checks.auto_trigger_disabled", + "description": "Automatic creation of check suites was disabled on a repository in the organization or enterprise.", + "docs_reference_links": "/rest/checks#update-repository-preferences-for-check-suites", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/checks#update-repository-preferences-for-check-suites" + }, + { + "action": "checks.auto_trigger_enabled", + "description": "Automatic creation of check suites was enabled on a repository in the organization or enterprise.", + "docs_reference_links": "/rest/checks#update-repository-preferences-for-check-suites", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "/rest/checks#update-repository-preferences-for-check-suites" + }, + { + "action": "checks.delete_logs", + "description": "Logs in a check suite were deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "codespaces.allow_permissions", + "description": "A codespace using custom permissions from its devcontainer.json file was launched.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "origin_repository", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.attempted_to_create_from_prebuild", + "description": "An attempt to create a codespace from a prebuild was made.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "pull_request_id", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "codespaces.business_enablement_updated", + "description": "Enterprise setting for Codespaces ownership was updated.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enablement", + "organization_names", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization" + }, + { + "action": "codespaces.connect", + "description": "Credentials for a codespace were refreshed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot", + "machine_type", + "devcontainer_path" + ] + }, + { + "action": "codespaces.create", + "description": "A codespace was created", + "docs_reference_links": "/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at", + "actor_is_bot", + "machine_type", + "devcontainer_path" + ], + "docs_reference_titles": "Creating a codespace for a repository" + }, + { + "action": "codespaces.destroy", + "description": "A user deleted a codespace.", + "docs_reference_links": "/codespaces/developing-in-codespaces/deleting-a-codespace", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Deleting a codespace" + }, + { + "action": "codespaces.export_environment", + "description": "A codespace was exported to a branch on GitHub.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "owner", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "codespaces.policy_group_created", + "description": "Policies were applied to codespaces in an organization or enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.policy_group_deleted", + "description": "Policies were removed from codespaces in an organization or enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.policy_group_updated", + "description": "Policies were updated for codespaces in an organization or enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.restore", + "description": "A codespace was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.start_environment", + "description": "A codespace was started.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "pull_request_id", + "machine_type", + "devcontainer_path", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.suspend_environment", + "description": "A codespace was stopped.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "codespaces.trusted_repositories_access_update", + "description": "A personal account's access and security setting for Codespaces were updated.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "commit_comment.destroy", + "description": "A commit comment was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "commit_comment.update", + "description": "A commit comment was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.access_revoked", + "description": "Copilot access was revoked for the organization or enterprise due to its Copilot subscription ending, an issue with billing the entity, the entity being marked spammy, or the entity being suspended.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "reason", + "plan", + "owner", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_org_settings_changed", + "description": "Copilot feature settings were changed at the organization level.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_added", + "description": "A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_created", + "description": "A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.", + "docs_reference_links": "/copilot/overview-of-github-copilot/about-github-copilot-for-business", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "What is GitHub Copilot?" + }, + { + "action": "copilot.cfb_seat_assignment_refreshed", + "description": "A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_reused", + "description": "A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_unassigned", + "description": "A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_cancelled", + "description": "A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "seat_assignment" + ] + }, + { + "action": "copilot.cfb_seat_cancelled_by_staff", + "description": "A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_management_changed", + "description": "The seat management setting was changed at the organization level to either enable or disable Copilot access for all members of the organization, or to enable Copilot access for selected members or teams.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_value", + "new_value", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "copilot.content_exclusion_changed", + "description": "The excluded paths for GitHub Copilot were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "excluded_paths", + "owner_type", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.knowledge_base_created", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "copilot.knowledge_base_deleted", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "copilot.knowledge_base_updated", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "copilot.plan_changed", + "description": "The plan for GitHub Copilot was updated.", + "docs_reference_links": "/billing/managing-billing-for-github-copilot/about-billing-for-github-copilot", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_plan", + "plan", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "GitHub Copilot licenses" + }, + { + "action": "custom_hosted_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_property_definition.create", + "description": "A new custom property definition was created.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "property_name", + "created_at", + "operation_type", + "value_type", + "required", + "default_value", + "definition_id" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_definition.destroy", + "description": "A custom property definition was deleted.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "property_name", + "created_at", + "operation_type", + "value_type", + "required", + "default_value", + "definition_id", + "allowed_values" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_definition.update", + "description": "A custom property definition was updated.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "property_name", + "created_at", + "operation_type", + "value_type", + "required", + "default_value", + "old_allowed_values", + "allowed_values", + "definition_id", + "old_required", + "old_default_value", + "old_value_type", + "old_values_editable_by", + "values_editable_by" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_value.create", + "description": "A repository's custom property value was manually set for the first time.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "definition_id", + "property_name", + "value", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_value.destroy", + "description": "A repository's custom property value was deleted.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "custom_property_value.update", + "description": "A repository's custom property value was updated.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "definition_id" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization" + }, + { + "action": "dependabot_alerts.disable", + "description": "Dependabot alerts were disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories" + }, + { + "action": "dependabot_alerts.enable", + "description": "Dependabot alerts were enabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories" + }, + { + "action": "dependabot_alerts_new_repos.disable", + "description": "Dependabot alerts were disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added" + }, + { + "action": "dependabot_alerts_new_repos.enable", + "description": "Dependabot alerts were enabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added" + }, + { + "action": "dependabot_repository_access.repositories_updated", + "description": "The repositories that Dependabot can access were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "dependabot_security_updates.disable", + "description": "Dependabot security updates were disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependabot_security_updates.enable", + "description": "Dependabot security updates were enabled for all existing repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "dependabot_security_updates_new_repos.disable", + "description": " Dependabot security updates were disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependabot_security_updates_new_repos.enable", + "description": "Dependabot security updates were enabled for all new repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "dependency_graph.disable", + "description": "The dependency graph was disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependency_graph.enable", + "description": "The dependency graph was enabled for all existing repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "dependency_graph_new_repos.disable", + "description": "The dependency graph was disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependency_graph_new_repos.enable", + "description": "The dependency graph was enabled for all new repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "discussion_comment.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "discussion_comment.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "discussion.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "title", + "created_at" + ] + }, + { + "action": "discussion_post.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "number", + "title", + "operation_type" + ] + }, + { + "action": "discussion_post_reply.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "number", + "created_at" + ] + }, + { + "action": "discussion_post_reply.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "number", + "team", + "created_at" + ] + }, + { + "action": "discussion_post.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "title", + "operation_type", + "team", + "number" + ] + }, + { + "action": "enterprise_announcement.create", + "description": "A global announcement banner was created for the enterprise.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise#creating-a-global-announcement-banner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "message", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Customizing user messages for your enterprise" + }, + { + "action": "enterprise_announcement.destroy", + "description": "A global announcement banner was removed from the enterprise.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Customizing user messages for your enterprise" + }, + { + "action": "enterprise_announcement.update", + "description": "A global announcement banner was updated for the enterprise.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/communicating-information-to-users-in-your-enterprise/customizing-user-messages-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "message", + "old_message", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Customizing user messages for your enterprise" + }, + { + "action": "enterprise_installation.create", + "description": "The GitHub App associated with a GitHub Connect connection was created.", + "docs_reference_links": "/admin/configuration/configuring-github-connect/managing-github-connect", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enabling GitHub Connect for GitHub.com" + }, + { + "action": "enterprise_installation.destroy", + "description": "The GitHub App associated with a GitHub Connect connection was deleted.", + "docs_reference_links": "/admin/configuration/configuring-github-connect/managing-github-connect", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enabling GitHub Connect for GitHub.com" + }, + { + "action": "environment.add_protection_rule", + "description": "A GitHub Actions deployment protection rule was created via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "environment.create_actions_secret", + "description": "A secret was created for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.create_actions_variable", + "description": "A variable was created for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "environment_name", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.delete", + "description": "An environment was deleted.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deleting-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.remove_actions_secret", + "description": "A secret was deleted for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.remove_actions_variable", + "description": "A variable was deleted for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.remove_protection_rule", + "description": "A GitHub Actions deployment protection rule was deleted via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.update_actions_secret", + "description": "A secret was updated for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.update_actions_variable", + "description": "A variable was updated for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.update_protection_rule", + "description": "A GitHub Actions deployment protection rule was updated via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "new_value", + "approvers_was", + "approvers", + "can_admins_bypass", + "prevent_self_review" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "git.clone", + "description": "A repository was cloned. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "transport_protocol", + "repository_public", + "transport_protocol_name" + ] + }, + { + "action": "git.fetch", + "description": "Changes were fetched from a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "transport_protocol", + "repository_public", + "transport_protocol_name" + ] + }, + { + "action": "git.push", + "description": "Changes were pushed to a repository. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "transport_protocol", + "repository_public", + "transport_protocol_name" + ] + }, + { + "action": "github_hosted_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "github_hosted_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "github_hosted_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "hook.active_changed", + "description": "A hook's active status was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "events", + "active", + "active_was", + "hook_id", + "operation_type" + ] + }, + { + "action": "hook.config_changed", + "description": "A hook's configuration was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "hook_id", + "created_at", + "oauth_application_id", + "events" + ] + }, + { + "action": "hook.create", + "description": "A new hook was added.", + "docs_reference_links": "/get-started/exploring-integrations/about-webhooks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "hook_id", + "events", + "operation_type", + "name", + "created_at" + ], + "docs_reference_titles": "About webhooks" + }, + { + "action": "hook.destroy", + "description": "A hook was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "events", + "created_at", + "name", + "operation_type", + "oauth_application_id", + "hook_id" + ] + }, + { + "action": "hook.events_changed", + "description": "A hook's configured events were changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "events", + "operation_type", + "name", + "events_were", + "created_at", + "hook_id", + "oauth_application_id" + ] + }, + { + "action": "integration.create", + "description": "A GitHub App was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "integration", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.destroy", + "description": "A GitHub App was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "integration.generate_client_secret", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration_installation.create", + "description": "A GitHub App was installed.", + "docs_reference_links": "/apps/using-github-apps/authorizing-github-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "repository_selection", + "created_at", + "integration", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/authorizing-github-apps" + }, + { + "action": "integration_installation.destroy", + "description": "A GitHub App was uninstalled.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "repository_selection", + "integration", + "operation_type", + "name", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.repositories_added", + "description": "Repositories were added to a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "repository_selection", + "name", + "integration", + "operation_type", + "repositories_added", + "created_at", + "repositories_added_names", + "actor_is_bot", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access" + }, + { + "action": "integration_installation.repositories_removed", + "description": "Repositories were removed from a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "repository_selection", + "repositories_removed", + "integration", + "created_at", + "name", + "repositories_removed_names", + "actor_is_bot", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access" + }, + { + "action": "integration_installation_request.close", + "description": "A request to install a GitHub App was either approved or denied by an owner, or canceled by the member who opened the request.", + "docs_reference_links": "/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "url", + "created_at", + "operation_type", + "integration", + "reason", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner" + }, + { + "action": "integration_installation_request.create", + "description": "A member requested that an owner install a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "requester", + "created_at", + "url", + "operation_type", + "integration", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/requesting-a-github-app-from-your-organization-owner" + }, + { + "action": "integration_installation.suspend", + "description": "A GitHub App was suspended.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "repository_selection", + "integration", + "operation_type", + "created_at", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.unsuspend", + "description": "A GitHub App was unsuspended.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "repository_selection", + "integration", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.version_updated", + "description": "Permissions for a GitHub App were updated.", + "docs_reference_links": "/apps/using-github-apps/approving-updated-permissions-for-a-github-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "integration", + "name", + "operation_type", + "created_at", + "repository_selection", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/approving-updated-permissions-for-a-github-app" + }, + { + "action": "integration.manager_added", + "description": "A member of an enterprise or organization was added as a GitHub App manager.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "manager", + "operation_type", + "integration" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization" + }, + { + "action": "integration.manager_removed", + "description": "A member of an enterprise or organization was removed from being a GitHub App manager.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "integration", + "name", + "created_at", + "manager" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization" + }, + { + "action": "integration.remove_client_secret", + "description": "A client secret for a GitHub App was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "integration.revoke_all_tokens", + "description": "All user tokens for a GitHub App were requested to be revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.revoke_tokens", + "description": "Token(s) for a GitHub App were revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.suspend", + "description": "A GitHub App was suspended.", + "docs_reference_links": "/apps/maintaining-github-apps/suspending-a-github-app-installation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "created_at", + "operation_type", + "application_client_id" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/suspending-a-github-app-installation" + }, + { + "action": "integration.transfer", + "description": "Ownership of a GitHub App was transferred to another user or organization.", + "docs_reference_links": "/apps/maintaining-github-apps/transferring-ownership-of-a-github-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "transfer_to_id", + "requester", + "requester_id", + "created_at", + "transfer_to", + "operation_type", + "integration", + "transfer_from", + "transfer_from_id", + "transfer_from_type", + "transfer_to_type" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/transferring-ownership-of-a-github-app" + }, + { + "action": "integration.unsuspend", + "description": "A GitHub App was unsuspended.", + "docs_reference_links": "/apps/maintaining-github-apps/suspending-a-github-app-installation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "created_at", + "operation_type", + "application_client_id" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/suspending-a-github-app-installation" + }, + { + "action": "ip_allow_list.disable", + "description": "An IP allow list was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "ip_allow_list.disable_for_installed_apps", + "description": "An IP allow list was disabled for installed GitHub Apps.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "ip_allow_list.enable", + "description": "An IP allow list was enabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "ip_allow_list.enable_for_installed_apps", + "description": "An IP allow list was enabled for installed GitHub Apps.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "ip_allow_list_entry.create", + "description": "An IP address was added to an IP allow list.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "active", + "ip_allow_list_entry", + "operation_type", + "created_at" + ] + }, + { + "action": "ip_allow_list_entry.destroy", + "description": "An IP address was deleted from an IP allow list.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ip_allow_list_entry", + "operation_type", + "created_at", + "active" + ] + }, + { + "action": "ip_allow_list_entry.update", + "description": "An IP address or its description was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "ip_allow_list_entry", + "active" + ] + }, + { + "action": "issue_comment.destroy", + "description": "A comment on an issue was deleted from the repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "oauth_application_id" + ] + }, + { + "action": "issue_comment.pinned", + "description": "A comment on an issue was pinned to a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "issue_comment.unpinned", + "description": "A comment on an issue was unpinned from a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "issue_comment.update", + "description": "A comment on an issue (other than the initial one) changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "oauth_application_id" + ] + }, + { + "action": "issue.destroy", + "description": "An issue was deleted from the repository.", + "docs_reference_links": "/issues/tracking-your-work-with-issues/deleting-an-issue", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "title", + "operation_type" + ], + "docs_reference_titles": "Deleting an issue" + }, + { + "action": "issue.pinned", + "description": "An issue was pinned to a repository.", + "docs_reference_links": "/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "owner_type", + "number", + "event" + ], + "docs_reference_titles": "Pinning an issue to your repository" + }, + { + "action": "issue.transfer", + "description": "An issue was transferred to another repository.", + "docs_reference_links": "/issues/tracking-your-work-with-issues/transferring-an-issue-to-another-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "number", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Transferring an issue to another repository" + }, + { + "action": "issue.unpinned", + "description": "An issue was unpinned from a repository.", + "docs_reference_links": "/issues/tracking-your-work-with-issues/pinning-an-issue-to-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "event", + "created_at", + "operation_type", + "number", + "owner_type" + ], + "docs_reference_titles": "Pinning an issue to your repository" + }, + { + "action": "issues.deletes_disabled", + "description": "The ability for enterprise members to delete issues was disabled Members cannot delete issues in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "issues.deletes_enabled", + "description": "The ability for enterprise members to delete issues was enabled Members can delete issues in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "issues.deletes_policy_cleared", + "description": "An enterprise owner cleared the policy setting for allowing members to delete issues in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-deleting-issues", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "marketplace_agreement_signature.create", + "description": "The GitHub Marketplace Developer Agreement was signed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.approve", + "description": "A listing was approved for inclusion in GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "secondary_category", + "primary_category", + "operation_type", + "created_at", + "marketplace_listing", + "integration" + ] + }, + { + "action": "marketplace_listing.change_category", + "description": "A category for a listing for an app in GitHub Marketplace was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "marketplace_listing", + "integration", + "secondary_category", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.create", + "description": "A listing for an app in GitHub Marketplace was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "created_at", + "oauth_application", + "marketplace_listing", + "secondary_category", + "oauth_application_id", + "operation_type" + ] + }, + { + "action": "marketplace_listing.delist", + "description": "A listing was removed from GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "secondary_category", + "operation_type", + "marketplace_listing", + "primary_category", + "integration" + ] + }, + { + "action": "marketplace_listing.redraft", + "description": "A listing was sent back to draft state.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "secondary_category", + "oauth_application_id", + "operation_type", + "oauth_application", + "created_at", + "marketplace_listing", + "primary_category" + ] + }, + { + "action": "marketplace_listing.reject", + "description": "A listing was not accepted for inclusion in GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "secondary_category", + "marketplace_listing", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "members_can_create_pages.disable", + "description": "The ability for members to publish GitHub Pages sites was disabled.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization" + }, + { + "action": "members_can_create_pages.enable", + "description": "The ability for members to publish GitHub Pages sites was enabled.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization" + }, + { + "action": "members_can_create_private_pages.disable", + "description": "The ability for members to publish private GitHub Pages was disabled Members cannot publish private GitHub Pages in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization" + }, + { + "action": "members_can_create_private_pages.enable", + "description": "The ability for members to publish private GitHub Pages was enabled Members can publish private GitHub Pages in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization" + }, + { + "action": "members_can_create_public_pages.disable", + "description": "The ability for members to publish public GitHub Pages was disabled Members cannot publish public GitHub Pages in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization" + }, + { + "action": "members_can_create_public_pages.enable", + "description": "The ability for members to publish public GitHub Pages was enabled Members can publish public GitHub Pages in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-publication-of-github-pages-sites-for-your-organization" + }, + { + "action": "members_can_delete_repos.clear", + "description": "An enterprise owner cleared the policy setting for deleting or transferring repositories in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "members_can_delete_repos.disable", + "description": "The ability for enterprise members to delete repositories was disabled Members cannot delete or transfer repositories in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "members_can_delete_repos.enable", + "description": "The ability for enterprise members to delete repositories was enabled Members can delete or transfer repositories in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-deletion-and-transfer", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing repository management policies in your enterprise" + }, + { + "action": "members_can_view_dependency_insights.clear", + "description": "An enterprise owner cleared the policy setting for viewing dependency insights in any organizations in an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "members_can_view_dependency_insights.disable", + "description": "The ability for enterprise members to view dependency insights was disabled. Members cannot view dependency insights in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "members_can_view_dependency_insights.enable", + "description": "The ability for enterprise members to view dependency insights was enabled. Members can view dependency insights in any organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-dependency-insights-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "merge_queue.pull_request_dequeued", + "description": "A pull request was removed from a merge queue.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.pull_request_queue_jump", + "description": "A pull request was moved ahead in a merge queue.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.queue_cleared", + "description": "A merge queue was cleared.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.update_settings", + "description": "The settings for a merge queue were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "max_entries_to_build", + "min_entries_to_merge", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "metered_billing_configuration.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "metered_billing_configuration.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "metered_billing_configuration.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "migration.create", + "description": "A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "migration.destroy_file", + "description": "A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "migration.download", + "description": "A migration file for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance was downloaded.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "network_configuration.create", + "description": "A network configuration for a hosted compute service was created.", + "docs_reference_links": "/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot", + "selected_service", + "network_settings_ids", + "previous_settings_ids", + "network_configuration_id", + "failover_network_settings_ids", + "failover_network_enabled" + ], + "docs_reference_titles": "About networking for hosted compute products in your enterprise" + }, + { + "action": "network_configuration.delete", + "description": "A network configuration for a hosted compute service was deleted.", + "docs_reference_links": "/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot", + "network_configuration_id" + ], + "docs_reference_titles": "About networking for hosted compute products in your enterprise" + }, + { + "action": "network_configuration.update", + "description": "A network configuration for a hosted compute service was updated.", + "docs_reference_links": "/admin/configuration/configuring-private-networking-for-hosted-compute-products/about-networking-for-hosted-compute-products", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot", + "selected_service", + "network_settings_ids", + "previous_settings_ids", + "failover_network_settings_ids", + "failover_network_enabled" + ], + "docs_reference_titles": "About networking for hosted compute products in your enterprise" + }, + { + "action": "oauth_application.create", + "description": "An OAuth application was created.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "oauth_application" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.destroy", + "description": "An OAuth application was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "oauth_application" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.generate_client_secret", + "description": "An OAuth application's secret key was generated.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.remove_client_secret", + "description": "An OAuth application's secret key was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.reset_secret", + "description": "The secret key for an OAuth application was reset.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "operation_type", + "created_at", + "oauth_application_id" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.revoke_all_tokens", + "description": "All user tokens for an OAuth application were requested to be revoked.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.revoke_tokens", + "description": "Token(s) for an OAuth application were revoked.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "oauth_application", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.transfer", + "description": "An OAuth application was transferred from one account to another.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "oauth_application", + "oauth_application_id" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "org.accept_business_invitation", + "description": "An invitation sent to an organization to join an enterprise was accepted.", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.add_billing_manager", + "description": "A billing manager was added to an organization.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-peoples-access-to-your-organization-with-roles/adding-a-billing-manager-to-your-organization" + }, + { + "action": "org.add_member", + "description": "A user joined an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "org.add_outside_collaborator", + "description": "An outside collaborator was added to a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "inviter", + "public_repo", + "permission", + "invitee", + "created_at", + "operation_type" + ] + }, + { + "action": "org.add_security_manager", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "org.advanced_security_disabled_for_new_repos", + "description": "GitHub Advanced Security was disabled for new repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_disabled_on_all_repos", + "description": "GitHub Advanced Security was disabled for all repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_enabled_for_new_repos", + "description": "GitHub Advanced Security was enabled for new repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_enabled_on_all_repos", + "description": "GitHub Advanced Security was enabled for all repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_policy_selected_member_disabled", + "description": "An enterprise owner prevented GitHub Advanced Security features from being enabled for repositories owned by the organization.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "org.advanced_security_policy_selected_member_enabled", + "description": "An enterprise owner allowed GitHub Advanced Security features to be enabled for repositories owned by the organization.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-advanced-security-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "Enforcing policies for code security and analysis for your enterprise" + }, + { + "action": "org.allow_third_party_access_requests_from_outside_collaborators_disabled", + "description": "Third-party application access for outside collaborators was disabled for the organization.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests#enabling-or-disabling-integration-access-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Limiting OAuth app and GitHub App access requests and installations" + }, + { + "action": "org.allow_third_party_access_requests_from_outside_collaborators_enabled", + "description": "Third-party application access for outside collaborators was enabled for the organization.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests-and-installations#enabling-or-disabling-app-access-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/limiting-oauth-app-and-github-app-access-requests-and-installations#enabling-or-disabling-app-access-requests" + }, + { + "action": "org.archive", + "description": "The organization was archived.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.audit_log_export", + "description": "An export of the organization audit log was created. If the export included a query, the log will list the query used and the number of audit log entries matching that query.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#exporting-the-audit-log" + }, + { + "action": "org.audit_log_git_event_export", + "description": "An export of the organization's Git events was created.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "start", + "end", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/audit-log-events-for-your-organization" + }, + { + "action": "org.billing_signup_error", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.block_user", + "description": "An organization owner blocked a user from accessing the organization's repositories.", + "docs_reference_links": "/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "blocked_user", + "operation_type" + ], + "docs_reference_titles": "/communities/maintaining-your-safety-on-github/blocking-a-user-from-your-organization" + }, + { + "action": "org.cancel_business_invitation", + "description": "An invitation for an organization to join an enterprise was revoked", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "initiated_from" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.cancel_invitation", + "description": "An invitation sent to a user to join an organization was revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "email", + "operation_type", + "invitation_id", + "created_at", + "invitee_email" + ] + }, + { + "action": "org.clear_custom_invitation_rate_limit", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.code_scanning_autofix_disabled", + "description": "Autofix for code scanning alerts was disabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.code_scanning_autofix_enabled", + "description": "Autofix for code scanning alerts was enabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.code_scanning_scan_inactive_repos_disabled", + "description": "Scanning inactive repositories was disabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.code_scanning_scan_inactive_repos_enabled", + "description": "Scanning inactive repositories was enabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "org.codeql_disabled", + "description": "Code scanning using the default setup was disabled for an organization.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Configuring default setup for code scanning at scale" + }, + { + "action": "org.codeql_enabled", + "description": "Code scanning using the default setup was enabled for an organization.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning-at-scale", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Configuring default setup for code scanning at scale" + }, + { + "action": "org.codespaces_access_updated", + "description": "Access to use Codespaces on internal and private repositories was updated for an organization.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "enablement", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/codespaces/managing-codespaces-for-your-organization/enabling-or-disabling-github-codespaces-for-your-organization" + }, + { + "action": "org.codespaces_ownership_updated", + "description": "Ownership and payment for codespaces was updated for an organization.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/codespaces/managing-codespaces-for-your-organization/choosing-who-owns-and-pays-for-codespaces-in-your-organization" + }, + { + "action": "org.codespaces_team_access_allowed", + "description": "A team has been allowed to use Codespaces for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "org.codespaces_team_access_revoked", + "description": "A team has been prevented from using Codespaces for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "org.codespaces_trusted_repo_access_granted", + "description": "GitHub Codespaces was granted trusted repository access to all other repositories in an organization.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "org.codespaces_trusted_repo_access_revoked", + "description": "GitHub Codespaces trusted repository access to all other repositories in an organization was revoked.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "org.codespaces_user_access_allowed", + "description": "A user has been allowed to use Codespaces for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.codespaces_user_access_revoked", + "description": "A user has been prevented from using Codespaces for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.config.disable_collaborators_only", + "description": "The interaction limit for collaborators only for an organization was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.disable_contributors_only", + "description": "The interaction limit for prior contributors only for an organization was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.disable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only for an organization was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.enable_collaborators_only", + "description": "The interaction limit for collaborators only for an organization was enabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.enable_contributors_only", + "description": "The interaction limit for prior contributors only for an organization was enabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.config.enable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only for an organization was enabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-organization#limiting-interactions-in-your-organization" + }, + { + "action": "org.configure_self_hosted_jit_runner", + "description": "A new just-in-time GitHub Actions self-hosted runner was configured", + "docs_reference_links": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization" + }, + { + "action": "org.confirm_business_invitation", + "description": "An invitation for an organization to join an enterprise was confirmed.", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#inviting-an-organization-to-join-your-enterprise-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.connect_usage_metrics_export", + "description": "Server statistics were exported for the organization.", + "docs_reference_links": "/admin/monitoring-activity-in-your-enterprise/analyzing-how-your-team-works-with-server-statistics/exporting-server-statistics", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Exporting Server Statistics" + }, + { + "action": "org.create", + "description": "An organization was created.", + "docs_reference_links": "/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/collaborating-with-groups-in-organizations/creating-a-new-organization-from-scratch" + }, + { + "action": "org.create_actions_secret", + "description": "A GitHub Actions secret was created for an organization.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "org.create_actions_variable", + "description": "A GitHub Actions variable was created for an organization.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "org.create_integration_secret", + "description": "A Codespaces or Dependabot secret was created for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "org_credential_authorization.deauthorize", + "description": "A member removed the SSO (SAML or OIDC) authorization from a credential that had access to your organization.", + "docs_reference_links": "/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot", + "oauth_credential_type", + "managed_oauth_access_id", + "managed_token_id", + "managed_oauth_scopes", + "managed_token_scopes", + "managed_hashed_token" + ], + "docs_reference_titles": "Authorizing a personal access token for use with single sign-on" + }, + { + "action": "org_credential_authorization.grant", + "description": "A member authorized credentials for use with SAML or OIDC single sign-on.", + "docs_reference_links": "/authentication/authenticating-with-saml-single-sign-on", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot", + "oauth_credential_type", + "managed_oauth_access_id", + "managed_token_id", + "managed_oauth_scopes", + "managed_token_scopes", + "managed_hashed_token" + ], + "docs_reference_titles": "Authenticating with single sign-on" + }, + { + "action": "org_credential_authorization.revoke", + "description": "An owner revoked authorized credentials.", + "docs_reference_links": "/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "oauth_application_id", + "operation_type", + "created_at", + "oauth_credential_type", + "managed_oauth_access_id", + "managed_token_id", + "managed_oauth_scopes", + "managed_token_scopes", + "managed_hashed_token" + ], + "docs_reference_titles": "Viewing and managing a member's SAML access to your organization" + }, + { + "action": "org.disable_member_team_creation_permission", + "description": "Team creation was limited to owners.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization" + }, + { + "action": "org.disable_oauth_app_restrictions", + "description": "Third-party application access restrictions for an organization were disabled.", + "docs_reference_links": "/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-oauth-access-to-your-organizations-data/disabling-oauth-app-access-restrictions-for-your-organization" + }, + { + "action": "org.disable_reader_discussion_creation_permission", + "description": "An organization owner limited discussion creation to users with at least triage permission in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization" + }, + { + "action": "org.disable_saml", + "description": "SAML single sign-on was disabled for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sso_url", + "issuer", + "created_at", + "operation_type" + ] + }, + { + "action": "org.disable_source_ip_disclosure", + "description": "Display of IP addresses within audit log events for the organization was disabled.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization" + }, + { + "action": "org.disable_two_factor_requirement", + "description": "A two-factor authentication requirement was disabled for the organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.display_commenter_full_name_disabled", + "description": "An organization owner disabled the display of a commenter's full name in an organization. Members cannot see a comment author's full name.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.display_commenter_full_name_enabled", + "description": "An organization owner enabled the display of a commenter's full name in an organization. Members can see a comment author's full name.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.enable_member_team_creation_permission", + "description": "Team creation by members was allowed.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/setting-team-creation-permissions-in-your-organization" + }, + { + "action": "org.enable_oauth_app_restrictions", + "description": "Third-party application access restrictions for an organization were enabled.", + "docs_reference_links": "/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-oauth-access-to-your-organizations-data/enabling-oauth-app-access-restrictions-for-your-organization" + }, + { + "action": "org.enable_reader_discussion_creation_permission", + "description": "An organization owner allowed users with read access to create discussions in an organization", + "docs_reference_links": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-discussion-creation-for-repositories-in-your-organization" + }, + { + "action": "org.enable_saml", + "description": "SAML single sign-on was enabled for the organization.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/enabling-and-testing-saml-single-sign-on-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "sso_url", + "created_at", + "issuer" + ], + "docs_reference_titles": "Enabling and testing SAML single sign-on for your organization" + }, + { + "action": "org.enable_source_ip_disclosure", + "description": "Display of IP addresses within audit log events for the organization was enabled.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/displaying-ip-addresses-in-the-audit-log-for-your-organization" + }, + { + "action": "org.enable_two_factor_requirement", + "description": "Two-factor authentication is now required for the organization.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization" + }, + { + "action": "org.integration_manager_added", + "description": "An organization owner granted a member access to manage all GitHub Apps owned by an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "manager", + "operation_type", + "created_at" + ] + }, + { + "action": "org.integration_manager_removed", + "description": "An organization owner removed access to manage all GitHub Apps owned by an organization from an organization member.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "manager", + "operation_type", + "created_at" + ] + }, + { + "action": "org.invite_member", + "description": "A new user was invited to join an organization.", + "docs_reference_links": "/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitation_id", + "operation_type", + "created_at", + "invitee_email" + ], + "docs_reference_titles": "/organizations/managing-membership-in-your-organization/inviting-users-to-join-your-organization" + }, + { + "action": "org.invite_to_business", + "description": "An organization was invited to join an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.members_can_update_protected_branches.disable", + "description": "The ability for enterprise members to update protected branches was disabled. Only enterprise owners can update protected branches.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.members_can_update_protected_branches.enable", + "description": "The ability for enterprise members to update protected branches was enabled. Members of an organization can update protected branches.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.oauth_app_access_approved", + "description": "Access to an organization was granted for an OAuth App.", + "docs_reference_links": "/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "url", + "operation_type", + "created_at", + "oauth_application_name" + ], + "docs_reference_titles": "/organizations/managing-oauth-access-to-your-organizations-data/approving-oauth-apps-for-your-organization" + }, + { + "action": "org.oauth_app_access_blocked", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "url", + "created_at", + "operation_type", + "oauth_application_name" + ] + }, + { + "action": "org.oauth_app_access_denied", + "description": "Access was disabled for an OAuth App that was previously approved.", + "docs_reference_links": "/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "url", + "created_at", + "operation_type", + "oauth_application_name" + ], + "docs_reference_titles": "/organizations/managing-oauth-access-to-your-organizations-data/denying-access-to-a-previously-approved-oauth-app-for-your-organization" + }, + { + "action": "org.oauth_app_access_requested", + "description": "An organization member requested that an owner grant an OAuth App access to an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "url", + "oauth_application_name" + ] + }, + { + "action": "org.oauth_app_access_unblocked", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "url", + "created_at", + "operation_type", + "oauth_application_name" + ] + }, + { + "action": "org.rate_limited_invites", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.recovery_code_failed", + "description": "An organization owner failed to sign into a organization with an external identity provider (IdP) using a recovery code.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "reason", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Accessing your organization if your identity provider is unavailable" + }, + { + "action": "org.recovery_code_used", + "description": "An organization owner successfully signed into an organization with an external identity provider (IdP) using a recovery code.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/accessing-your-organization-if-your-identity-provider-is-unavailable", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Accessing your organization if your identity provider is unavailable" + }, + { + "action": "org.recovery_codes_downloaded", + "description": "An organization owner downloaded the organization's SSO recovery codes.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Downloading your organization's SAML single sign-on recovery codes" + }, + { + "action": "org.recovery_codes_generated", + "description": "An organization owner generated the organization's SSO recovery codes.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Downloading your organization's SAML single sign-on recovery codes" + }, + { + "action": "org.recovery_codes_printed", + "description": "An organization owner printed the organization's SSO recovery codes.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Downloading your organization's SAML single sign-on recovery codes" + }, + { + "action": "org.recovery_codes_viewed", + "description": "An organization owner viewed the organization's SSO recovery codes.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/downloading-your-organizations-saml-single-sign-on-recovery-codes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Downloading your organization's SAML single sign-on recovery codes" + }, + { + "action": "org.register_self_hosted_runner", + "description": "A new self-hosted runner was registered.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "Adding self-hosted runners" + }, + { + "action": "org.remove_actions_secret", + "description": "A GitHub Actions secret was removed from an organization.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "org.remove_actions_variable", + "description": "A GitHub Actions variable was removed from an organization.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "org.remove_billing_manager", + "description": "A billing manager was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-peoples-access-to-your-organization-with-roles/removing-a-billing-manager-from-your-organization, /organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization" + }, + { + "action": "org.remove_integration_secret", + "description": "A Codespaces or Dependabot secret was removed from an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "org.remove_member", + "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.remove_outside_collaborator", + "description": "An outside collaborator was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.remove_security_manager", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "org.remove_self_hosted_runner", + "description": "A self-hosted runner was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "org.rename", + "description": "An organization was renamed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_login", + "operation_type", + "created_at" + ] + }, + { + "action": "org.required_workflow_create", + "description": "Triggered when a required workflow is created.", + "docs_reference_links": "/actions/using-workflows/required-workflows", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/actions/using-workflows/required-workflows" + }, + { + "action": "org.required_workflow_delete", + "description": "Triggered when a required workflow is deleted.", + "docs_reference_links": "/actions/using-workflows/required-workflows", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/actions/using-workflows/required-workflows" + }, + { + "action": "org.required_workflow_update", + "description": "Triggered when a required workflow is updated.", + "docs_reference_links": "/actions/using-workflows/required-workflows", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/actions/using-workflows/required-workflows" + }, + { + "action": "org.restore_member", + "description": "An organization member was restored.", + "docs_reference_links": "/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-membership-in-your-organization/reinstating-a-former-member-of-your-organization" + }, + { + "action": "org.revoke_external_identity", + "description": "A member's linked identity was revoked.", + "docs_reference_links": "/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Viewing and managing a member's SAML access to your organization" + }, + { + "action": "org.revoke_sso_session", + "description": "A member's SAML session was revoked.", + "docs_reference_links": "/organizations/granting-access-to-your-organization-with-saml-single-sign-on/viewing-and-managing-a-members-saml-access-to-your-organization#viewing-and-revoking-a-linked-identity", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Viewing and managing a member's SAML access to your organization" + }, + { + "action": "org.runner_group_created", + "description": "A self-hosted runner group was created.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#creating-a-self-hosted-runner-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at", + "runner_group_restricted_to_workflows", + "runner_group_selected_workflow_refs", + "network_configuration_id" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_removed", + "description": "A self-hosted runner group was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#removing-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_renamed", + "description": "A self-hosted runner group was renamed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_runner_removed", + "description": "The REST API was used to remove a self-hosted runner from a group.", + "docs_reference_links": "/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "runner_group_id", + "runner_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization" + }, + { + "action": "org.runner_group_runners_added", + "description": "A self-hosted runner was added to a group.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_runners_updated", + "description": "A runner group's list of members was updated.", + "docs_reference_links": "/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "runner_group_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#set-self-hosted-runners-in-a-group-for-an-organization" + }, + { + "action": "org.runner_group_updated", + "description": "The configuration of a self-hosted runner group was changed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "runner_group_name", + "runner_group_allow_public", + "operation_type", + "created_at", + "runner_group_restricted_to_workflows", + "runner_group_selected_workflow_refs", + "network_configuration_id" + ], + "docs_reference_titles": "Managing access to self-hosted runners using groups" + }, + { + "action": "org.runner_group_visiblity_updated", + "description": "The visibility of a self-hosted runner group was updated via the REST API.", + "docs_reference_links": "/rest/actions#update-a-self-hosted-runner-group-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_group_id", + "visibility", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/rest/actions#update-a-self-hosted-runner-group-for-an-organization" + }, + { + "action": "org_secret_scanning_automatic_validity_checks.disabled", + "description": "Automatic partner validation checks have been disabled at the organization level", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization" + }, + { + "action": "org_secret_scanning_automatic_validity_checks.enabled", + "description": "Automatic partner validation checks have been enabled at the organization level", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#allowing-validity-checks-for-partner-patterns-in-an-organization" + }, + { + "action": "org_secret_scanning_custom_pattern.create", + "description": "A custom pattern was created for secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_custom_pattern.delete", + "description": "A custom pattern was removed from secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_custom_pattern.publish", + "description": "A custom pattern was published for secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org.secret_scanning_custom_pattern_push_protection_disabled", + "description": "Push protection for a custom pattern for secret scanning was disabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org.secret_scanning_custom_pattern_push_protection_enabled", + "description": "Push protection for a custom pattern for secret scanning was enabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_custom_pattern.update", + "description": "Changes to a custom pattern were saved and a dry run was executed for secret scanning in an organization.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "org_secret_scanning_generic_secrets.disabled", + "description": "Generic secrets have been disabled at the organization level", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org_secret_scanning_generic_secrets.enabled", + "description": "Generic secrets have been enabled at the organization level", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org_secret_scanning_non_provider_patterns.disabled", + "description": "Secret scanning for non-provider patterns was disabled at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "org_secret_scanning_non_provider_patterns.enabled", + "description": "Secret scanning for non-provider patterns was enabled at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.add", + "description": "A role or team was added to the push protection bypass list at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.disable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.enable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org_secret_scanning_push_protection_bypass_list.remove", + "description": "A role or team was removed from the push protection bypass list at the organization level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_custom_message_disabled", + "description": "The custom message triggered by an attempted push to a push-protected repository was disabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_custom_message_enabled", + "description": "The custom message triggered by an attempted push to a push-protected repository was enabled for an organization.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_custom_message_updated", + "description": "The custom message triggered by an attempted push to a push-protected repository was updated for an organization.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_disable", + "description": "Push protection for secret scanning was disabled.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_enable", + "description": "Push protection for secret scanning was enabled.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_new_repos_disable", + "description": "Push protection for secret scanning was disabled for all new repositories in the organization.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.secret_scanning_push_protection_new_repos_enable", + "description": "Push protection for secret scanning was enabled for all new repositories in the organization.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "org.self_hosted_runner_offline", + "description": "The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "org.self_hosted_runner_online", + "description": "The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "org.self_hosted_runner_updated", + "description": "The runner application was updated. This event is not included in the JSON/CSV export.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "source_version", + "target_version", + "runner_group_id", + "runner_group_name" + ], + "docs_reference_titles": "Self-hosted runners" + }, + { + "action": "org.set_actions_fork_pr_approvals_policy", + "description": "The setting for requiring approvals for workflows from public forks was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks" + }, + { + "action": "org.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks" + }, + { + "action": "org.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs in an organization was changed.", + "docs_reference_links": "/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization" + }, + { + "action": "org.set_custom_invitation_rate_limit", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization" + }, + { + "action": "org.set_fork_pr_workflows_policy", + "description": "The policy for workflows on private repository forks was changed.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks" + }, + { + "action": "org.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests" + }, + { + "action": "org.sso_response", + "description": "A SAML single sign-on (SSO) response was generated when a member attempted to authenticate with your organization. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "issuer", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "org.transfer", + "description": "An organization was transferred between enterprise accounts.", + "docs_reference_links": "/admin/user-management/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "from_business", + "to_business", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.transfer_outgoing", + "description": "An organization was transferred between enterprise accounts.", + "docs_reference_links": "/admin/managing-accounts-and-repositories/managing-organizations-in-your-enterprise/adding-organizations-to-your-enterprise#transferring-an-organization-between-enterprise-accounts", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "from_business", + "to_business", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Adding organizations to your enterprise" + }, + { + "action": "org.unarchive", + "description": "The organization was unarchived.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.unblock_user", + "description": "A user was unblocked from an organization.", + "docs_reference_links": "/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "blocked_user", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/maintaining-your-safety-on-github/unblocking-a-user-from-your-organization" + }, + { + "action": "org.update_actions_secret", + "description": "A GitHub Actions secret was updated for an organization.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "key", + "operation_type" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "org.update_actions_settings", + "description": "An organization owner or site administrator updated GitHub Actions policy settings for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "new_policy", + "updated_allowed_types", + "old_policy", + "updated_access_policy" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization" + }, + { + "action": "org.update_actions_variable", + "description": "A GitHub Actions variable was updated for an organization.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "org.update_default_repository_permission", + "description": "The default repository permission level for organization members was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "permission", + "old_permission" + ] + }, + { + "action": "org.update_integration_secret", + "description": "A Codespaces or Dependabot secret was updated for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "org.update_member", + "description": "A person's role was changed from owner to member or member to owner.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "old_permission", + "permission", + "operation_type" + ] + }, + { + "action": "org.update_member_repository_creation_permission", + "description": "The create repository permission for organization members was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "org.update_member_repository_invitation_permission", + "description": "An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Setting permissions for adding outside collaborators" + }, + { + "action": "org.update_new_repository_default_branch_setting", + "description": "The name of the default branch was changed for new repositories in the organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-the-default-branch-name-for-repositories-in-your-organization" + }, + { + "action": "org.update_repo_self_hosted_runners_policy", + "description": "The repository self-hosted runners policy was updated", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_repo_runners_policy", + "new_repo_runners_policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#limiting-the-use-of-self-hosted-runners" + }, + { + "action": "org.update_saml_provider_settings", + "description": "An organization's SAML provider settings were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sso_url", + "operation_type", + "issuer", + "created_at" + ] + }, + { + "action": "org.update_terms_of_service", + "description": "An organization changed between the Standard Terms of Service and the GitHub Customer Agreement.", + "docs_reference_links": "/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/upgrading-to-the-github-customer-agreement" + }, + { + "action": "organization_default_label.create", + "description": "A default label was created for repositories in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#creating-a-default-label", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#creating-a-default-label" + }, + { + "action": "organization_default_label.destroy", + "description": "A default label was deleted for repositories in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#deleting-a-default-label" + }, + { + "action": "organization_default_label.update", + "description": "A default label was edited for repositories in an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#editing-a-default-label", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/managing-default-labels-for-repositories-in-your-organization#editing-a-default-label" + }, + { + "action": "organization_domain.approve", + "description": "A domain was approved for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "domain_name", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#approving-a-domain-for-your-organization" + }, + { + "action": "organization_domain.create", + "description": "A domain was added to an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "domain_name", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization" + }, + { + "action": "organization_domain.destroy", + "description": "A domain was removed from an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "domain_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#removing-an-approved-or-verified-domain" + }, + { + "action": "organization_domain.verify", + "description": "A domain was verified for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "domain_name", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/verifying-or-approving-a-domain-for-your-organization#verifying-a-domain-for-your-organization" + }, + { + "action": "organization_moderators.add_team", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "organization_moderators.add_user", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "organization_moderators.remove_team", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type" + ] + }, + { + "action": "organization_moderators.remove_user", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "organization_projects_change.clear", + "description": "An enterprise owner cleared the policy setting for organization-wide project boards in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for projects in your enterprise" + }, + { + "action": "organization_projects_change.disable", + "description": "Organization projects were disabled for all organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for projects in your enterprise" + }, + { + "action": "organization_projects_change.enable", + "description": "Organization projects were enabled for all organizations in an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise#enforcing-a-policy-for-organization-wide-project-boards", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for projects in your enterprise" + }, + { + "action": "organization_role.assign", + "description": "An organization role was assigned to a user or team.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "organization_role_id", + "organization_role_name", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Permissions of custom organization roles" + }, + { + "action": "organization_role.create", + "description": "A custom organization role was created in an organization.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "role_permissions", + "base_role", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Permissions of custom organization roles" + }, + { + "action": "organization_role.destroy", + "description": "A custom organization role was deleted in an organization.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "role_permissions", + "base_role", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Permissions of custom organization roles" + }, + { + "action": "organization_role.revoke", + "description": "A user or team was unassigned an organization role.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "organization_role_id", + "organization_role_name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Permissions of custom organization roles" + }, + { + "action": "organization_role.update", + "description": "A custom organization role was edited in an organization.", + "docs_reference_links": "/organizations/managing-peoples-access-to-your-organization-with-roles/about-custom-organization-roles", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "role_permissions", + "base_role", + "old_role_permissions", + "created_at", + "operation_type", + "actor_is_bot", + "old_base_role" + ], + "docs_reference_titles": "Permissions of custom organization roles" + }, + { + "action": "packages.package_deleted", + "description": "An entire package was deleted.", + "docs_reference_links": "/packages/learn-github-packages/deleting-and-restoring-a-package", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "package", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "/packages/learn-github-packages/deleting-and-restoring-a-package" + }, + { + "action": "packages.package_published", + "description": "A package was published or republished to an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "package", + "ecosystem", + "version_count", + "is_republished", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "packages.package_version_deleted", + "description": "A specific package version was deleted.", + "docs_reference_links": "/packages/learn-github-packages/deleting-and-restoring-a-package", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "package", + "version", + "operation_type", + "created_at", + "ecosystem", + "actor_is_bot" + ], + "docs_reference_titles": "/packages/learn-github-packages/deleting-and-restoring-a-package" + }, + { + "action": "packages.package_version_published", + "description": "A specific package version was published or republished to a package.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "ecosystem", + "package", + "version", + "is_republished", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "pages_protected_domain.create", + "description": "A GitHub Pages verified domain was created for an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "pages_protected_domain.delete", + "description": "A GitHub Pages verified domain was deleted from an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "pages_protected_domain.verify", + "description": "A GitHub Pages domain was verified for an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "payment_method.create", + "description": "A new payment method was added, such as a new credit card or PayPal account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "payment_method.remove", + "description": "A payment method was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "payment_method.update", + "description": "An existing payment method was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "personal_access_token.access_granted", + "description": "A fine-grained personal access token was granted access to resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.access_revoked", + "description": "A fine-grained personal access token was revoked. The token can still read public organization resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.request_cancelled", + "description": "A pending request for a fine-grained personal access token to access organization resources was canceled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ] + }, + { + "action": "personal_access_token.request_created", + "description": "Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.request_denied", + "description": "A request for a fine-grained personal access token to access organization resources was denied.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "prebuild_configuration.create", + "description": "A GitHub Codespaces prebuild configuration for a repository was created.", + "docs_reference_links": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "branch", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds" + }, + { + "action": "prebuild_configuration.destroy", + "description": "A GitHub Codespaces prebuild configuration for a repository was deleted.", + "docs_reference_links": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "branch", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds" + }, + { + "action": "prebuild_configuration.run_triggered", + "description": "A user initiated a run of a GitHub Codespaces prebuild configuration for a repository branch.", + "docs_reference_links": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "branch", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds" + }, + { + "action": "prebuild_configuration.update", + "description": "A GitHub Codespaces prebuild configuration for a repository was edited.", + "docs_reference_links": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "branch", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/codespaces/prebuilding-your-codespaces/about-github-codespaces-prebuilds" + }, + { + "action": "premium_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "premium_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "premium_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "private_repository_forking.clear", + "description": "An enterprise owner cleared the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "private_repository_forking.disable", + "description": "An enterprise owner disabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are never allowed to be forked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_repository_forking.enable", + "description": "An enterprise owner enabled the policy setting for allowing forks of private and internal repositories, for a repository, organization or enterprise. Private and internal repositories are always allowed to be forked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "private_vulnerability_reporting.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting_new_repos.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting_new_repos.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "profile_picture.update", + "description": "A profile picture was updated.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner", + "operation_type" + ], + "docs_reference_titles": "Personalize your profile" + }, + { + "action": "project.access", + "description": "A project board visibility was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.close", + "description": "A project board was closed.", + "docs_reference_links": "/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "project_id", + "project_kind" + ], + "docs_reference_titles": "Closing a project (classic)" + }, + { + "action": "project.create", + "description": "A project board was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.delete", + "description": "A project board was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project_field.create", + "description": "A field was created in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/understanding-fields", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/understanding-fields" + }, + { + "action": "project_field.delete", + "description": "A field was deleted in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields" + }, + { + "action": "project.link", + "description": "A repository was linked to a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.open", + "description": "A project board was reopened.", + "docs_reference_links": "/issues/organizing-your-work-with-project-boards/managing-project-boards/reopening-a-closed-project-board", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "project_id", + "operation_type", + "created_at", + "project_kind", + "project_name" + ], + "docs_reference_titles": "Reopening a closed project (classic)" + }, + { + "action": "project.rename", + "description": "A project board was renamed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "old_name", + "operation_type" + ] + }, + { + "action": "project.unlink", + "description": "A repository was unlinked from a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.update_org_permission", + "description": "The project's base-level permission for all organization members was changed or removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.update_team_permission", + "description": "A team's project board permission level was changed or when a team was added or removed from a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "team" + ] + }, + { + "action": "project.update_user_permission", + "description": "A user was added to or removed from a project board or had their permission level changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project_view.create", + "description": "A view was created in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views" + }, + { + "action": "project_view.delete", + "description": "A view was deleted in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views" + }, + { + "action": "protected_branch.authorized_users_teams", + "description": "The users, teams, or integrations allowed to bypass a branch protection were changed.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type", + "oauth_application_id" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches" + }, + { + "action": "protected_branch.branch_allowances", + "description": "A protected branch allowance was given to a specific user, team or integration.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "authorized_actors", + "policy", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "protected_branch.create", + "description": "Branch protection was enabled on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "created_at", + "authorized_actor_names", + "required_deployments_enforcement_level", + "merge_queue_enforcement_level", + "create_protected" + ] + }, + { + "action": "protected_branch.destroy", + "description": "Branch protection was disabled on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "required_deployments_enforcement_level", + "merge_queue_enforcement_level", + "create_protected" + ] + }, + { + "action": "protected_branch.dismiss_stale_reviews", + "description": "Enforcement of dismissing stale pull requests was updated on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "dismiss_stale_reviews_on_push", + "created_at", + "operation_type", + "name" + ] + }, + { + "action": "protected_branch.dismissal_restricted_users_teams", + "description": "Enforcement of restricting users and/or teams who can dismiss reviews was updated on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "authorized_actors_only", + "authorized_actors", + "created_at", + "name", + "operation_type" + ] + }, + { + "action": "protected_branch.policy_override", + "description": "A branch protection requirement was overridden by a repository administrator.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "reasons", + "before", + "after", + "operation_type", + "branch", + "overridden_codes", + "referrer", + "deploy_key_fingerprint", + "compliant_pull_request_ids", + "rule_suite_id" + ] + }, + { + "action": "protected_branch.rejected_ref_update", + "description": "A branch update attempt was rejected.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "branch", + "before", + "overridden_codes", + "after", + "reasons", + "deploy_key_fingerprint", + "compliant_pull_request_ids", + "actor_is_bot", + "rule_suite_id" + ] + }, + { + "action": "protected_branch.update_admin_enforced", + "description": "Branch protection was enforced for repository administrators.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "admin_enforced", + "operation_type", + "name", + "created_at" + ] + }, + { + "action": "protected_branch.update_allow_deletions_enforcement_level", + "description": "Branch deletion was enabled or disabled for a protected branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "allow_deletions_enforcement_level", + "created_at" + ] + }, + { + "action": "protected_branch.update_allow_force_pushes_enforcement_level", + "description": "Force pushes were enabled or disabled for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "allow_force_pushes_enforcement_level", + "created_at" + ] + }, + { + "action": "protected_branch.update_ignore_approvals_from_contributors", + "description": "Ignoring of approvals from contributors to a pull request was enabled or disabled for a branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "ignore_approvals_from_contributors", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "action": "protected_branch.update_linear_history_requirement_enforcement_level", + "description": "Required linear commit history was enabled or disabled for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "linear_history_requirement_enforcement_level", + "name", + "created_at" + ] + }, + { + "action": "protected_branch.update_lock_allows_fetch_and_merge", + "description": "Fork syncing was enabled or disabled for a read-only branch", + "docs_reference_links": "repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "lock_allows_fetch_and_merge", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch" + }, + { + "action": "protected_branch.update_lock_branch_enforcement_level", + "description": "The enforcement of a branch lock was updated.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "enforcement_level", + "lock_branch_enforcement_level", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#lock-branch" + }, + { + "action": "protected_branch.update_merge_queue_enforcement_level", + "description": "Enforcement of the merge queue was modified for a branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "merge_queue_enforcement_level", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue" + }, + { + "action": "protected_branch.update_name", + "description": "A branch name pattern was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "old_name", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "protected_branch.update_pull_request_reviews_enforcement_level", + "description": "Enforcement of required pull request reviews was updated for a branch. Can be 0 (deactivated), 1 (non-admins), or 2 (everyone).", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "pull_request_reviews_enforcement_level", + "created_at", + "operation_type" + ] + }, + { + "action": "protected_branch.update_require_code_owner_review", + "description": "Enforcement of required code owner review was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "require_code_owner_review", + "operation_type", + "name" + ] + }, + { + "action": "protected_branch.update_require_last_push_approval", + "description": "Someone other than the person who pushed the last code-modifying commit to the branch must approve pull requests for the branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "require_last_push_approval", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging" + }, + { + "action": "protected_branch.update_required_approving_review_count", + "description": "Enforcement of the required number of approvals before merging was updated on a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "required_approving_review_count", + "created_at", + "operation_type", + "name" + ] + }, + { + "action": "protected_branch.update_required_status_checks_enforcement_level", + "description": "Enforcement of required status checks was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "required_status_checks_enforcement_level" + ] + }, + { + "action": "protected_branch.update_signature_requirement_enforcement_level", + "description": "Enforcement of required commit signing was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "created_at", + "signature_requirement_enforcement_level" + ] + }, + { + "action": "protected_branch.update_strict_required_status_checks_policy", + "description": "Enforcement of required status checks was updated for a branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "operation_type", + "strict_required_status_checks_policy" + ] + }, + { + "action": "public_key.create", + "description": "An SSH key was added to a user account or a deploy key was added to a repository.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "read_only", + "operation_type", + "created_at", + "key", + "fingerprint", + "title" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account" + }, + { + "action": "public_key.delete", + "description": "An SSH key was removed from a user account or a deploy key was removed from a repository.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "fingerprint", + "read_only", + "explanation", + "key", + "operation_type", + "title", + "created_at" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys" + }, + { + "action": "public_key.unverification_failure", + "description": "A user account's SSH key or a repository's deploy key was unable to be unverified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "read_only", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.unverify", + "description": "A user account's SSH key or a repository's deploy key was unverified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "title", + "key", + "read_only", + "explanation", + "fingerprint" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.update", + "description": "A user account's SSH key or a repository's deploy key was updated.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "fingerprint", + "read_only", + "operation_type", + "created_at", + "title" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.verification_failure", + "description": "A user account's SSH key or a repository's deploy key was unable to be verified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "fingerprint", + "oauth_application_id", + "title", + "created_at", + "read_only", + "operation_type" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.verify", + "description": "A user account's SSH key or a repository's deploy key was verified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "key", + "fingerprint", + "title", + "read_only" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "pull_request.close", + "description": "A pull request was closed without being merged.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_bot" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/closing-a-pull-request" + }, + { + "action": "pull_request.converted_to_draft", + "description": "A pull request was converted to a draft.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft" + }, + { + "action": "pull_request.create", + "description": "A pull request was created.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_bot", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request" + }, + { + "action": "pull_request.create_review_request", + "description": "A review was requested on a pull request.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "reviewer_type", + "reviewer", + "reviewer_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews" + }, + { + "action": "pull_request.in_progress", + "description": "A pull request was marked as in progress.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at" + ] + }, + { + "action": "pull_request.indirect_merge", + "description": "A pull request was considered merged because the pull request's commits were merged into the target branch.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ] + }, + { + "action": "pull_request.merge", + "description": "A pull request was merged.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_bot" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/merging-a-pull-request" + }, + { + "action": "pull_request.ready_for_review", + "description": "A pull request was marked as ready for review.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#marking-a-pull-request-as-ready-for-review" + }, + { + "action": "pull_request.rebase", + "description": "A pull request was rebased.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "pull_request_url", + "pull_request_title", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "pull_request.remove_review_request", + "description": "A review request was removed from a pull request.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "reviewer_type", + "reviewer", + "reviewer_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews" + }, + { + "action": "pull_request.reopen", + "description": "A pull request was reopened after previously being closed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "operation_type", + "created_at", + "pull_request_url" + ] + }, + { + "action": "pull_request_review_comment.create", + "description": "A review comment was added to a pull request.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "comment_id", + "operation_type", + "created_at", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/about-pull-request-reviews" + }, + { + "action": "pull_request_review_comment.delete", + "description": "A review comment on a pull request was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "comment_id", + "operation_type" + ] + }, + { + "action": "pull_request_review_comment.update", + "description": "A review comment on a pull request was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "comment_id" + ] + }, + { + "action": "pull_request_review.delete", + "description": "A review on a pull request was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "review_id", + "operation_type", + "created_at", + "pull_request_url" + ] + }, + { + "action": "pull_request_review.dismiss", + "description": "A review on a pull request was dismissed.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "review_id", + "operation_type", + "created_at", + "pull_request_url" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/dismissing-a-pull-request-review" + }, + { + "action": "pull_request_review.submit", + "description": "A review on a pull request was submitted.", + "docs_reference_links": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "review_id", + "operation_type", + "created_at", + "pull_request_url", + "actor_is_agent" + ], + "docs_reference_titles": "/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request#submitting-your-review" + }, + { + "action": "repo.access", + "description": "The visibility of a repository changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility", + "previous_visibility" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility" + }, + { + "action": "repo.actions_enabled", + "description": "GitHub Actions was enabled for a repository.", + "docs_reference_links": "organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api" + }, + { + "action": "repo.add_member", + "description": "A collaborator was added to a repository.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type", + "oauth_application_id" + ], + "docs_reference_titles": "Inviting collaborators to a personal repository" + }, + { + "action": "repo.add_topic", + "description": "A topic was added to a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "topic", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics" + }, + { + "action": "repo.advanced_security_disabled", + "description": "GitHub Advanced Security was disabled for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository" + }, + { + "action": "repo.advanced_security_enabled", + "description": "GitHub Advanced Security was enabled for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository" + }, + { + "action": "repo.archived", + "description": "A repository was archived.", + "docs_reference_links": "/repositories/archiving-a-github-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository" + }, + { + "action": "repo.change_merge_setting", + "description": "Pull request merge options were changed for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_analysis_deleted", + "description": "Code scanning analysis for a repository was deleted.", + "docs_reference_links": "/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at", + "public_repo", + "tool", + "category" + ], + "docs_reference_titles": "/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository" + }, + { + "action": "repo.code_scanning_autofix_disabled", + "description": "Autofix for code scanning alerts was disabled for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_autofix_enabled", + "description": "Autofix for code scanning alerts was enabled for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_configuration_for_branch_deleted", + "description": "A code scanning configuration for a branch of a repository was deleted.", + "docs_reference_links": "/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "tool", + "branch", + "category", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Resolving code scanning alerts" + }, + { + "action": "repo.codeql_disabled", + "description": "Code scanning using the default setup was disabled for a repository.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Configuring default setup for code scanning" + }, + { + "action": "repo.codeql_enabled", + "description": "Code scanning using the default setup was enabled for a repository.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "query_suite", + "threat_model", + "languages" + ], + "docs_reference_titles": "Configuring default setup for code scanning" + }, + { + "action": "repo.codeql_updated", + "description": "Code scanning using the default setup was updated for a repository.", + "docs_reference_links": "/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "query_suite", + "threat_model", + "languages", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Configuring default setup for code scanning" + }, + { + "action": "repo.codespaces_trusted_repo_access_granted", + "description": "GitHub Codespaces was granted trusted repository access to this repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.codespaces_trusted_repo_access_revoked", + "description": "GitHub Codespaces trusted repository access to this repository was revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.config.disable_collaborators_only", + "description": "The interaction limit for collaborators only was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.disable_contributors_only", + "description": "The interaction limit for prior contributors only was disabled in a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.disable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only was disabled in a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_collaborators_only", + "description": "The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_contributors_only", + "description": "The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_sockpuppet_disallowed", + "description": "The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.configure_self_hosted_jit_runner", + "description": "A new just-in-time GitHub Actions self-hosted runner was configured", + "docs_reference_links": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository" + }, + { + "action": "repo.create", + "description": "A repository was created.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/creating-a-new-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "request_category", + "created_at", + "oauth_application_id", + "request_method", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/creating-a-new-repository" + }, + { + "action": "repo.create_actions_secret", + "description": "A GitHub Actions secret was created for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.create_actions_variable", + "description": "A GitHub Actions variable was created for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.create_integration_secret", + "description": "A Codespaces or Dependabot secret was created for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.destroy", + "description": "A repository was deleted.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/deleting-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "request_category", + "visibility", + "created_at", + "request_method", + "oauth_application_id", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/deleting-a-repository" + }, + { + "action": "repo.download_zip", + "description": "A source code archive of a repository was downloaded as a ZIP file.", + "docs_reference_links": "/repositories/working-with-files/using-files/downloading-source-code-archives", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/working-with-files/using-files/downloading-source-code-archives" + }, + { + "action": "repo.pages_cname", + "description": "A GitHub Pages custom domain was modified in a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "cname", + "created_at", + "operation_type", + "old_cname" + ] + }, + { + "action": "repo.pages_create", + "description": "A GitHub Pages site was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_destroy", + "description": "A GitHub Pages site was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.pages_https_redirect_disabled", + "description": "HTTPS redirects were disabled for a GitHub Pages site.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_https_redirect_enabled", + "description": "HTTPS redirects were enabled for a GitHub Pages site.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.pages_private", + "description": "A GitHub Pages site visibility was changed to private.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_public", + "description": "A GitHub Pages site visibility was changed to public.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_soft_delete", + "description": "A GitHub Pages site was soft-deleted because its owner's plan changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.pages_soft_delete_restore", + "description": "A GitHub Pages site that was previously soft-deleted was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.pages_source", + "description": "A GitHub Pages source was modified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "visibility", + "created_at" + ] + }, + { + "action": "repo.register_self_hosted_runner", + "description": "A new self-hosted runner was registered.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Adding self-hosted runners" + }, + { + "action": "repo.remove_actions_secret", + "description": "A GitHub Actions secret was deleted for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.remove_actions_variable", + "description": "A GitHub Actions variable was deleted for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.remove_integration_secret", + "description": "A Codespaces or Dependabot secret was deleted for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.remove_member", + "description": "A collaborator was removed from a repository.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "Removing a collaborator from a personal repository" + }, + { + "action": "repo.remove_self_hosted_runner", + "description": "A self-hosted runner was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "repo.remove_topic", + "description": "A topic was removed from a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "topic", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.rename", + "description": "A repository was renamed.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/renaming-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_name", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/renaming-a-repository" + }, + { + "action": "repo.rename_branch", + "description": "A branch was renamed.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_branch", + "new_branch", + "default_branch", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-branches-in-your-repository/renaming-a-branch" + }, + { + "action": "repo.restore", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.self_hosted_runner_offline", + "description": "The runner application was stopped. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "repo.self_hosted_runner_online", + "description": "The runner application was started. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Monitoring and troubleshooting self-hosted runners" + }, + { + "action": "repo.self_hosted_runner_updated", + "description": "The runner application was updated. This event is not included in the JSON/CSV export.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners#about-self-hosted-runners", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "runner_id", + "runner_name", + "source_version", + "target_version", + "runner_group_id", + "runner_group_name" + ], + "docs_reference_titles": "Self-hosted runners" + }, + { + "action": "repo.set_actions_fork_pr_approvals_policy", + "description": "The setting for requiring approvals for workflows from public forks was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks" + }, + { + "action": "repo.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories" + }, + { + "action": "repo.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs in a repository was changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository" + }, + { + "action": "repo.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository" + }, + { + "action": "repo.set_fork_pr_workflows_policy", + "description": "Triggered when the policy for workflows on private repository forks is changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks" + }, + { + "action": "repo.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests" + }, + { + "action": "repo.staff_unlock", + "description": "An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.transfer", + "description": "A user accepted a request to receive a transferred repository.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/transferring-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "old_user", + "operation_type", + "created_at", + "visibility", + "repo_was" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/transferring-a-repository" + }, + { + "action": "repo.transfer_outgoing", + "description": "A repository was transferred to another repository network.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "new_nwo", + "visibility", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "repo.transfer_start", + "description": "A user sent a request to transfer a repository to another user or organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ] + }, + { + "action": "repo.unarchived", + "description": "A repository was unarchived.", + "docs_reference_links": "/repositories/archiving-a-github-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository" + }, + { + "action": "repo.update_actions_access_settings", + "description": "The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "old_policy", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.update_actions_secret", + "description": "A GitHub Actions secret was updated for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.update_actions_settings", + "description": "A repository administrator changed GitHub Actions policy settings for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "new_policy", + "old_policy", + "updated_access_policy", + "actor_is_bot" + ] + }, + { + "action": "repo.update_actions_variable", + "description": "A GitHub Actions variable was updated for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.update_default_branch", + "description": "The default branch for a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "repo.update_integration_secret", + "description": "A Codespaces or Dependabot secret was updated for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.update_member", + "description": "A user's permission to a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "visibility", + "old_permission", + "old_base_role", + "old_repo_permission", + "old_repo_base_role", + "new_repo_base_role", + "new_repo_permission", + "actor_is_bot" + ] + }, + { + "action": "repository_advisory.close", + "description": "Someone closed a security advisory.", + "docs_reference_links": "/code-security/security-advisories/working-with-repository-security-advisories/about-repository-security-advisories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "About repository security advisories" + }, + { + "action": "repository_advisory.cve_request", + "description": "Someone requested a CVE (Common Vulnerabilities and Exposures) number from GitHub for a draft security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repository_advisory.github_broadcast", + "description": "GitHub made a security advisory public in the GitHub Advisory Database.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repository_advisory.github_withdraw", + "description": "GitHub withdrew a security advisory that was published in error.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_advisory.open", + "description": "Someone opened a draft security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repository_advisory.publish", + "description": "Someone published a security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repository_advisory.reopen", + "description": "Someone reopened as draft security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repository_advisory.update", + "description": "Someone edited a draft or published security advisory.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_branch_protection_evaluation.disable", + "description": "Branch protections were disabled for the repository.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "action": "repository_branch_protection_evaluation.enable", + "description": "Branch protections were enabled for this repository.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule" + }, + { + "action": "repository_content_analysis.disable", + "description": "Data use settings were disabled for a private repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories" + }, + { + "action": "repository_content_analysis.enable", + "description": "Data use settings were enabled for a private repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories" + }, + { + "action": "repository_dependency_graph.disable", + "description": "The dependency graph was disabled for a private repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-fea tures-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-fea, tures-for-your-repository/managing-security-and-analysis-settings-for-your-repository#enabling-or-disabling-security-and-analysis-features-for-private-repositories" + }, + { + "action": "repository_dependency_graph.enable", + "description": "The dependency graph was enabled for a private repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "repository_image.create", + "description": "An image to represent a repository was uploaded.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "content_type" + ] + }, + { + "action": "repository_image.destroy", + "description": "An image to represent a repository was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "content_type", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_invitation.accept", + "description": "An invitation to join a repository was accepted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "invitee", + "operation_type", + "inviter" + ] + }, + { + "action": "repository_invitation.cancel", + "description": "An invitation to join a repository was canceled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "inviter", + "operation_type", + "invitee", + "created_at" + ] + }, + { + "action": "repository_invitation.create", + "description": "An invitation to join a repository was sent.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitee", + "inviter", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_invitation.reject", + "description": "An invitation to join a repository was declined.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitee", + "operation_type", + "created_at", + "inviter" + ] + }, + { + "action": "repository_projects_change.clear", + "description": "The repository projects policy was removed for an organization, or all organizations in the enterprise Organization owners can now control their repository projects settings.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-projects-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for projects in your enterprise" + }, + { + "action": "repository_projects_change.disable", + "description": "Repository projects were disabled for a repository, all repositories in an organization, or all organizations in an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_projects_change.enable", + "description": "Repository projects were enabled for a repository, all repositories in an organization, or all organizations in an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_ruleset.create", + "description": "A repository ruleset was created.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules", + "ruleset_conditions", + "ruleset_bypass_actors" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository" + }, + { + "action": "repository_ruleset.destroy", + "description": "A repository ruleset was deleted.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules", + "ruleset_bypass_actors" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset" + }, + { + "action": "repository_ruleset.update", + "description": "A repository ruleset was edited.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules_updated", + "ruleset_conditions_added", + "ruleset_conditions_deleted", + "ruleset_old_enforcement", + "ruleset_rules_added", + "ruleset_rules_deleted", + "ruleset_old_name", + "ruleset_conditions_updated", + "ruleset_bypass_actors_added", + "ruleset_bypass_actors_deleted", + "ruleset_bypass_actors_updated", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset" + }, + { + "action": "repository_secret_scanning_automatic_validity_checks.disabled", + "description": "Automatic partner validation checks have been disabled at the repository level", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository" + }, + { + "action": "repository_secret_scanning_automatic_validity_checks.enabled", + "description": "Automatic partner validation checks have been enabled at the repository level", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository" + }, + { + "action": "repository_secret_scanning_custom_pattern.create", + "description": "A custom pattern was created for secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern.delete", + "description": "A custom pattern was removed from secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern.publish", + "description": "A custom pattern was published for secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern_push_protection.disabled", + "description": "Push protection for a custom pattern for secret scanning was disabled for your repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern_push_protection.enabled", + "description": "Push protection for a custom pattern for secret scanning was enabled for your repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#defining-a-custom-pattern-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning_custom_pattern.update", + "description": "Changes to a custom pattern were saved and a dry run was executed for secret scanning in a repository.", + "docs_reference_links": "/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#editing-a-custom-pattern", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "Defining custom patterns for secret scanning" + }, + { + "action": "repository_secret_scanning.disable", + "description": "Secret scanning was disabled for a repository.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "repository_secret_scanning.enable", + "description": "Secret scanning was enabled for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_secret_scanning_generic_secrets.disabled", + "description": "Generic secrets have been disabled at the repository level", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repository_secret_scanning_generic_secrets.enabled", + "description": "Generic secrets have been enabled at the repository level", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repository_secret_scanning_non_provider_patterns.disabled", + "description": "Secret scanning for non-provider patterns was disabled at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "repository_secret_scanning_non_provider_patterns.enabled", + "description": "Secret scanning for non-provider patterns was enabled at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/secret-scanning-patterns#non-provider-patterns", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Supported secret scanning patterns" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.add", + "description": "A role or team was added to the push protection bypass list at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.disable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Specific roles or teams\" to \"Anyone with write access\" at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.enable", + "description": "Push protection settings for \"Users who can bypass push protection for secret scanning\" changed from \"Anyone with write access\" to \"Specific roles or teams\" at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection_bypass_list.remove", + "description": "A role or team was removed from the push protection bypass list at the repository level.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#enabling-delegated-bypass-for-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection.disable", + "description": "Secret scanning push protection was disabled for a repository.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_secret_scanning_push_protection.enable", + "description": "Secret scanning push protection was enabled for a repository.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "repository_visibility_change.clear", + "description": "The repository visibility change setting was cleared for an organization or enterprise.", + "docs_reference_links": "/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-changes-to-repository-visibility", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/restricting-repository-visibility-changes-in-your-organization, Enforcing repository management policies in your enterprise" + }, + { + "action": "repository_visibility_change.disable", + "description": "The ability for enterprise members to update a repository's visibility was disabled. Members are unable to change repository visibilities in an organization, or all organizations in an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_visibility_change.enable", + "description": "The ability for enterprise members to update a repository's visibility was enabled. Members are able to change repository visibilities in an organization, or all organizations in an enterprise.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repository_vulnerability_alert.auto_dismiss", + "description": "A Dependabot alert was automatically dismissed because its metadata matches an enabled Dependabot rule.", + "docs_reference_links": "/code-security/dependabot/dependabot-alerts/using-alert-rules-to-prioritize-dependabot-alerts", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "alert_id", + "alert_number", + "ghsa_id", + "public_repo", + "owner", + "created_at", + "operation_type", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name" + ], + "docs_reference_titles": "About Dependabot auto-triage rules" + }, + { + "action": "repository_vulnerability_alert.auto_reopen", + "description": "A previously auto-dismissed Dependabot alert was automatically reopened because its metadata no longer matches an enabled Dependabot rule.", + "docs_reference_links": "/code-security/dependabot/dependabot-alerts/using-alert-rules-to-prioritize-dependabot-alerts", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "alert_id", + "alert_number", + "ghsa_id", + "public_repo", + "owner", + "created_at", + "operation_type", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name" + ], + "docs_reference_titles": "About Dependabot auto-triage rules" + }, + { + "action": "repository_vulnerability_alert.create", + "description": "GitHub created a Dependabot alert because the repository uses a vulnerable dependency.", + "docs_reference_links": "/code-security/dependabot/dependabot-alerts/about-dependabot-alerts", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "alert_id", + "created_at", + "alert_number" + ], + "docs_reference_titles": "About Dependabot alerts" + }, + { + "action": "repository_vulnerability_alert.dismiss", + "description": "A Dependabot alert was manually dismissed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "alert_id", + "created_at", + "dismiss_reason", + "dismiss_comment", + "alert_number", + "actor_is_bot" + ] + }, + { + "action": "repository_vulnerability_alert.reintroduce", + "description": "A Dependabot alert was automatically reopened because the repository resumed use of a vulnerable dependency.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "alert_id", + "created_at", + "public_repo", + "owner", + "operation_type", + "alert_number" + ] + }, + { + "action": "repository_vulnerability_alert.reopen", + "description": "A Dependabot alert was manually reopened.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "alert_id", + "created_at", + "owner", + "operation_type", + "public_repo", + "alert_number" + ] + }, + { + "action": "repository_vulnerability_alert.resolve", + "description": "Changes were pushed to update and resolve a Dependabot alert in a project dependency.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "alert_id", + "operation_type", + "created_at", + "alert_number" + ] + }, + { + "action": "repository_vulnerability_alerts.authorized_users_teams", + "description": "The list of people or teams authorized to receive Dependabot alerts for the repository was updated.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts" + }, + { + "action": "repository_vulnerability_alerts_auto_dismissal.disable", + "description": "Automatic dismissal of low-impact Dependabot alerts was disabled for the repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_vulnerability_alerts_auto_dismissal.enable", + "description": "Automatic dismissal of low-impact Dependabot alerts was enabled for the repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "repository_vulnerability_alerts.disable", + "description": "Dependabot alerts was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_vulnerability_alerts.enable", + "description": "Dependabot alerts was enabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "required_status_check.create", + "description": "A status check was marked as required for a protected branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "context", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging" + }, + { + "action": "required_status_check.destroy", + "description": "A status check was no longer marked as required for a protected branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "context", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-status-checks-before-merging" + }, + { + "action": "restrict_notification_delivery.disable", + "description": "Email notification restrictions for an organization or enterprise were disabled.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Restricting email notifications for your organization, Restricting email notifications for your enterprise" + }, + { + "action": "restrict_notification_delivery.enable", + "description": "Email notification restrictions for an organization or enterprise were enabled.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/restricting-email-notifications-for-your-organization, /admin/policies/enforcing-policies-for-your-enterprise/restricting-email-notifications-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Restricting email notifications for your organization, Restricting email notifications for your enterprise" + }, + { + "action": "role.create", + "description": "A new custom repository role was created.", + "docs_reference_links": "/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "owner", + "base_role", + "operation_type", + "role_permissions", + "old_role_permissions" + ], + "docs_reference_titles": "Managing custom repository roles for an organization" + }, + { + "action": "role.destroy", + "description": "A custom repository role was deleted.", + "docs_reference_links": "/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "owner", + "role_permissions", + "base_role", + "operation_type" + ], + "docs_reference_titles": "Managing custom repository roles for an organization" + }, + { + "action": "role.update", + "description": "A custom repository role was edited.", + "docs_reference_links": "/organizations/managing-user-access-to-your-organizations-repositories/managing-repository-roles/managing-custom-repository-roles-for-an-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "role_permissions", + "base_role", + "operation_type", + "created_at", + "old_role_permissions", + "old_base_role" + ], + "docs_reference_titles": "Managing custom repository roles for an organization" + }, + { + "action": "secret_scanning_alert.create", + "description": "GitHub detected a secret and created a secret scanning alert.", + "docs_reference_links": "/code-security/secret-scanning/managing-alerts-from-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo" + ], + "docs_reference_titles": "Manage secret scanning alerts" + }, + { + "action": "secret_scanning_alert.reopen", + "description": "A secret scanning alert was reopened.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "secret_type_display_name" + ] + }, + { + "action": "secret_scanning_alert.resolve", + "description": "A secret scanning alert was resolved.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "resolution", + "public_repo", + "created_at", + "operation_type", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo" + ] + }, + { + "action": "secret_scanning_alert.revoke", + "description": "A secret scanning alert was revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "secret_scanning_alert.validate", + "description": "A secret scanning alert was validated.", + "docs_reference_links": "/code-security/secret-scanning/managing-alerts-from-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "created_at", + "previous_validity", + "current_validity", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo" + ], + "docs_reference_titles": "Manage secret scanning alerts" + }, + { + "action": "secret_scanning.disable", + "description": "Secret scanning was disabled for all existing repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning.enable", + "description": "Secret scanning was enabled for all existing repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning_new_repos.disable", + "description": "Secret scanning was disabled for all new repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning_new_repos.enable", + "description": "Secret scanning was enabled for all new repositories.", + "docs_reference_links": "/code-security/secret-scanning/about-secret-scanning", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "About secret scanning" + }, + { + "action": "secret_scanning_push_protection.bypass", + "description": "Triggered when a user bypasses the push protection on a secret detected by secret scanning.", + "docs_reference_links": "/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "created_at", + "push_protection_bypass_reason", + "secret_type", + "secret_type_display_name", + "publicly_leaked", + "multi_repo", + "request_reviewer", + "request_reviewer_id" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "secret_scanning_push_protection_request.approve", + "description": "A request to bypass secret scanning push protection was approved by a user.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "secret_scanning_push_protection_request.deny", + "description": "A request to bypass secret scanning push protection was denied by a user.", + "docs_reference_links": "/code-security/secret-scanning/push-protection-for-repositories-and-organizations#managing-requests-to-bypass-push-protection", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot", + "request_reviewer_comment" + ], + "docs_reference_titles": "About push protection" + }, + { + "action": "secret_scanning_push_protection_request.request", + "description": "A user requested to bypass secret scanning push protection.", + "docs_reference_links": "/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "number", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "/code-security/secret-scanning/working-with-push-protection#requesting-bypass-privileges-when-working-with-the-command-line" + }, + { + "action": "sponsors.agreement_sign", + "description": "A GitHub Sponsors agreement was signed on behalf of an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.custom_amount_settings_change", + "description": "Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers" + }, + { + "action": "sponsors.fiscal_host_change", + "description": "The fiscal host for a GitHub Sponsors listing was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.invoiced_agreement_sign", + "description": "An agreement for invoiced billing for GitHub Sponsors was signed.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/paying-for-github-sponsors-by-invoice" + }, + { + "action": "sponsors.repo_funding_links_file_action", + "description": "The FUNDING file in a repository was changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository" + }, + { + "action": "sponsors.sponsor_sponsorship_cancel", + "description": "A sponsorship was canceled.", + "docs_reference_links": "/billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Downgrading a sponsorship" + }, + { + "action": "sponsors.sponsor_sponsorship_create", + "description": "A sponsorship was created, by sponsoring an account.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes" + }, + { + "action": "sponsors.sponsor_sponsorship_payment_complete", + "description": "After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "active", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes" + }, + { + "action": "sponsors.sponsor_sponsorship_preference_change", + "description": "The option to receive email updates from a sponsored account was changed.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship" + }, + { + "action": "sponsors.sponsor_sponsorship_tier_change", + "description": "A sponsorship was upgraded or downgraded.", + "docs_reference_links": "/billing/managing-billing-for-github-sponsors/upgrading-a-sponsorship, /billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Upgrading a sponsorship, Downgrading a sponsorship" + }, + { + "action": "sponsors.sponsored_developer_approve", + "description": "A GitHub Sponsors account was approved.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_create", + "description": "A GitHub Sponsors account was created.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_disable", + "description": "A GitHub Sponsors account was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "operation_type", + "created_at" + ] + }, + { + "action": "sponsors.sponsored_developer_profile_update", + "description": "The profile for GitHub Sponsors account was edited.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors" + }, + { + "action": "sponsors.sponsored_developer_redraft", + "description": "A GitHub Sponsors account was returned to draft state from approved state.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.sponsored_developer_request_approval", + "description": "An application for GitHub Sponsors was submitted for approval.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_tier_description_update", + "description": "The description for a sponsorship tier was changed.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers" + }, + { + "action": "sponsors.sponsors_patreon_user_create", + "description": "A Patreon account was linked to a user account for use with GitHub Sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "patreon_email", + "patreon_username", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account" + }, + { + "action": "sponsors.sponsors_patreon_user_destroy", + "description": "A Patreon account for use with GitHub Sponsors was unlinked from a user account.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/unlinking-your-patreon-account-from-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "patreon_email", + "patreon_username", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Unlinking your Patreon account from GitHub" + }, + { + "action": "sponsors.update_tier_repository", + "description": "A GitHub Sponsors tier changed access for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.update_tier_welcome_message", + "description": "The welcome message for a GitHub Sponsors tier for an organization was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.withdraw_agreement_signature", + "description": "A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "ssh_certificate_authority.create", + "description": "An SSH certificate authority for an organization or enterprise was created.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "fingerprint", + "operation_type", + "openssh_public_key", + "created_at" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "ssh_certificate_authority.destroy", + "description": "An SSH certificate authority for an organization or enterprise was deleted.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "fingerprint", + "operation_type", + "openssh_public_key" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "ssh_certificate_requirement.disable", + "description": "The requirement for members to use SSH certificates to access an organization resources was disabled.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "ssh_certificate_requirement.enable", + "description": "The requirement for members to use SSH certificates to access an organization resources was enabled.", + "docs_reference_links": "/organizations/managing-git-access-to-your-organizations-repositories/managing-your-organizations-ssh-certificate-authorities, /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-security-settings-in-your-enterprise#managing-ssh-certificate-authorities-for-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing your organization's SSH certificate authorities, Enforcing policies for security settings in your enterprise" + }, + { + "action": "staff.dependabot_debug_credentials_generated", + "description": "Dependabot encrypted config was read.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "staff.set_domain_token_expiration", + "description": "The verification code expiry time for an organization or enterprise domain was set.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner_type", + "domain_name", + "token_expires_at", + "owner", + "operation_type", + "created_at" + ] + }, + { + "action": "staff.unverify_domain", + "description": "An organization or enterprise domain was unverified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner_type", + "domain_name", + "owner", + "operation_type" + ] + }, + { + "action": "staff.verify_domain", + "description": "An organization or enterprise domain was verified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "domain_name", + "operation_type", + "created_at" + ] + }, + { + "action": "team.add_member", + "description": "A member of an organization was added to a team.", + "docs_reference_links": "/organizations/organizing-members-into-teams/adding-organization-members-to-a-team", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type", + "team_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/adding-organization-members-to-a-team" + }, + { + "action": "team.add_repository", + "description": "A team was given access and permissions to a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "team.change_parent_team", + "description": "A child team was created or a child team's parent was changed.", + "docs_reference_links": "/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "team", + "operation_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/moving-a-team-in-your-organizations-hierarchy" + }, + { + "action": "team.change_privacy", + "description": "A team's privacy level was changed.", + "docs_reference_links": "/organizations/organizing-members-into-teams/changing-team-visibility", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "created_at", + "operation_type", + "team_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/changing-team-visibility" + }, + { + "action": "team.create", + "description": "A new team is created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "team", + "created_at", + "team_type" + ] + }, + { + "action": "team.demote_maintainer", + "description": "A user was demoted from a team maintainer to a team member.", + "docs_reference_links": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member" + }, + { + "action": "team.destroy", + "description": "A team was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "team", + "operation_type", + "team_type" + ] + }, + { + "action": "team_discussions.clear", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team_discussions.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team_discussions.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team_group_mapping.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "team" + ] + }, + { + "action": "team_group_mapping.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "team", + "created_at" + ] + }, + { + "action": "team_group_mapping.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at" + ] + }, + { + "action": "team.promote_maintainer", + "description": "A user was promoted from a team member to a team maintainer.", + "docs_reference_links": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/assigning-the-team-maintainer-role-to-a-team-member#promoting-an-organization-member-to-team-maintainer" + }, + { + "action": "team.remove_member", + "description": "An organization member was removed from a team.", + "docs_reference_links": "/organizations/organizing-members-into-teams/removing-organization-members-from-a-team", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "team", + "team_type" + ], + "docs_reference_titles": "/organizations/organizing-members-into-teams/removing-organization-members-from-a-team" + }, + { + "action": "team.remove_repository", + "description": "A repository was removed from a team's control.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "team", + "operation_type" + ] + }, + { + "action": "team.rename", + "description": "A team's name was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "team", + "operation_type", + "team_type" + ] + }, + { + "action": "team_sync_tenant.disabled", + "description": "Team synchronization with a tenant was disabled.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise" + }, + { + "action": "team_sync_tenant.enabled", + "description": "Team synchronization with a tenant was enabled.", + "docs_reference_links": "/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization, /admin/identity-and-access-management/using-saml-for-enterprise-iam/managing-team-synchronization-for-organizations-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing team synchronization for your organization, Managing team synchronization for organizations in your enterprise" + }, + { + "action": "team_sync_tenant.update_okta_credentials", + "description": "The Okta credentials for team synchronization with a tenant were changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "team.update_repository_permission", + "description": "A team's permission to a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "team", + "old_permission", + "operation_type", + "created_at", + "permission", + "new_repo_permission", + "new_repo_base_role", + "old_repo_permission", + "old_repo_base_role" + ] + }, + { + "action": "vulnerability_alert_rule.create", + "description": "A Dependabot rule was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "created_at", + "operation_type" + ] + }, + { + "action": "vulnerability_alert_rule.delete", + "description": "A Dependabot rule was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "created_at", + "operation_type" + ] + }, + { + "action": "vulnerability_alert_rule.disable", + "description": "A Dependabot rule was disabled for a single repository or disabled by default for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "vulnerability_alert_rule.enable", + "description": "A Dependabot rule was enabled for a single repository or enabled by default for an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "vulnerability_alert_rule.force_disable", + "description": "A Dependabot rule was enabled for an organization and cannot be disabled for its repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "created_at", + "operation_type" + ] + }, + { + "action": "vulnerability_alert_rule.force_enable", + "description": "A Dependabot rule was disabled for an organization and cannot be enabled for its repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "created_at", + "operation_type" + ] + }, + { + "action": "vulnerability_alert_rule.update", + "description": "A Dependabot rule's conditions, actions, or metadata changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "vulnerability_alert_rule_id", + "vulnerability_alert_rule_name", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.approve_workflow_job", + "description": "A workflow job was approved.", + "docs_reference_links": "/actions/managing-workflow-runs/reviewing-deployments", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Reviewing deployments" + }, + { + "action": "workflows.bypass_protection_rules", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.cancel_workflow_run", + "description": "A workflow run was cancelled.", + "docs_reference_links": "/actions/managing-workflow-runs/canceling-a-workflow", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "run_number", + "cancelled_at", + "workflow_id", + "operation_type", + "trigger_id", + "public_repo" + ], + "docs_reference_titles": "Canceling a workflow run" + }, + { + "action": "workflows.comment_workflow_job", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.completed_workflow_run", + "description": "A workflow status changed to completed. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/monitoring-and-troubleshooting-workflows/viewing-workflow-run-history", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "completed_at", + "conclusion", + "run_number", + "workflow_id", + "operation_type", + "trigger_id", + "run_attempt", + "actor_is_bot", + "actor_is_agent" + ], + "docs_reference_titles": "Viewing workflow run history" + }, + { + "action": "workflows.created_workflow_run", + "description": "A workflow run was create. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/learn-github-actions/understanding-github-actions#create-an-example-workflow", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "workflow_id", + "operation_type", + "trigger_id", + "public_repo", + "actor_is_bot", + "actor_is_agent" + ], + "docs_reference_titles": "Understanding GitHub Actions" + }, + { + "action": "workflows.delete_workflow_run", + "description": "A workflow run was deleted.", + "docs_reference_links": "/actions/managing-workflow-runs/deleting-a-workflow-run", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "workflow_run_id", + "started_at", + "head_branch", + "head_sha", + "trigger_id" + ], + "docs_reference_titles": "Deleting a workflow run" + }, + { + "action": "workflows.disable_workflow", + "description": "A workflow was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_id", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "workflows.enable_workflow", + "description": "A workflow was enabled, after previously being disabled by disable_workflow.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_id", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "workflows.pin_workflow", + "description": "A workflow was pinned.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "workflow_id", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "workflows.prepared_workflow_job", + "description": "A workflow job was started. Includes the list of secrets that were provided to the job. This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.", + "docs_reference_links": "/actions/using-workflows/events-that-trigger-workflows", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "job_name", + "runner_labels", + "is_hosted_runner", + "environment_name", + "secrets_passed", + "operation_type", + "created_at", + "runner_owner_type", + "job_workflow_ref", + "calling_workflow_refs", + "calling_workflow_shas", + "imposer_repo" + ], + "docs_reference_titles": "Events that trigger workflows" + }, + { + "action": "workflows.reject_workflow_job", + "description": "A workflow job was rejected.", + "docs_reference_links": "/actions/managing-workflow-runs/reviewing-deployments", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Reviewing deployments" + }, + { + "action": "workflows.rerun_workflow_run", + "description": "A workflow run was re-run.", + "docs_reference_links": "/actions/managing-workflow-runs/re-running-workflows-and-jobs", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "started_at", + "event", + "name", + "workflow_run_id", + "head_branch", + "head_sha", + "run_number", + "workflow_id", + "operation_type", + "trigger_id", + "run_attempt", + "rerun_type", + "check_run_id", + "actor_is_bot" + ], + "docs_reference_titles": "Re-running workflows and jobs" + }, + { + "action": "workflows.unpin_workflow", + "description": "A workflow was unpinned after previously being pinned.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "workflow_id", + "created_at", + "operation_type", + "actor_is_bot" + ] + } +] \ No newline at end of file diff --git a/src/audit-logs/data/ghes-3.14/user.json b/src/audit-logs/data/ghes-3.14/user.json new file mode 100644 index 000000000000..315369a09f99 --- /dev/null +++ b/src/audit-logs/data/ghes-3.14/user.json @@ -0,0 +1,12477 @@ +[ + { + "action": "account.billing_date_change", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "account.plan_change", + "description": "The account's plan changed.", + "docs_reference_links": "/billing/managing-the-plan-for-your-github-account/about-billing-for-plans", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "How GitHub billing works" + }, + { + "action": "account_recovery_token.confirm", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "account_recovery_token.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "account_recovery_token.recover", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "actions_cache.delete", + "description": "A GitHub Actions cache was deleted using the REST API.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "actions_cache_id", + "actions_cache_key", + "actions_cache_version", + "actions_cache_scope", + "created_at", + "operation_type" + ] + }, + { + "action": "artifact.destroy", + "description": "A workflow run artifact was manually deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "billing.change_billing_type", + "description": "The way the account pays for GitHub was changed.", + "docs_reference_links": "/billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Managing your payment and billing information" + }, + { + "action": "billing.change_email", + "description": "The billing email address changed.", + "docs_reference_links": "/billing/managing-your-github-billing-settings/setting-your-billing-email", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "email" + ], + "docs_reference_titles": "Managing your payment and billing information" + }, + { + "action": "billing.lock", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "billing.unlock", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "billing.update_bill_cycle_day", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "business.set_actions_fork_pr_approvals_policy", + "description": "The policy for requiring approvals for workflows from public forks was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-artifact-and-log-retention-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-workflow-permissions-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_fork_pr_workflows_policy", + "description": "The policy for fork pull request workflows was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#enforcing-a-policy-for-fork-pull-requests-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "business.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for an enterprise.", + "docs_reference_links": "/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-github-actions-in-your-enterprise#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Enforcing policies for GitHub Actions in your enterprise" + }, + { + "action": "checks.auto_trigger_disabled", + "description": "Automatic creation of check suites was disabled on a repository in the organization or enterprise.", + "docs_reference_links": "/rest/checks#update-repository-preferences-for-check-suites", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/checks#update-repository-preferences-for-check-suites" + }, + { + "action": "checks.auto_trigger_enabled", + "description": "Automatic creation of check suites was enabled on a repository in the organization or enterprise.", + "docs_reference_links": "/rest/checks#update-repository-preferences-for-check-suites", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "/rest/checks#update-repository-preferences-for-check-suites" + }, + { + "action": "checks.delete_logs", + "description": "Logs in a check suite were deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "codespaces.allow_permissions", + "description": "A codespace using custom permissions from its devcontainer.json file was launched.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "origin_repository", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.connect", + "description": "Credentials for a codespace were refreshed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot", + "machine_type", + "devcontainer_path" + ] + }, + { + "action": "codespaces.create", + "description": "A codespace was created", + "docs_reference_links": "/codespaces/developing-in-codespaces/creating-a-codespace-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at", + "actor_is_bot", + "machine_type", + "devcontainer_path" + ], + "docs_reference_titles": "Creating a codespace for a repository" + }, + { + "action": "codespaces.destroy", + "description": "A user deleted a codespace.", + "docs_reference_links": "/codespaces/developing-in-codespaces/deleting-a-codespace", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "pull_request_id", + "owner", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Deleting a codespace" + }, + { + "action": "codespaces.export_environment", + "description": "A codespace was exported to a branch on GitHub.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "owner", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "codespaces.restore", + "description": "A codespace was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.start_environment", + "description": "A codespace was started.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "owner", + "pull_request_id", + "machine_type", + "devcontainer_path", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "codespaces.suspend_environment", + "description": "A codespace was stopped.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "codespaces.trusted_repositories_access_update", + "description": "A personal account's access and security setting for Codespaces were updated.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "copilot.cfb_seat_added", + "description": "A Copilot Business or Copilot Enterprise seat was added for a user and they have received access to GitHub Copilot. This can occur as the result of directly assigning a seat for a user, assigning a seat for a team, or setting the organization to allow access for all members.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_created", + "description": "A Copilot Business or Copilot Enterprise seat assignment was newly created for a user or a team, and seats are being created.", + "docs_reference_links": "/copilot/overview-of-github-copilot/about-github-copilot-for-business", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "What is GitHub Copilot?" + }, + { + "action": "copilot.cfb_seat_assignment_refreshed", + "description": "A seat assignment that was previously pending cancellation was re-assigned and the user will retain access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_reused", + "description": "A Copilot Business or Copilot Enterprise seat assignment was re-created for a user who already had a seat with no pending cancellation date, and the user will retain access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_assignment_unassigned", + "description": "A user or team's Copilot Business or Copilot Enterprise seat assignment was unassigned, and the user(s) will lose access to Copilot at the end of the current billing cycle.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "copilot.cfb_seat_cancelled", + "description": "A user's Copilot Business or Copilot Enterprise seat was canceled, and the user no longer has access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "seat_assignment" + ] + }, + { + "action": "copilot.cfb_seat_cancelled_by_staff", + "description": "A user's Copilot Business or Copilot Enterprise seat was canceled manually by GitHub staff, and the user no longer has access to Copilot.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "custom_hosted_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "dependabot_alerts.disable", + "description": "Dependabot alerts were disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories" + }, + { + "action": "dependabot_alerts.enable", + "description": "Dependabot alerts were enabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-for-all-existing-repositories" + }, + { + "action": "dependabot_alerts_new_repos.disable", + "description": "Dependabot alerts were disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added" + }, + { + "action": "dependabot_alerts_new_repos.enable", + "description": "Dependabot alerts were enabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization#enabling-or-disabling-a-feature-automatically-when-new-repositories-are-added" + }, + { + "action": "dependabot_repository_access.repositories_updated", + "description": "The repositories that Dependabot can access were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "dependabot_security_updates.disable", + "description": "Dependabot security updates were disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependabot_security_updates.enable", + "description": "Dependabot security updates were enabled for all existing repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "dependabot_security_updates_new_repos.disable", + "description": " Dependabot security updates were disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependabot_security_updates_new_repos.enable", + "description": "Dependabot security updates were enabled for all new repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "dependency_graph.disable", + "description": "The dependency graph was disabled for all existing repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependency_graph.enable", + "description": "The dependency graph was enabled for all existing repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "dependency_graph_new_repos.disable", + "description": "The dependency graph was disabled for all new repositories.", + "docs_reference_links": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization" + }, + { + "action": "dependency_graph_new_repos.enable", + "description": "The dependency graph was enabled for all new repositories.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "environment.add_protection_rule", + "description": "A GitHub Actions deployment protection rule was created via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "environment.create_actions_secret", + "description": "A secret was created for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.create_actions_variable", + "description": "A variable was created for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "environment_name", + "public_repo", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.delete", + "description": "An environment was deleted.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deleting-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.remove_actions_secret", + "description": "A secret was deleted for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.remove_actions_variable", + "description": "A variable was deleted for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.remove_protection_rule", + "description": "A GitHub Actions deployment protection rule was deleted via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.update_actions_secret", + "description": "A secret was updated for a GitHub Actions environment.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#environment-secrets", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "visibility", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "environment.update_actions_variable", + "description": "A variable was updated for a GitHub Actions environment.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-an-environment", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "environment_name", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "environment.update_protection_rule", + "description": "A GitHub Actions deployment protection rule was updated via the API.", + "docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "new_value", + "approvers_was", + "approvers", + "can_admins_bypass", + "prevent_self_review" + ], + "docs_reference_titles": "Managing environments for deployment" + }, + { + "action": "gist.create", + "description": "A gist was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "gist_id", + "created_at", + "operation_type", + "visibility" + ] + }, + { + "action": "gist.destroy", + "description": "A gist was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "gist_id", + "visibility", + "created_at", + "operation_type" + ] + }, + { + "action": "gist.visibility_change", + "description": "The visibility of a gist was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "gist_id", + "visibility", + "created_at" + ] + }, + { + "action": "git_signing_ssh_public_key.create", + "description": "An SSH key was added to a user account as a Git commit signing key.", + "docs_reference_links": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key" + }, + { + "action": "git_signing_ssh_public_key.delete", + "description": "An SSH key was removed from a user account as a Git commit signing key.", + "docs_reference_links": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "explanation", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key" + }, + { + "action": "github_hosted_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "github_hosted_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "github_hosted_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "gpg_key.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "gpg_key.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "hook.active_changed", + "description": "A hook's active status was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "events", + "active", + "active_was", + "hook_id", + "operation_type" + ] + }, + { + "action": "hook.config_changed", + "description": "A hook's configuration was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "hook_id", + "created_at", + "oauth_application_id", + "events" + ] + }, + { + "action": "hook.create", + "description": "A new hook was added.", + "docs_reference_links": "/get-started/exploring-integrations/about-webhooks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "hook_id", + "events", + "operation_type", + "name", + "created_at" + ], + "docs_reference_titles": "About webhooks" + }, + { + "action": "hook.destroy", + "description": "A hook was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "events", + "created_at", + "name", + "operation_type", + "oauth_application_id", + "hook_id" + ] + }, + { + "action": "hook.events_changed", + "description": "A hook's configured events were changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "events", + "operation_type", + "name", + "events_were", + "created_at", + "hook_id", + "oauth_application_id" + ] + }, + { + "action": "integration.create", + "description": "A GitHub App was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "integration", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.destroy", + "description": "A GitHub App was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "integration.generate_client_secret", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration_installation.create", + "description": "A GitHub App was installed.", + "docs_reference_links": "/apps/using-github-apps/authorizing-github-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "name", + "repository_selection", + "created_at", + "integration", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/authorizing-github-apps" + }, + { + "action": "integration_installation.destroy", + "description": "A GitHub App was uninstalled.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "repository_selection", + "integration", + "operation_type", + "name", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.repositories_added", + "description": "Repositories were added to a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "repository_selection", + "name", + "integration", + "operation_type", + "repositories_added", + "created_at", + "repositories_added_names", + "actor_is_bot", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access" + }, + { + "action": "integration_installation.repositories_removed", + "description": "Repositories were removed from a GitHub App.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "repository_selection", + "repositories_removed", + "integration", + "created_at", + "name", + "repositories_removed_names", + "actor_is_bot", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#modifying-repository-access" + }, + { + "action": "integration_installation.suspend", + "description": "A GitHub App was suspended.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "repository_selection", + "integration", + "operation_type", + "created_at", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.unsuspend", + "description": "A GitHub App was unsuspended.", + "docs_reference_links": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "repository_selection", + "integration", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/using-github-apps/reviewing-and-modifying-installed-github-apps#blocking-access" + }, + { + "action": "integration_installation.version_updated", + "description": "Permissions for a GitHub App were updated.", + "docs_reference_links": "/apps/using-github-apps/approving-updated-permissions-for-a-github-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "integration", + "name", + "operation_type", + "created_at", + "repository_selection", + "application_client_id" + ], + "docs_reference_titles": "/apps/using-github-apps/approving-updated-permissions-for-a-github-app" + }, + { + "action": "integration.manager_added", + "description": "A member of an enterprise or organization was added as a GitHub App manager.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "name", + "manager", + "operation_type", + "integration" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#giving-someone-the-ability-to-manage-all-github-apps-owned-by-the-organization" + }, + { + "action": "integration.manager_removed", + "description": "A member of an enterprise or organization was removed from being a GitHub App manager.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "integration", + "name", + "created_at", + "manager" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/adding-and-removing-github-app-managers-in-your-organization#removing-a-github-app-managers-permissions-for-the-entire-organization" + }, + { + "action": "integration.remove_client_secret", + "description": "A client secret for a GitHub App was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at" + ] + }, + { + "action": "integration.revoke_all_tokens", + "description": "All user tokens for a GitHub App were requested to be revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.revoke_tokens", + "description": "Token(s) for a GitHub App were revoked.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "operation_type", + "created_at", + "application_client_id" + ] + }, + { + "action": "integration.suspend", + "description": "A GitHub App was suspended.", + "docs_reference_links": "/apps/maintaining-github-apps/suspending-a-github-app-installation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "created_at", + "operation_type", + "application_client_id" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/suspending-a-github-app-installation" + }, + { + "action": "integration.transfer", + "description": "Ownership of a GitHub App was transferred to another user or organization.", + "docs_reference_links": "/apps/maintaining-github-apps/transferring-ownership-of-a-github-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "transfer_to_id", + "requester", + "requester_id", + "created_at", + "transfer_to", + "operation_type", + "integration", + "transfer_from", + "transfer_from_id", + "transfer_from_type", + "transfer_to_type" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/transferring-ownership-of-a-github-app" + }, + { + "action": "integration.unsuspend", + "description": "A GitHub App was unsuspended.", + "docs_reference_links": "/apps/maintaining-github-apps/suspending-a-github-app-installation", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "integration", + "created_at", + "operation_type", + "application_client_id" + ], + "docs_reference_titles": "/apps/maintaining-github-apps/suspending-a-github-app-installation" + }, + { + "action": "marketplace_agreement_signature.create", + "description": "The GitHub Marketplace Developer Agreement was signed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.approve", + "description": "A listing was approved for inclusion in GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "secondary_category", + "primary_category", + "operation_type", + "created_at", + "marketplace_listing", + "integration" + ] + }, + { + "action": "marketplace_listing.change_category", + "description": "A category for a listing for an app in GitHub Marketplace was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "marketplace_listing", + "integration", + "secondary_category", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.create", + "description": "A listing for an app in GitHub Marketplace was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "created_at", + "oauth_application", + "marketplace_listing", + "secondary_category", + "oauth_application_id", + "operation_type" + ] + }, + { + "action": "marketplace_listing.delist", + "description": "A listing was removed from GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "secondary_category", + "operation_type", + "marketplace_listing", + "primary_category", + "integration" + ] + }, + { + "action": "marketplace_listing_plan.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "marketplace_listing", + "has_free_trial", + "yearly_price_in_cents", + "description", + "bullets", + "monthly_price_in_cents", + "marketplace_listing_plan" + ] + }, + { + "action": "marketplace_listing_plan.publish", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "marketplace_listing_plan", + "marketplace_listing", + "description", + "bullets", + "has_free_trial", + "created_at", + "operation_type", + "monthly_price_in_cents", + "yearly_price_in_cents" + ] + }, + { + "action": "marketplace_listing_plan.retire", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "marketplace_listing_plan", + "description", + "yearly_price_in_cents", + "created_at", + "bullets", + "has_free_trial", + "marketplace_listing", + "monthly_price_in_cents", + "operation_type" + ] + }, + { + "action": "marketplace_listing_plan.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "monthly_price_in_cents", + "marketplace_listing", + "description", + "bullets", + "yearly_price_in_cents", + "has_free_trial", + "marketplace_listing_plan", + "operation_type", + "created_at" + ] + }, + { + "action": "marketplace_listing.redraft", + "description": "A listing was sent back to draft state.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "secondary_category", + "oauth_application_id", + "operation_type", + "oauth_application", + "created_at", + "marketplace_listing", + "primary_category" + ] + }, + { + "action": "marketplace_listing.reject", + "description": "A listing was not accepted for inclusion in GitHub Marketplace.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "primary_category", + "secondary_category", + "marketplace_listing", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "merge_queue.pull_request_dequeued", + "description": "A pull request was removed from a merge queue.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.pull_request_queue_jump", + "description": "A pull request was moved ahead in a merge queue.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.queue_cleared", + "description": "A merge queue was cleared.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "merge_queue.update_settings", + "description": "The settings for a merge queue were updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "max_entries_to_build", + "min_entries_to_merge", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "metered_billing_configuration.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "metered_billing_configuration.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "metered_billing_configuration.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "migration.create", + "description": "A migration file was created for transferring data from a source location (such as a GitHub.com organization or a GitHub Enterprise Server instance) to a target GitHub Enterprise Server instance.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "oauth_access.create", + "description": "An OAuth access token was generated.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, /authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps, Managing your personal access tokens" + }, + { + "action": "oauth_access.destroy", + "description": "An OAuth access token was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "explanation", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps" + }, + { + "action": "oauth_access.regenerate", + "description": "An OAuth access token was regenerated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "oauth_application_name" + ] + }, + { + "action": "oauth_access.update", + "description": "An OAuth access token was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "oauth_application.create", + "description": "An OAuth application was created.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "oauth_application" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.destroy", + "description": "An OAuth application was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "oauth_application" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.generate_client_secret", + "description": "An OAuth application's secret key was generated.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.remove_client_secret", + "description": "An OAuth application's secret key was deleted.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.reset_secret", + "description": "The secret key for an OAuth application was reset.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "operation_type", + "created_at", + "oauth_application_id" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.revoke_all_tokens", + "description": "All user tokens for an OAuth application were requested to be revoked.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application", + "oauth_application_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.revoke_tokens", + "description": "Token(s) for an OAuth application were revoked.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "oauth_application", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_application.transfer", + "description": "An OAuth application was transferred from one account to another.", + "docs_reference_links": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "oauth_application", + "oauth_application_id" + ], + "docs_reference_titles": "/apps/oauth-apps/building-oauth-apps/authenticating-to-the-rest-api-with-an-oauth-app#registering-your-app" + }, + { + "action": "oauth_authorization.create", + "description": "An authorization for an OAuth application was created.", + "docs_reference_links": "/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot", + "oauth_application_name" + ], + "docs_reference_titles": "/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps" + }, + { + "action": "oauth_authorization.destroy", + "description": "An authorization for an OAuth application was deleted.", + "docs_reference_links": "/apps/using-github-apps/reviewing-your-authorized-integrations", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "explanation", + "actor_is_bot", + "oauth_application_name" + ], + "docs_reference_titles": "Reviewing and revoking authorization of GitHub Apps" + }, + { + "action": "org.add_member", + "description": "A user joined an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "org.add_outside_collaborator", + "description": "An outside collaborator was added to a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "inviter", + "public_repo", + "permission", + "invitee", + "created_at", + "operation_type" + ] + }, + { + "action": "org.advanced_security_disabled_for_new_repos", + "description": "GitHub Advanced Security was disabled for new repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_disabled_on_all_repos", + "description": "GitHub Advanced Security was disabled for all repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_enabled_for_new_repos", + "description": "GitHub Advanced Security was enabled for new repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.advanced_security_enabled_on_all_repos", + "description": "GitHub Advanced Security was enabled for all repositories in an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "org.remove_member", + "description": "A member was removed from an organization, either manually or due to a two-factor authentication requirement.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "org.set_actions_fork_pr_approvals_policy", + "description": "The setting for requiring approvals for workflows from public forks was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#requiring-approval-for-workflows-from-public-forks" + }, + { + "action": "org.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks" + }, + { + "action": "org.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs in an organization was changed.", + "docs_reference_links": "/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization" + }, + { + "action": "org.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#setting-the-permissions-of-the-github_token-for-your-organization" + }, + { + "action": "org.set_fork_pr_workflows_policy", + "description": "The policy for workflows on private repository forks was changed.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#enabling-workflows-for-private-repository-forks" + }, + { + "action": "org.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for an organization.", + "docs_reference_links": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-organization-settings/disabling-or-limiting-github-actions-for-your-organization#preventing-github-actions-from-creating-or-approving-pull-requests" + }, + { + "action": "org.update_member", + "description": "A person's role was changed from owner to member or member to owner.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "old_permission", + "permission", + "operation_type" + ] + }, + { + "action": "org.update_member_repository_creation_permission", + "description": "The create repository permission for organization members was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "org.update_member_repository_invitation_permission", + "description": "An organization owner changed the policy setting for organization members inviting outside collaborators to repositories.", + "docs_reference_links": "/organizations/managing-organization-settings/setting-permissions-for-adding-outside-collaborators", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "permission", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Setting permissions for adding outside collaborators" + }, + { + "action": "pages_protected_domain.create", + "description": "A GitHub Pages verified domain was created for an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "pages_protected_domain.delete", + "description": "A GitHub Pages verified domain was deleted from an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "pages_protected_domain.verify", + "description": "A GitHub Pages domain was verified for an organization or enterprise.", + "docs_reference_links": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "owner_type", + "domain", + "state", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages" + }, + { + "action": "passkey.register", + "description": "A new passkey was added.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "nickname", + "created_at", + "operation_type" + ] + }, + { + "action": "passkey.remove", + "description": "A new passkey was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "nickname", + "created_at", + "operation_type" + ] + }, + { + "action": "payment_method.create", + "description": "A new payment method was added, such as a new credit card or PayPal account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "payment_method.remove", + "description": "A payment method was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "payment_method.update", + "description": "An existing payment method was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "personal_access_token.access_granted", + "description": "A fine-grained personal access token was granted access to resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.access_revoked", + "description": "A fine-grained personal access token was revoked. The token can still read public organization resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/reviewing-and-revoking-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.create", + "description": "Triggered when you create a fine-grained personal access token.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ] + }, + { + "action": "personal_access_token.credential_regenerated", + "description": "Triggered when you regenerate a fine-grained personal access token.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "created_at", + "operation_type" + ] + }, + { + "action": "personal_access_token.credential_revoked", + "description": "A fine-grained personal access token was revoked by GitHub Advanced Security.", + "docs_reference_links": "/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/code-security/getting-started/github-security-features#secret-scanning-alerts-for-users" + }, + { + "action": "personal_access_token.destroy", + "description": "Triggered when you delete a fine-grained personal access token.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "explanation", + "created_at", + "operation_type" + ] + }, + { + "action": "personal_access_token.request_cancelled", + "description": "A pending request for a fine-grained personal access token to access organization resources was canceled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ] + }, + { + "action": "personal_access_token.request_created", + "description": "Triggered when a fine-grained personal access token was created to access organization resources and the organization requires approval before the token can access organization resources.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_id", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.request_denied", + "description": "A request for a fine-grained personal access token to access organization resources was denied.", + "docs_reference_links": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type", + "user_programmatic_access_request_id" + ], + "docs_reference_titles": "/organizations/managing-programmatic-access-to-your-organization/managing-requests-for-personal-access-tokens-in-your-organization" + }, + { + "action": "personal_access_token.update", + "description": "A fine-grained personal access token was updated.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "user_programmatic_access_name", + "repository_selection", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens" + }, + { + "action": "premium_runner.create", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "premium_runner.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "premium_runner.update", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "runner_group_id", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting_new_repos.disable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "private_vulnerability_reporting_new_repos.enable", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "profile_picture.update", + "description": "A profile picture was updated.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "owner", + "operation_type" + ], + "docs_reference_titles": "Personalize your profile" + }, + { + "action": "project.access", + "description": "A project board visibility was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.close", + "description": "A project board was closed.", + "docs_reference_links": "/issues/organizing-your-work-with-project-boards/managing-project-boards/closing-a-project-board", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "project_id", + "project_kind" + ], + "docs_reference_titles": "Closing a project (classic)" + }, + { + "action": "project.create", + "description": "A project board was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.delete", + "description": "A project board was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project_field.create", + "description": "A field was created in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/understanding-fields", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/understanding-fields" + }, + { + "action": "project_field.delete", + "description": "A field was deleted in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/understanding-fields/deleting-custom-fields" + }, + { + "action": "project.link", + "description": "A repository was linked to a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.open", + "description": "A project board was reopened.", + "docs_reference_links": "/issues/organizing-your-work-with-project-boards/managing-project-boards/reopening-a-closed-project-board", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "project_id", + "operation_type", + "created_at", + "project_kind", + "project_name" + ], + "docs_reference_titles": "Reopening a closed project (classic)" + }, + { + "action": "project.rename", + "description": "A project board was renamed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "old_name", + "operation_type" + ] + }, + { + "action": "project.unlink", + "description": "A repository was unlinked from a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.update_org_permission", + "description": "The project's base-level permission for all organization members was changed or removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project.update_team_permission", + "description": "A team's project board permission level was changed or when a team was added or removed from a project board.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "team" + ] + }, + { + "action": "project.update_user_permission", + "description": "A user was added to or removed from a project board or had their permission level changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "project_view.create", + "description": "A view was created in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views" + }, + { + "action": "project_view.delete", + "description": "A view was deleted in a project board.", + "docs_reference_links": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/issues/planning-and-tracking-with-projects/customizing-views-in-your-project/managing-your-views" + }, + { + "action": "protected_branch.update_merge_queue_enforcement_level", + "description": "Enforcement of the merge queue was modified for a branch.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "merge_queue_enforcement_level", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-merge-queue" + }, + { + "action": "public_key.create", + "description": "An SSH key was added to a user account or a deploy key was added to a repository.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "read_only", + "operation_type", + "created_at", + "key", + "fingerprint", + "title" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account" + }, + { + "action": "public_key.delete", + "description": "An SSH key was removed from a user account or a deploy key was removed from a repository.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "fingerprint", + "read_only", + "explanation", + "key", + "operation_type", + "title", + "created_at" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/reviewing-your-ssh-keys" + }, + { + "action": "public_key.unverification_failure", + "description": "A user account's SSH key or a repository's deploy key was unable to be unverified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "title", + "key", + "fingerprint", + "read_only", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.unverify", + "description": "A user account's SSH key or a repository's deploy key was unverified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "title", + "key", + "read_only", + "explanation", + "fingerprint" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.update", + "description": "A user account's SSH key or a repository's deploy key was updated.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "fingerprint", + "read_only", + "operation_type", + "created_at", + "title" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.verification_failure", + "description": "A user account's SSH key or a repository's deploy key was unable to be verified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "fingerprint", + "oauth_application_id", + "title", + "created_at", + "read_only", + "operation_type" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "public_key.verify", + "description": "A user account's SSH key or a repository's deploy key was verified.", + "docs_reference_links": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "key", + "fingerprint", + "title", + "read_only" + ], + "docs_reference_titles": "/authentication/connecting-to-github-with-ssh/managing-deploy-keys#deploy-keys" + }, + { + "action": "repo.access", + "description": "The visibility of a repository changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility", + "previous_visibility" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/setting-repository-visibility" + }, + { + "action": "repo.actions_enabled", + "description": "GitHub Actions was enabled for a repository.", + "docs_reference_links": "organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization#using-the-audit-log-api" + }, + { + "action": "repo.add_member", + "description": "A collaborator was added to a repository.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/inviting-collaborators-to-a-personal-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "created_at", + "operation_type", + "oauth_application_id" + ], + "docs_reference_titles": "Inviting collaborators to a personal repository" + }, + { + "action": "repo.add_topic", + "description": "A topic was added to a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "topic", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/classifying-your-repository-with-topics" + }, + { + "action": "repo.advanced_security_disabled", + "description": "GitHub Advanced Security was disabled for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository" + }, + { + "action": "repo.advanced_security_enabled", + "description": "GitHub Advanced Security was enabled for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository" + }, + { + "action": "repo.archived", + "description": "A repository was archived.", + "docs_reference_links": "/repositories/archiving-a-github-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository" + }, + { + "action": "repo.change_merge_setting", + "description": "Pull request merge options were changed for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "repo.code_scanning_analysis_deleted", + "description": "Code scanning analysis for a repository was deleted.", + "docs_reference_links": "/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at", + "public_repo", + "tool", + "category" + ], + "docs_reference_titles": "/rest/code-scanning#delete-a-code-scanning-analysis-from-a-repository" + }, + { + "action": "repo.code_scanning_configuration_for_branch_deleted", + "description": "A code scanning configuration for a branch of a repository was deleted.", + "docs_reference_links": "/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository#removing-stale-configurations-and-alerts-from-a-branch", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "tool", + "branch", + "category", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Resolving code scanning alerts" + }, + { + "action": "repo.config.disable_collaborators_only", + "description": "The interaction limit for collaborators only was disabled.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.disable_contributors_only", + "description": "The interaction limit for prior contributors only was disabled in a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.disable_sockpuppet_disallowed", + "description": "The interaction limit for existing users only was disabled in a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_collaborators_only", + "description": "The interaction limit for collaborators only was enabled in a repository Users that are not collaborators or organization members were unable to interact with a repository for a set duration.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_contributors_only", + "description": "The interaction limit for prior contributors only was enabled in a repository Users that are not prior contributors, collaborators or organization members were unable to interact with a repository for a set duration.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.config.enable_sockpuppet_disallowed", + "description": "The interaction limit for existing users was enabled in a repository New users aren't able to interact with a repository for a set duration Existing users of the repository, contributors, collaborators or organization members are able to interact with a repository.", + "docs_reference_links": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/communities/moderating-comments-and-conversations/limiting-interactions-in-your-repository" + }, + { + "action": "repo.configure_self_hosted_jit_runner", + "description": "A new just-in-time GitHub Actions self-hosted runner was configured", + "docs_reference_links": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository" + }, + { + "action": "repo.create", + "description": "A repository was created.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/creating-a-new-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "request_category", + "created_at", + "oauth_application_id", + "request_method", + "public_repo", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/creating-a-new-repository" + }, + { + "action": "repo.create_actions_secret", + "description": "A GitHub Actions secret was created for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.create_actions_variable", + "description": "A GitHub Actions variable was created for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.create_integration_secret", + "description": "A Codespaces or Dependabot secret was created for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.destroy", + "description": "A repository was deleted.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/deleting-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "request_category", + "visibility", + "created_at", + "request_method", + "oauth_application_id", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/deleting-a-repository" + }, + { + "action": "repo.pages_cname", + "description": "A GitHub Pages custom domain was modified in a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "cname", + "created_at", + "operation_type", + "old_cname" + ] + }, + { + "action": "repo.pages_create", + "description": "A GitHub Pages site was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_destroy", + "description": "A GitHub Pages site was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.pages_https_redirect_disabled", + "description": "HTTPS redirects were disabled for a GitHub Pages site.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_https_redirect_enabled", + "description": "HTTPS redirects were enabled for a GitHub Pages site.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "visibility", + "operation_type" + ] + }, + { + "action": "repo.pages_private", + "description": "A GitHub Pages site visibility was changed to private.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_public", + "description": "A GitHub Pages site visibility was changed to public.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.pages_soft_delete", + "description": "A GitHub Pages site was soft-deleted because its owner's plan changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.pages_soft_delete_restore", + "description": "A GitHub Pages site that was previously soft-deleted was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.pages_source", + "description": "A GitHub Pages source was modified.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "visibility", + "created_at" + ] + }, + { + "action": "repo.register_self_hosted_runner", + "description": "A new self-hosted runner was registered.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners#adding-a-self-hosted-runner-to-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Adding self-hosted runners" + }, + { + "action": "repo.remove_actions_secret", + "description": "A GitHub Actions secret was deleted for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.remove_actions_variable", + "description": "A GitHub Actions variable was deleted for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.remove_integration_secret", + "description": "A Codespaces or Dependabot secret was deleted for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.remove_member", + "description": "A collaborator was removed from a repository.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/removing-a-collaborator-from-a-personal-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "Removing a collaborator from a personal repository" + }, + { + "action": "repo.remove_self_hosted_runner", + "description": "A self-hosted runner was removed.", + "docs_reference_links": "/actions/hosting-your-own-runners/managing-self-hosted-runners/removing-self-hosted-runners#removing-a-runner-from-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Removing self-hosted runners" + }, + { + "action": "repo.remove_topic", + "description": "A topic was removed from a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "topic", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.rename", + "description": "A repository was renamed.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/renaming-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_name", + "created_at", + "operation_type", + "visibility" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/renaming-a-repository" + }, + { + "action": "repo.restore", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "repo.set_actions_fork_pr_approvals_policy", + "description": "The setting for requiring approvals for workflows from public forks was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "created_at", + "operation_type", + "public_repo" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-required-approval-for-workflows-from-public-forks" + }, + { + "action": "repo.set_actions_private_fork_pr_approvals_policy", + "description": "The policy for requiring approval for fork pull request workflows from collaborators without write access to private repos was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-forks-of-private-repositories" + }, + { + "action": "repo.set_actions_retention_limit", + "description": "The retention period for GitHub Actions artifacts and logs in a repository was changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "limit", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-repository" + }, + { + "action": "repo.set_default_workflow_permissions", + "description": "The default permissions granted to the GITHUB_TOKEN when running workflows were changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository" + }, + { + "action": "repo.set_fork_pr_workflows_policy", + "description": "Triggered when the policy for workflows on private repository forks is changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#enabling-workflows-for-private-repository-forks" + }, + { + "action": "repo.set_workflow_permission_can_approve_pr", + "description": "The policy for allowing GitHub Actions to create and approve pull requests was changed for a repository.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests" + }, + { + "action": "repo.staff_unlock", + "description": "An enterprise owner or GitHub staff (with permission from a repository administrator) temporarily unlocked the repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.temporary_access_granted", + "description": "Temporary access was enabled for a repository.", + "docs_reference_links": "/admin/user-management/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Accessing user-owned repositories in your enterprise" + }, + { + "action": "repo.transfer", + "description": "A user accepted a request to receive a transferred repository.", + "docs_reference_links": "/repositories/creating-and-managing-repositories/transferring-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "owner", + "old_user", + "operation_type", + "created_at", + "visibility", + "repo_was" + ], + "docs_reference_titles": "/repositories/creating-and-managing-repositories/transferring-a-repository" + }, + { + "action": "repo.transfer_outgoing", + "description": "A repository was transferred to another repository network.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "new_nwo", + "visibility", + "created_at", + "operation_type", + "public_repo" + ] + }, + { + "action": "repo.transfer_start", + "description": "A user sent a request to transfer a repository to another user or organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ] + }, + { + "action": "repo.unarchived", + "description": "A repository was unarchived.", + "docs_reference_links": "/repositories/archiving-a-github-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "visibility" + ], + "docs_reference_titles": "/repositories/archiving-a-github-repository" + }, + { + "action": "repo.update_actions_access_settings", + "description": "The setting to control how a repository was used by GitHub Actions workflows in other repositories was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "policy", + "old_policy", + "created_at", + "operation_type" + ] + }, + { + "action": "repo.update_actions_secret", + "description": "A GitHub Actions secret was updated for a repository.", + "docs_reference_links": "/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "key", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Using secrets in GitHub Actions" + }, + { + "action": "repo.update_actions_settings", + "description": "A repository administrator changed GitHub Actions policy settings for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "new_policy", + "old_policy", + "updated_access_policy", + "actor_is_bot" + ] + }, + { + "action": "repo.update_actions_variable", + "description": "A GitHub Actions variable was updated for a repository.", + "docs_reference_links": "/actions/learn-github-actions/variables#creating-configuration-variables-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "public_repo", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Store information in variables" + }, + { + "action": "repo.update_default_branch", + "description": "The default branch for a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "visibility", + "operation_type", + "created_at", + "actor_is_bot" + ] + }, + { + "action": "repo.update_integration_secret", + "description": "A Codespaces or Dependabot secret was updated for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "repo.update_member", + "description": "A user's permission to a repository was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type", + "visibility", + "old_permission", + "old_base_role", + "old_repo_permission", + "old_repo_base_role", + "new_repo_base_role", + "new_repo_permission", + "actor_is_bot" + ] + }, + { + "action": "repository_image.create", + "description": "An image to represent a repository was uploaded.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "content_type" + ] + }, + { + "action": "repository_image.destroy", + "description": "An image to represent a repository was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "content_type", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_invitation.accept", + "description": "An invitation to join a repository was accepted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "invitee", + "operation_type", + "inviter" + ] + }, + { + "action": "repository_invitation.cancel", + "description": "An invitation to join a repository was canceled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "inviter", + "operation_type", + "invitee", + "created_at" + ] + }, + { + "action": "repository_invitation.create", + "description": "An invitation to join a repository was sent.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitee", + "inviter", + "created_at", + "operation_type" + ] + }, + { + "action": "repository_invitation.reject", + "description": "An invitation to join a repository was declined.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "invitee", + "operation_type", + "created_at", + "inviter" + ] + }, + { + "action": "repository_ruleset.create", + "description": "A repository ruleset was created.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules", + "ruleset_conditions", + "ruleset_bypass_actors" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/creating-rulesets-for-a-repository" + }, + { + "action": "repository_ruleset.destroy", + "description": "A repository ruleset was deleted.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules", + "ruleset_bypass_actors" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#deleting-a-ruleset" + }, + { + "action": "repository_ruleset.update", + "description": "A repository ruleset was edited.", + "docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_name", + "public_repo", + "created_at", + "operation_type", + "ruleset_id", + "ruleset_name", + "ruleset_enforcement", + "ruleset_source_type", + "ruleset_rules_updated", + "ruleset_conditions_added", + "ruleset_conditions_deleted", + "ruleset_old_enforcement", + "ruleset_rules_added", + "ruleset_rules_deleted", + "ruleset_old_name", + "ruleset_conditions_updated", + "ruleset_bypass_actors_added", + "ruleset_bypass_actors_deleted", + "ruleset_bypass_actors_updated", + "actor_is_bot" + ], + "docs_reference_titles": "/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/managing-rulesets-for-a-repository#editing-a-ruleset" + }, + { + "action": "security_key.register", + "description": "A security key was registered for an account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "security_key.remove", + "description": "A security key was removed from an account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "sponsors.agreement_sign", + "description": "A GitHub Sponsors agreement was signed on behalf of an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.custom_amount_settings_change", + "description": "Custom amounts for GitHub Sponsors were enabled or disabled, or the suggested custom amount was changed.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers" + }, + { + "action": "sponsors.fiscal_host_change", + "description": "The fiscal host for a GitHub Sponsors listing was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.repo_funding_links_file_action", + "description": "The FUNDING file in a repository was changed.", + "docs_reference_links": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository" + }, + { + "action": "sponsors.sponsor_sponsorship_cancel", + "description": "A sponsorship was canceled.", + "docs_reference_links": "/billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Downgrading a sponsorship" + }, + { + "action": "sponsors.sponsor_sponsorship_create", + "description": "A sponsorship was created, by sponsoring an account.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes" + }, + { + "action": "sponsors.sponsor_sponsorship_payment_complete", + "description": "After you sponsor an account and a payment has been processed, the sponsorship payment was marked as complete.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "active", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/about-sponsorships-fees-and-taxes" + }, + { + "action": "sponsors.sponsor_sponsorship_preference_change", + "description": "The option to receive email updates from a sponsored account was changed.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/sponsoring-open-source-contributors/managing-your-sponsorship" + }, + { + "action": "sponsors.sponsor_sponsorship_tier_change", + "description": "A sponsorship was upgraded or downgraded.", + "docs_reference_links": "/billing/managing-billing-for-github-sponsors/upgrading-a-sponsorship, /billing/managing-billing-for-github-sponsors/downgrading-a-sponsorship", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Upgrading a sponsorship, Downgrading a sponsorship" + }, + { + "action": "sponsors.sponsored_developer_approve", + "description": "A GitHub Sponsors account was approved.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_create", + "description": "A GitHub Sponsors account was created.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_disable", + "description": "A GitHub Sponsors account was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "operation_type", + "created_at" + ] + }, + { + "action": "sponsors.sponsored_developer_profile_update", + "description": "The profile for GitHub Sponsors account was edited.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/editing-your-profile-details-for-github-sponsors" + }, + { + "action": "sponsors.sponsored_developer_redraft", + "description": "A GitHub Sponsors account was returned to draft state from approved state.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.sponsored_developer_request_approval", + "description": "An application for GitHub Sponsors was submitted for approval.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.sponsored_developer_tier_description_update", + "description": "The description for a sponsorship tier was changed.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/managing-your-sponsorship-tiers" + }, + { + "action": "sponsors.sponsored_developer_update_newsletter_send", + "description": "Triggered when you send an email update to your sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/contacting-your-sponsors" + }, + { + "action": "sponsors.sponsors_patreon_user_create", + "description": "A Patreon account was linked to a user account for use with GitHub Sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "patreon_email", + "patreon_username", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/enabling-sponsorships-through-patreon#linking-your-patreon-account-to-your-github-account" + }, + { + "action": "sponsors.sponsors_patreon_user_destroy", + "description": "A Patreon account for use with GitHub Sponsors was unlinked from a user account.", + "docs_reference_links": "/sponsors/sponsoring-open-source-contributors/unlinking-your-patreon-account-from-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "patreon_email", + "patreon_username", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Unlinking your Patreon account from GitHub" + }, + { + "action": "sponsors.update_tier_repository", + "description": "A GitHub Sponsors tier changed access for a repository.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.update_tier_welcome_message", + "description": "The welcome message for a GitHub Sponsors tier for an organization was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "sponsors.waitlist_join", + "description": "You join the waitlist to join GitHub Sponsors.", + "docs_reference_links": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "/sponsors/receiving-sponsorships-through-github-sponsors/setting-up-github-sponsors-for-your-personal-account" + }, + { + "action": "sponsors.withdraw_agreement_signature", + "description": "A signature was withdrawn from a GitHub Sponsors agreement that applies to an organization.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "sponsors_listing_id", + "created_at", + "operation_type" + ] + }, + { + "action": "successor_invitation.accept", + "description": "Triggered when you accept a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.cancel", + "description": "Triggered when you cancel a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.create", + "description": "Triggered when you create a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.decline", + "description": "Triggered when you decline a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "successor_invitation.destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "successor_invitation.revoke", + "description": "Triggered when you revoke a succession invitation.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-access-to-your-personal-repositories/maintaining-ownership-continuity-of-your-personal-accounts-repositories", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Maintaining ownership continuity of your personal account's repositories" + }, + { + "action": "trusted_device.register", + "description": "A new trusted device was added.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "trusted_device.remove", + "description": "A trusted device was removed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_account_recovery.abort", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.complete", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.ignore", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.staff_approve", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "two_factor_account_recovery.staff_decline", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_account_recovery.start", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_account_recovery.two_factor_destroy", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.add_factor", + "description": "A secondary authentication factor was added to a user account.", + "docs_reference_links": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication" + }, + { + "action": "two_factor_authentication.disabled", + "description": "Two-factor authentication was disabled for a user account.", + "docs_reference_links": "https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/disabling-two-factor-authentication-for-your-personal-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Disabling two-factor authentication for your personal account" + }, + { + "action": "two_factor_authentication.enabled", + "description": "Two-factor authentication was enabled for a user account.", + "docs_reference_links": "https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Configuring two-factor authentication" + }, + { + "action": "two_factor_authentication.password_reset_fallback_sms", + "description": "A one-time password code was sent to a user account fallback phone number.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.recovery_codes_regenerated", + "description": "Two factor recovery codes were regenerated for a user account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.remove_factor", + "description": "A secondary authentication factor was removed from a user account.", + "docs_reference_links": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication" + }, + { + "action": "two_factor_authentication.sign_in_fallback_sms", + "description": "A one-time password code was sent to a user account fallback phone number.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "two_factor_authentication.update_fallback", + "description": "The two-factor authentication fallback for a user account was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.add_email", + "description": "An email address was added to a user account.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-email-preferences/adding-an-email-address-to-your-github-account", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "email", + "created_at" + ], + "docs_reference_titles": "Adding an email address to your GitHub account" + }, + { + "action": "user.async_delete", + "description": "An asynchronous job was started to destroy a user account, eventually triggering a user.delete event.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.audit_log_export", + "description": "Audit log entries were exported.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.block_user", + "description": "A user was blocked by another user.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "blocked_user", + "operation_type", + "created_at" + ] + }, + { + "action": "user.change_password", + "description": "A user changed their password.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.codespaces_trusted_repo_access_granted", + "description": "Triggered when you allow the codespaces you create for a repository to access other repositories owned by your personal account.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "user.codespaces_trusted_repo_access_revoked", + "description": "Triggered when you disallow the codespaces you create for a repository to access other repositories owned by your personal account.", + "docs_reference_links": "/codespaces/managing-codespaces-for-your-organization/managing-repository-access-for-your-organizations-codespaces", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Managing access to other repositories within your codespace" + }, + { + "action": "user.create", + "description": "A new user account was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "email", + "operation_type", + "created_at" + ] + }, + { + "action": "user.create_integration_secret", + "description": "A user secret for Codespaces was created.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "created_at", + "operation_type" + ] + }, + { + "action": "user.creation_rate_limit_exceeded", + "description": "The rate of creation of user accounts, applications, issues, pull requests or other resources exceeded the configured rate limits, or too many users were followed too quickly.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "oauth_application_id" + ] + }, + { + "action": "user.delete", + "description": "A user account was destroyed by an asynchronous job.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.demote", + "description": "A site administrator was demoted to an ordinary user account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "created_at", + "operation_type" + ] + }, + { + "action": "user.destroy", + "description": "A user deleted his or her account, triggering user.async_delete.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.device_verification_failure", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.device_verification_requested", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.device_verification_success", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.disable_collaborators_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.disable_contributors_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.disable_sockpuppet_disallowed", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user_email.confirm_claim", + "description": "An enterprise managed user claimed an email address.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "user_email.mark_as_unclaimed", + "description": "N/A", + "docs_reference_links": "An enterprise managed user unclaimed an email address.", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type", + "actor_is_bot" + ], + "docs_reference_titles": "An, GitHub Help Documentation, managed, user, unclaimed, an, email, address." + }, + { + "action": "user.enable_collaborators_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.enable_contributors_only", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.enable_sockpuppet_disallowed", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.failed_login", + "description": "A user tried to sign in with an incorrect username, password, or two-factor authentication code.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.forgot_password", + "description": "A user requested a password reset.", + "docs_reference_links": "/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "email", + "created_at" + ], + "docs_reference_titles": "/authentication/keeping-your-account-and-data-secure/updating-your-github-access-credentials" + }, + { + "action": "user.grant_github_developer", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.hide_private_contributions_count", + "description": "A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now hidden.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "Manage visibility settings for private contributions" + }, + { + "action": "user.login", + "description": "A user signed in.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "passkey_nickname" + ] + }, + { + "action": "user.logout", + "description": "A user signed out.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.new_device_used", + "description": "A user signed in from a new device.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.promote", + "description": "An ordinary user account was promoted to a site administrator.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "oauth_application_id", + "operation_type" + ] + }, + { + "action": "user.recreate", + "description": "A user's account was restored.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.remove_email", + "description": "An email address was removed from a user account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "email" + ] + }, + { + "action": "user.remove_integration_secret", + "description": "A user secret for Codespaces was deleted.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "integration", + "created_at", + "operation_type" + ] + }, + { + "action": "user.rename", + "description": "A username was changed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "old_login", + "created_at", + "operation_type" + ] + }, + { + "action": "user.reset_password", + "description": "A user reset their account password.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user_session.country_change", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.show_private_contributions_count", + "description": "A user changed the visibility of their private contributions. The number of contributions to private repositories on the user's profile are now shown.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/managing-contribution-settings-on-your-profile/showing-your-private-contributions-and-achievements-on-your-profile", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ], + "docs_reference_titles": "Manage visibility settings for private contributions" + }, + { + "action": "user.sign_in_from_unrecognized_device", + "description": "A user signed in from an unrecognized device.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.sign_in_from_unrecognized_device_and_location", + "description": "A user signed in from an unrecognized device and location.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user_status.destroy", + "description": "Triggered when you clear the status on your profile.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "message", + "created_at", + "limited_availability", + "emoji", + "operation_type" + ] + }, + { + "action": "user_status.update", + "description": "Triggered when you set or change the status on your profile.", + "docs_reference_links": "/account-and-profile/setting-up-and-managing-your-github-profile/customizing-your-profile/personalizing-your-profile#setting-a-status", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "limited_availability", + "message", + "created_at", + "emoji", + "operation_type" + ], + "docs_reference_titles": "Personalize your profile" + }, + { + "action": "user.suspend", + "description": "A user account was suspended.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "user.toggle_warn_private_email", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_challenge_failure", + "description": "A 2FA challenge issued for a user account failed.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_challenge_success", + "description": "A 2FA challenge issued for a user account succeeded.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recover", + "description": "A user used their 2FA recovery codes.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recovery_codes_downloaded", + "description": "A user downloaded 2FA recovery codes for their account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recovery_codes_printed", + "description": "A user printed 2FA recovery codes for their account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at" + ] + }, + { + "action": "user.two_factor_recovery_codes_viewed", + "description": "A user viewed 2FA recovery codes for their account.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "user.two_factor_requested", + "description": "A user was prompted for a two-factor authentication code.", + "docs_reference_links": "/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ], + "docs_reference_titles": "/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication" + }, + { + "action": "user.unblock_user", + "description": "A user was unblocked by another user.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "blocked_user", + "operation_type", + "created_at" + ] + }, + { + "action": "user.unsuspend", + "description": "A user account was unsuspended.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "oauth_application_id", + "operation_type", + "created_at" + ] + }, + { + "action": "user.update_integration_secret", + "description": "A user secret for Codespaces was updated.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "key", + "visibility", + "integration", + "created_at", + "operation_type" + ] + }, + { + "action": "user.update_new_repository_default_branch_setting", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.approve_workflow_job", + "description": "A workflow job was approved.", + "docs_reference_links": "/actions/managing-workflow-runs/reviewing-deployments", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Reviewing deployments" + }, + { + "action": "workflows.bypass_protection_rules", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.comment_workflow_job", + "description": "N/A", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "public_repo", + "created_at", + "operation_type" + ] + }, + { + "action": "workflows.delete_workflow_run", + "description": "A workflow run was deleted.", + "docs_reference_links": "/actions/managing-workflow-runs/deleting-a-workflow-run", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "operation_type", + "created_at", + "workflow_run_id", + "started_at", + "head_branch", + "head_sha", + "trigger_id" + ], + "docs_reference_titles": "Deleting a workflow run" + }, + { + "action": "workflows.disable_workflow", + "description": "A workflow was disabled.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_id", + "operation_type", + "created_at", + "public_repo", + "actor_is_bot" + ] + }, + { + "action": "workflows.enable_workflow", + "description": "A workflow was enabled, after previously being disabled by disable_workflow.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_id", + "operation_type", + "created_at", + "public_repo" + ] + }, + { + "action": "workflows.pin_workflow", + "description": "A workflow was pinned.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "workflow_id", + "created_at", + "operation_type", + "actor_is_bot" + ] + }, + { + "action": "workflows.reject_workflow_job", + "description": "A workflow job was rejected.", + "docs_reference_links": "/actions/managing-workflow-runs/reviewing-deployments", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "workflow_run_id", + "run_number", + "operation_type", + "created_at", + "public_repo" + ], + "docs_reference_titles": "Reviewing deployments" + }, + { + "action": "workflows.unpin_workflow", + "description": "A workflow was unpinned after previously being pinned.", + "docs_reference_links": "N/A", + "fields": [ + "@timestamp", + "_document_id", + "action", + "actor", + "actor_id", + "business", + "business_id", + "hashed_token", + "org", + "org_id", + "programmatic_access_type", + "repo", + "repo_id", + "repository", + "repository_id", + "request_access_security_header", + "request_id", + "token_id", + "token_scopes", + "user", + "user_id", + "user_agent", + "public_repo", + "workflow_id", + "created_at", + "operation_type", + "actor_is_bot" + ] + } +] \ No newline at end of file diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json index efd6277f6c81..678bad84071e 100644 --- a/src/audit-logs/lib/config.json +++ b/src/audit-logs/lib/config.json @@ -9,5 +9,5 @@ "git": "Note: Git events have special access requirements and retention policies that differ from other audit log events. For GitHub Enterprise Cloud, access Git events via the REST API only with 7-day retention. For GitHub Enterprise Server, Git events must be enabled in audit log configuration and are not included in search results.", "sso_redirect": "Note: Automatically redirecting users to sign in is currently in beta for Enterprise Managed Users and subject to change." }, - "sha": "9df25a1e15e65e600ce78a0a9445486054c6ddc1" + "sha": "17892fd6d59e02d07b2250c769d5c2f9da99542e" } \ No newline at end of file diff --git a/src/github-apps/data/fpt-2022-11-28/fine-grained-pat-permissions.json b/src/github-apps/data/fpt-2022-11-28/fine-grained-pat-permissions.json index 4b097db480dc..642d1fe2e282 100644 --- a/src/github-apps/data/fpt-2022-11-28/fine-grained-pat-permissions.json +++ b/src/github-apps/data/fpt-2022-11-28/fine-grained-pat-permissions.json @@ -983,6 +983,180 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -4835,6 +5009,126 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json b/src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json index 666c87c9c771..cca1c85e181c 100644 --- a/src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json +++ b/src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json @@ -1191,6 +1191,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "billing": [ { "slug": "get-all-budgets-for-an-organization", diff --git a/src/github-apps/data/fpt-2022-11-28/server-to-server-permissions.json b/src/github-apps/data/fpt-2022-11-28/server-to-server-permissions.json index 5ee6e1c47146..5f46984f9ec7 100644 --- a/src/github-apps/data/fpt-2022-11-28/server-to-server-permissions.json +++ b/src/github-apps/data/fpt-2022-11-28/server-to-server-permissions.json @@ -1442,6 +1442,216 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -6236,6 +6446,150 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/fpt-2022-11-28/server-to-server-rest.json b/src/github-apps/data/fpt-2022-11-28/server-to-server-rest.json index 0c0e60cf67f7..de0d8c392998 100644 --- a/src/github-apps/data/fpt-2022-11-28/server-to-server-rest.json +++ b/src/github-apps/data/fpt-2022-11-28/server-to-server-rest.json @@ -1251,6 +1251,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "apps": [ { "slug": "get-an-app", diff --git a/src/github-apps/data/fpt-2022-11-28/user-to-server-rest.json b/src/github-apps/data/fpt-2022-11-28/user-to-server-rest.json index c60af9234b33..868baa4408ac 100644 --- a/src/github-apps/data/fpt-2022-11-28/user-to-server-rest.json +++ b/src/github-apps/data/fpt-2022-11-28/user-to-server-rest.json @@ -1281,6 +1281,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "apps": [ { "slug": "get-an-app", diff --git a/src/github-apps/data/fpt-2026-03-10/fine-grained-pat-permissions.json b/src/github-apps/data/fpt-2026-03-10/fine-grained-pat-permissions.json index 4b097db480dc..642d1fe2e282 100644 --- a/src/github-apps/data/fpt-2026-03-10/fine-grained-pat-permissions.json +++ b/src/github-apps/data/fpt-2026-03-10/fine-grained-pat-permissions.json @@ -983,6 +983,180 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -4835,6 +5009,126 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/fpt-2026-03-10/fine-grained-pat.json b/src/github-apps/data/fpt-2026-03-10/fine-grained-pat.json index 666c87c9c771..cca1c85e181c 100644 --- a/src/github-apps/data/fpt-2026-03-10/fine-grained-pat.json +++ b/src/github-apps/data/fpt-2026-03-10/fine-grained-pat.json @@ -1191,6 +1191,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "billing": [ { "slug": "get-all-budgets-for-an-organization", diff --git a/src/github-apps/data/fpt-2026-03-10/server-to-server-permissions.json b/src/github-apps/data/fpt-2026-03-10/server-to-server-permissions.json index 5ee6e1c47146..5f46984f9ec7 100644 --- a/src/github-apps/data/fpt-2026-03-10/server-to-server-permissions.json +++ b/src/github-apps/data/fpt-2026-03-10/server-to-server-permissions.json @@ -1442,6 +1442,216 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -6236,6 +6446,150 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/fpt-2026-03-10/server-to-server-rest.json b/src/github-apps/data/fpt-2026-03-10/server-to-server-rest.json index 0c0e60cf67f7..de0d8c392998 100644 --- a/src/github-apps/data/fpt-2026-03-10/server-to-server-rest.json +++ b/src/github-apps/data/fpt-2026-03-10/server-to-server-rest.json @@ -1251,6 +1251,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "apps": [ { "slug": "get-an-app", diff --git a/src/github-apps/data/fpt-2026-03-10/user-to-server-rest.json b/src/github-apps/data/fpt-2026-03-10/user-to-server-rest.json index c60af9234b33..868baa4408ac 100644 --- a/src/github-apps/data/fpt-2026-03-10/user-to-server-rest.json +++ b/src/github-apps/data/fpt-2026-03-10/user-to-server-rest.json @@ -1281,6 +1281,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "apps": [ { "slug": "get-an-app", diff --git a/src/github-apps/data/ghec-2022-11-28/fine-grained-pat-permissions.json b/src/github-apps/data/ghec-2022-11-28/fine-grained-pat-permissions.json index 6a4101ca8fa9..897187a7a0e4 100644 --- a/src/github-apps/data/ghec-2022-11-28/fine-grained-pat-permissions.json +++ b/src/github-apps/data/ghec-2022-11-28/fine-grained-pat-permissions.json @@ -1019,6 +1019,180 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -5372,6 +5546,126 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/ghec-2022-11-28/fine-grained-pat.json b/src/github-apps/data/ghec-2022-11-28/fine-grained-pat.json index c671ba06b4e6..effe1542474a 100644 --- a/src/github-apps/data/ghec-2022-11-28/fine-grained-pat.json +++ b/src/github-apps/data/ghec-2022-11-28/fine-grained-pat.json @@ -1191,6 +1191,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "announcement-banners": [ { "slug": "get-announcement-banner-for-organization", diff --git a/src/github-apps/data/ghec-2022-11-28/server-to-server-permissions.json b/src/github-apps/data/ghec-2022-11-28/server-to-server-permissions.json index c9fb081a3782..aa459ff6123d 100644 --- a/src/github-apps/data/ghec-2022-11-28/server-to-server-permissions.json +++ b/src/github-apps/data/ghec-2022-11-28/server-to-server-permissions.json @@ -2161,6 +2161,216 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -7558,6 +7768,150 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/ghec-2022-11-28/server-to-server-rest.json b/src/github-apps/data/ghec-2022-11-28/server-to-server-rest.json index 5641cee53065..a9745deb84af 100644 --- a/src/github-apps/data/ghec-2022-11-28/server-to-server-rest.json +++ b/src/github-apps/data/ghec-2022-11-28/server-to-server-rest.json @@ -1263,6 +1263,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "announcement-banners": [ { "slug": "get-announcement-banner-for-organization", diff --git a/src/github-apps/data/ghec-2022-11-28/user-to-server-rest.json b/src/github-apps/data/ghec-2022-11-28/user-to-server-rest.json index b38e3384c78e..031339938fcb 100644 --- a/src/github-apps/data/ghec-2022-11-28/user-to-server-rest.json +++ b/src/github-apps/data/ghec-2022-11-28/user-to-server-rest.json @@ -1293,6 +1293,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "announcement-banners": [ { "slug": "get-announcement-banner-for-organization", diff --git a/src/github-apps/data/ghec-2026-03-10/fine-grained-pat-permissions.json b/src/github-apps/data/ghec-2026-03-10/fine-grained-pat-permissions.json index 6a4101ca8fa9..897187a7a0e4 100644 --- a/src/github-apps/data/ghec-2026-03-10/fine-grained-pat-permissions.json +++ b/src/github-apps/data/ghec-2026-03-10/fine-grained-pat-permissions.json @@ -1019,6 +1019,180 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "additional-permissions": true, + "access": "write" + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -5372,6 +5546,126 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "additional-permissions": false, + "access": "write" + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "read" + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "additional-permissions": false, + "access": "write" + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/ghec-2026-03-10/fine-grained-pat.json b/src/github-apps/data/ghec-2026-03-10/fine-grained-pat.json index c671ba06b4e6..effe1542474a 100644 --- a/src/github-apps/data/ghec-2026-03-10/fine-grained-pat.json +++ b/src/github-apps/data/ghec-2026-03-10/fine-grained-pat.json @@ -1191,6 +1191,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "announcement-banners": [ { "slug": "get-announcement-banner-for-organization", diff --git a/src/github-apps/data/ghec-2026-03-10/server-to-server-permissions.json b/src/github-apps/data/ghec-2026-03-10/server-to-server-permissions.json index c9fb081a3782..aa459ff6123d 100644 --- a/src/github-apps/data/ghec-2026-03-10/server-to-server-permissions.json +++ b/src/github-apps/data/ghec-2026-03-10/server-to-server-permissions.json @@ -2161,6 +2161,216 @@ } ] }, + "organization_agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Organization permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, + "organization_agent_variables": { + "title": "Agent variables", + "displayTitle": "Organization permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + }, + { + "category": "agents", + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": true + } + ] + }, "organization_user_blocking": { "title": "Blocking users", "displayTitle": "Organization permissions for \"Blocking users\"", @@ -7558,6 +7768,150 @@ } ] }, + "agent_secrets": { + "title": "Agent secrets", + "displayTitle": "Repository permissions for \"Agent secrets\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, + "agent_variables": { + "title": "Agent variables", + "displayTitle": "Repository permissions for \"Agent variables\"", + "permissions": [ + { + "category": "agents", + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "read", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + }, + { + "category": "agents", + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "access": "write", + "user-to-server": true, + "server-to-server": true, + "additional-permissions": false + } + ] + }, "artifact_metadata": { "title": "Artifact metadata", "displayTitle": "Repository permissions for \"Artifact metadata\"", diff --git a/src/github-apps/data/ghec-2026-03-10/server-to-server-rest.json b/src/github-apps/data/ghec-2026-03-10/server-to-server-rest.json index 5641cee53065..a9745deb84af 100644 --- a/src/github-apps/data/ghec-2026-03-10/server-to-server-rest.json +++ b/src/github-apps/data/ghec-2026-03-10/server-to-server-rest.json @@ -1263,6 +1263,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "announcement-banners": [ { "slug": "get-announcement-banner-for-organization", diff --git a/src/github-apps/data/ghec-2026-03-10/user-to-server-rest.json b/src/github-apps/data/ghec-2026-03-10/user-to-server-rest.json index b38e3384c78e..031339938fcb 100644 --- a/src/github-apps/data/ghec-2026-03-10/user-to-server-rest.json +++ b/src/github-apps/data/ghec-2026-03-10/user-to-server-rest.json @@ -1293,6 +1293,188 @@ "requestPath": "/users/{username}/subscriptions" } ], + "agents": [ + { + "slug": "list-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets" + }, + { + "slug": "get-an-organization-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key" + }, + { + "slug": "get-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}" + }, + { + "slug": "list-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "create-an-organization-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables" + }, + { + "slug": "get-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "update-an-organization-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "delete-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}" + }, + { + "slug": "list-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "set-selected-repositories-for-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories" + }, + { + "slug": "add-selected-repository-to-an-organization-variable", + "subcategory": "variables", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "remove-selected-repository-from-an-organization-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}" + }, + { + "slug": "list-repository-organization-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets" + }, + { + "slug": "list-repository-organization-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables" + }, + { + "slug": "list-repository-secrets", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets" + }, + { + "slug": "get-a-repository-public-key", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key" + }, + { + "slug": "get-a-repository-secret", + "subcategory": "secrets", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "create-or-update-a-repository-secret", + "subcategory": "secrets", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "delete-a-repository-secret", + "subcategory": "secrets", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}" + }, + { + "slug": "list-repository-variables", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "create-a-repository-variable", + "subcategory": "variables", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables" + }, + { + "slug": "get-a-repository-variable", + "subcategory": "variables", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "update-a-repository-variable", + "subcategory": "variables", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + }, + { + "slug": "delete-a-repository-variable", + "subcategory": "variables", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}" + } + ], "announcement-banners": [ { "slug": "get-announcement-banner-for-organization", diff --git a/src/github-apps/lib/config.json b/src/github-apps/lib/config.json index 1ccdce06ae36..8e378edee2a7 100644 --- a/src/github-apps/lib/config.json +++ b/src/github-apps/lib/config.json @@ -60,5 +60,5 @@ "2022-11-28" ] }, - "sha": "d0fa019e82a366eaa70a2b6238076d5b3c427c2c" + "sha": "88dc3d8d8159aa2513e49fbc62651e4e5b67af6d" } \ No newline at end of file diff --git a/src/rest/data/fpt-2022-11-28/agents.json b/src/rest/data/fpt-2022-11-28/agents.json new file mode 100644 index 000000000000..af266666b3f1 --- /dev/null +++ b/src/rest/data/fpt-2022-11-28/agents.json @@ -0,0 +1,4647 @@ +{ + "secrets": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "title": "List organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in an organization without revealing their\nencrypted values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "secrets": [ + { + "name": "GIST_ID", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "DEPLOY_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "title": "Get an organization public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Get an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single organization secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + }, + "schema": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Create or update an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

" + } + ], + "descriptionHTML": "

Creates or updates an organization secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Delete an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in an organization using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "List selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_downloads": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "Set selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Add selected repository to an organization secret and Remove selected repository from an organization secret endpoints.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Add selected repository to an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization secret when the visibility for\nrepository access is set to selected. For more information about setting the visibility, see Create or\nupdate an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

No Content when repository was added to the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content when repository was added to the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when repository was removed from the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

Response when repository was removed from the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "title": "List repository organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization secrets shared with a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "title": "List repository secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "title": "Get a repository public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Get a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single repository secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Create or update a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates or updates a repository secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Delete a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in a repository using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + } + ], + "variables": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "title": "List organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all agent variables available in an organization.\nReturned variables include their values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "ACTIONS_RUNNER_DEBUG", + "value": true, + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "ADMIN_EMAIL", + "value": "octocat@github.com", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/ADMIN_EMAIL/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "title": "Create an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Creates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a variable

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a variable

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Get an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific agent variable in an organization.

\n

The authenticated user must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/USERNAME/repositories" + }, + "schema": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Update an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Updates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Delete an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes an organization agent variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "List selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that can access an organization agent variable\nthat is available to selected repositories.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_downloads": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "Set selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

The IDs of the repositories that can access the organization variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization agent variable that is available\nto selected repositories. Organization variables that are available to selected\nrepositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Add selected repository to an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization agent variable that is available to selected repositories.\nOrganization variables that are available to selected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization agent variable that is\navailable to selected repositories. Organization variables that are available to\nselected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "title": "List repository organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization variables shared with a repository.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "List repository variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repository variables.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "Create a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Get a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific variable in a repository.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2021-08-10T14:59:22Z", + "updated_at": "2022-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Update a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + } + ], + "descriptionHTML": "

Updates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Delete a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a repository variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + } + ] +} \ No newline at end of file diff --git a/src/rest/data/fpt-2022-11-28/copilot.json b/src/rest/data/fpt-2022-11-28/copilot.json index eef157d3dcfc..747369a41ae2 100644 --- a/src/rest/data/fpt-2022-11-28/copilot.json +++ b/src/rest/data/fpt-2022-11-28/copilot.json @@ -4855,6 +4855,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -5944,6 +5952,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/fpt-2022-11-28/enterprise-teams.json b/src/rest/data/fpt-2022-11-28/enterprise-teams.json index 0c6a9944d082..ad0d25f110be 100644 --- a/src/rest/data/fpt-2022-11-28/enterprise-teams.json +++ b/src/rest/data/fpt-2022-11-28/enterprise-teams.json @@ -123,6 +123,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -219,6 +227,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. You can get this value from the REST API endpoints for SCIM.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n\n

Default: notifications_enabled

", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To create an enterprise team, the authenticated user must be an owner of the enterprise.

", @@ -309,6 +326,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -456,6 +481,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -559,6 +592,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. The new IdP group will replace the existing one, or replace existing direct members if the team isn't currently linked to an IdP group.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To edit a team, the authenticated user must be an enterprise owner.

", @@ -650,6 +692,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/fpt-2026-03-10/agents.json b/src/rest/data/fpt-2026-03-10/agents.json new file mode 100644 index 000000000000..642fcf69976e --- /dev/null +++ b/src/rest/data/fpt-2026-03-10/agents.json @@ -0,0 +1,4641 @@ +{ + "secrets": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "title": "List organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in an organization without revealing their\nencrypted values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "secrets": [ + { + "name": "GIST_ID", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "DEPLOY_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "title": "Get an organization public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Get an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single organization secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + }, + "schema": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Create or update an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

" + } + ], + "descriptionHTML": "

Creates or updates an organization secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Delete an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in an organization using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "List selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "Set selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Add selected repository to an organization secret and Remove selected repository from an organization secret endpoints.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Add selected repository to an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization secret when the visibility for\nrepository access is set to selected. For more information about setting the visibility, see Create or\nupdate an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

No Content when repository was added to the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content when repository was added to the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when repository was removed from the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

Response when repository was removed from the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "title": "List repository organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization secrets shared with a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "title": "List repository secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "title": "Get a repository public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Get a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single repository secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Create or update a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates or updates a repository secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Delete a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in a repository using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + } + ], + "variables": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "title": "List organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all agent variables available in an organization.\nReturned variables include their values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "ACTIONS_RUNNER_DEBUG", + "value": true, + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "ADMIN_EMAIL", + "value": "octocat@github.com", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/ADMIN_EMAIL/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "title": "Create an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Creates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a variable

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a variable

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Get an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific agent variable in an organization.

\n

The authenticated user must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/USERNAME/repositories" + }, + "schema": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Update an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Updates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Delete an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes an organization agent variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "List selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that can access an organization agent variable\nthat is available to selected repositories.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "Set selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

The IDs of the repositories that can access the organization variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization agent variable that is available\nto selected repositories. Organization variables that are available to selected\nrepositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Add selected repository to an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization agent variable that is available to selected repositories.\nOrganization variables that are available to selected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization agent variable that is\navailable to selected repositories. Organization variables that are available to\nselected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "title": "List repository organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization variables shared with a repository.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "List repository variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repository variables.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "Create a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Get a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific variable in a repository.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2021-08-10T14:59:22Z", + "updated_at": "2022-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Update a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + } + ], + "descriptionHTML": "

Updates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Delete a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a repository variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + } + ] +} \ No newline at end of file diff --git a/src/rest/data/fpt-2026-03-10/copilot.json b/src/rest/data/fpt-2026-03-10/copilot.json index b9ef1ae71611..e35e9e834699 100644 --- a/src/rest/data/fpt-2026-03-10/copilot.json +++ b/src/rest/data/fpt-2026-03-10/copilot.json @@ -4852,6 +4852,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -5941,6 +5949,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/fpt-2026-03-10/enterprise-teams.json b/src/rest/data/fpt-2026-03-10/enterprise-teams.json index 0c6a9944d082..ad0d25f110be 100644 --- a/src/rest/data/fpt-2026-03-10/enterprise-teams.json +++ b/src/rest/data/fpt-2026-03-10/enterprise-teams.json @@ -123,6 +123,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -219,6 +227,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. You can get this value from the REST API endpoints for SCIM.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n\n

Default: notifications_enabled

", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To create an enterprise team, the authenticated user must be an owner of the enterprise.

", @@ -309,6 +326,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -456,6 +481,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -559,6 +592,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. The new IdP group will replace the existing one, or replace existing direct members if the team isn't currently linked to an IdP group.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To edit a team, the authenticated user must be an enterprise owner.

", @@ -650,6 +692,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghec-2022-11-28/agents.json b/src/rest/data/ghec-2022-11-28/agents.json new file mode 100644 index 000000000000..aceebe53c843 --- /dev/null +++ b/src/rest/data/ghec-2022-11-28/agents.json @@ -0,0 +1,4671 @@ +{ + "secrets": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "title": "List organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in an organization without revealing their\nencrypted values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "secrets": [ + { + "name": "GIST_ID", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "DEPLOY_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "title": "Get an organization public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Get an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single organization secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + }, + "schema": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Create or update an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

" + } + ], + "descriptionHTML": "

Creates or updates an organization secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Delete an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in an organization using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "List selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_downloads": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_validity_checks": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "Set selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Add selected repository to an organization secret and Remove selected repository from an organization secret endpoints.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Add selected repository to an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization secret when the visibility for\nrepository access is set to selected. For more information about setting the visibility, see Create or\nupdate an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

No Content when repository was added to the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content when repository was added to the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when repository was removed from the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

Response when repository was removed from the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "title": "List repository organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization secrets shared with a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "title": "List repository secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "title": "Get a repository public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Get a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single repository secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Create or update a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates or updates a repository secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Delete a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in a repository using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + } + ], + "variables": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "title": "List organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all agent variables available in an organization.\nReturned variables include their values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "ACTIONS_RUNNER_DEBUG", + "value": true, + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "ADMIN_EMAIL", + "value": "octocat@github.com", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/ADMIN_EMAIL/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "title": "Create an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Creates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a variable

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a variable

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Get an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific agent variable in an organization.

\n

The authenticated user must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/USERNAME/repositories" + }, + "schema": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Update an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Updates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Delete an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes an organization agent variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "List selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that can access an organization agent variable\nthat is available to selected repositories.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_downloads": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_validity_checks": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "Set selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

The IDs of the repositories that can access the organization variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization agent variable that is available\nto selected repositories. Organization variables that are available to selected\nrepositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Add selected repository to an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization agent variable that is available to selected repositories.\nOrganization variables that are available to selected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization agent variable that is\navailable to selected repositories. Organization variables that are available to\nselected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "title": "List repository organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization variables shared with a repository.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "List repository variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repository variables.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "Create a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Get a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific variable in a repository.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2021-08-10T14:59:22Z", + "updated_at": "2022-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Update a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + } + ], + "descriptionHTML": "

Updates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Delete a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a repository variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + } + ] +} \ No newline at end of file diff --git a/src/rest/data/ghec-2022-11-28/copilot.json b/src/rest/data/ghec-2022-11-28/copilot.json index 9052267f9e7e..b225cca98f6f 100644 --- a/src/rest/data/ghec-2022-11-28/copilot.json +++ b/src/rest/data/ghec-2022-11-28/copilot.json @@ -2428,7 +2428,7 @@ } ], "bodyParameters": [], - "descriptionHTML": "

Gets the organization and repository configured as the source for custom agent definitions in an enterprise.

\n

Custom agents are enterprise-defined AI agents stored as markdown files in a special repository.\nAn enterprise admin configures one organization as the \"source\" and that org must have a repo named\n.github-private containing agent definitions in /agents/*.md.

\n

Enterprise owners with read access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", + "descriptionHTML": "

Gets the organization and repository configured as the source for custom agent definitions and Copilot CLI client settings in an enterprise.

\n

Custom agents are enterprise-defined AI agents stored as markdown files in a special repository.\nAn enterprise admin configures one organization as the \"source\" for custom agents and\nCopilot CLI client settings, and that org must have a repo named .github-private containing agent\ndefinitions in /agents/*.md, or enterprise-managed AI standards in .github/copilot/settings.json. Learn more about configuring enterprise-managed AI standards for Copilot clients.

\n

Enterprise owners with read access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "codeExamples": [ { "request": { @@ -2569,7 +2569,7 @@ "default": true } ], - "descriptionHTML": "

Sets an organization as the source for custom agent definitions in the enterprise.\nThe organization must have a .github-private repository containing agent definitions.

\n

By default, this endpoint also creates an enterprise-level ruleset to protect\nagent definition files (agents/.md and .github/agents/.md). You can opt out\nof ruleset creation by setting create_ruleset to false.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", + "descriptionHTML": "

Sets an organization as the source for custom agent definitions and Copilot CLI client settings in the enterprise.\nThe organization must have a .github-private repository containing agent definitions.

\n

By default, this endpoint also creates an enterprise-level ruleset to protect\nagent definition files (agents/.md and .github/agents/.md). You can opt out\nof ruleset creation by setting create_ruleset to false.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "codeExamples": [ { "request": { @@ -2718,7 +2718,7 @@ } ], "bodyParameters": [], - "descriptionHTML": "

Removes the custom agents source configuration for the enterprise.\nThis effectively disables custom agents for the enterprise by removing\nthe reference to the source organization's .github-private repository.

\n

Note: This does not delete the .github-private repository or any agent\ndefinition files. It only removes the association between the enterprise\nand the source repository.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", + "descriptionHTML": "

Removes the custom agents source configuration for the enterprise.\nThis effectively disables custom agents and Copilot CLI client settings\nfor the enterprise by removing the reference to the source organization's .github-private repository.

\n

Note: This does not delete the .github-private repository or any agent\ndefinition files. It only removes the association between the enterprise\nand the source repository.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "codeExamples": [ { "request": { @@ -6556,6 +6556,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -7689,6 +7697,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -8588,6 +8604,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -9677,6 +9701,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghec-2022-11-28/enterprise-admin.json b/src/rest/data/ghec-2022-11-28/enterprise-admin.json index d6456841a252..fded9ac5200f 100644 --- a/src/rest/data/ghec-2022-11-28/enterprise-admin.json +++ b/src/rest/data/ghec-2022-11-28/enterprise-admin.json @@ -6397,6 +6397,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -6758,6 +6766,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghec-2022-11-28/enterprise-teams.json b/src/rest/data/ghec-2022-11-28/enterprise-teams.json index 74552928deaa..05845b2eab2d 100644 --- a/src/rest/data/ghec-2022-11-28/enterprise-teams.json +++ b/src/rest/data/ghec-2022-11-28/enterprise-teams.json @@ -123,6 +123,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -219,6 +227,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. You can get this value from the REST API endpoints for SCIM.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n\n

Default: notifications_enabled

", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To create an enterprise team, the authenticated user must be an owner of the enterprise.

", @@ -309,6 +326,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -456,6 +481,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -559,6 +592,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. The new IdP group will replace the existing one, or replace existing direct members if the team isn't currently linked to an IdP group.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To edit a team, the authenticated user must be an enterprise owner.

", @@ -650,6 +692,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghec-2026-03-10/agents.json b/src/rest/data/ghec-2026-03-10/agents.json new file mode 100644 index 000000000000..76af4a79e237 --- /dev/null +++ b/src/rest/data/ghec-2026-03-10/agents.json @@ -0,0 +1,4665 @@ +{ + "secrets": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets", + "title": "List organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in an organization without revealing their\nencrypted values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "secrets": [ + { + "name": "GIST_ID", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "DEPLOY_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/public-key", + "title": "Get an organization public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Get an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single organization secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/secrets/SUPER_SECRET/repositories" + }, + "schema": { + "title": "Actions Secret for an Organization", + "description": "Secrets for GitHub Actions for an organization.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a secret", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Create or update an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get an organization public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

Which type of organization repositories have access to the organization secret. selected means only the repositories specified by selected_repository_ids can access the secret.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can manage the list of selected repositories using the List selected repositories for an organization secret, Set selected repositories for an organization secret, and Remove selected repository from an organization secret endpoints.

" + } + ], + "descriptionHTML": "

Creates or updates an organization secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}", + "title": "Delete an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in an organization using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "List selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that have been selected when the visibility\nfor repository access to a secret is set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_validity_checks": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories", + "title": "Set selected repositories for an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization secret. You can only provide a list of repository ids when the visibility is set to selected. You can add and remove individual repositories using the Add selected repository to an organization secret and Remove selected repository from an organization secret endpoints.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Add selected repository to an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization secret when the visibility for\nrepository access is set to selected. For more information about setting the visibility, see Create or\nupdate an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

No Content when repository was added to the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content when repository was added to the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/secrets/{secret_name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization secret when the visibility\nfor repository access is set to selected. The visibility is set when you Create\nor update an organization secret.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "secret_name": "SECRET_NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when repository was removed from the selected list

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

Response when repository was removed from the selected list

" + }, + { + "httpStatusCode": "409", + "description": "

Conflict when visibility type not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-secrets", + "title": "List repository organization secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization secrets shared with a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets", + "title": "List repository secrets", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all secrets available in a repository without revealing their encrypted\nvalues.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "secrets": [ + { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "GIST_ID", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "secrets" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "secrets": { + "type": "array", + "items": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/public-key", + "title": "Get a repository public key", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets your public key, which you need to encrypt secrets. You need to\nencrypt a secret before you can create or update secrets.

\n

Anyone with read access to the repository can use this endpoint.

\n

If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "key_id": "012345678912345678", + "key": "2Sg8iYjAxxmI2LvUXpJjkYrMxURPc8r+dB7TJyvv1234" + }, + "schema": { + "title": "ActionsPublicKey", + "description": "The public key used for setting Actions Secrets.", + "type": "object", + "properties": { + "key_id": { + "description": "The identifier for the key.", + "type": "string" + }, + "key": { + "description": "The Base64 encoded public key.", + "type": "string" + }, + "id": { + "type": "integer" + }, + "url": { + "type": "string" + }, + "title": { + "type": "string" + }, + "created_at": { + "type": "string" + } + }, + "required": [ + "key_id", + "key" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Get a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a single repository secret without revealing its encrypted value.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "GH_TOKEN", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Secret", + "description": "Set secrets for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the secret.", + "type": "string" + }, + "created_at": { + "type": "string", + "format": "date-time" + }, + "updated_at": { + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Create or update a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "encrypted_value", + "description": "

Value for your secret, encrypted with LibSodium using the public key retrieved from the Get a repository public key endpoint.

", + "isRequired": true + }, + { + "type": "string", + "name": "key_id", + "description": "

ID of the key you used to encrypt the secret.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates or updates a repository secret with an encrypted value. Encrypt your secret using\nLibSodium. For more information, see \"Encrypting secrets for the REST API.\"

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example 1: Status Code 201", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a secret

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + }, + { + "request": { + "contentType": "application/json", + "description": "Example 2: Status Code 204", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "encrypted_value": "c2VjcmV0", + "key_id": "012345678912345678" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response when updating a secret

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a secret

" + }, + { + "httpStatusCode": "204", + "description": "

Response when updating a secret

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/secrets/{secret_name}", + "title": "Delete a repository secret", + "category": "agents", + "subcategory": "secrets", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "secret_name", + "description": "

The name of the secret.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a secret in a repository using the secret name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read secrets.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "secret_name": "SECRET_NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent secrets\" repository permissions": "write" + } + ] + } + } + ], + "variables": [ + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables", + "title": "List organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all agent variables available in an organization.\nReturned variables include their values.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 3, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "private" + }, + { + "name": "ACTIONS_RUNNER_DEBUG", + "value": true, + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "all" + }, + { + "name": "ADMIN_EMAIL", + "value": "octocat@github.com", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/ADMIN_EMAIL/repositories" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/orgs/{org}/agents/variables", + "title": "Create an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "isRequired": true, + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Creates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response when creating a variable

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Response when creating a variable

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Get an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific agent variable in an organization.

\n

The authenticated user must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z", + "visibility": "selected", + "selected_repositories_url": "https://api.github.com/orgs/octo-org/actions/variables/USERNAME/repositories" + }, + "schema": { + "title": "Actions Variable for an Organization", + "description": "Organization variable for GitHub Actions.", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "visibility": { + "description": "Visibility of a variable", + "enum": [ + "all", + "private", + "selected" + ], + "type": "string" + }, + "selected_repositories_url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at", + "visibility" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Update an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + }, + { + "type": "string", + "name": "visibility", + "description": "

The type of repositories in the organization that can access the variable. selected means only the repositories specified by selected_repository_ids can access the variable.

", + "enum": [ + "all", + "private", + "selected" + ] + }, + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

An array of repository ids that can access the organization variable. You can only provide a list of repository ids when the visibility is set to selected.

" + } + ], + "descriptionHTML": "

Updates an organization agent variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat", + "visibility": "selected", + "selected_repository_ids": [ + 1296269, + 1296280 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}", + "title": "Delete an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes an organization agent variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "List selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 100). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 30 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repositories that can access an organization agent variable\nthat is available to selected repositories.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 1, + "repositories": [ + { + "id": 1296269, + "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5", + "name": "Hello-World", + "full_name": "octocat/Hello-World", + "owner": { + "login": "octocat", + "id": 1, + "node_id": "MDQ6VXNlcjE=", + "avatar_url": "https://github.com/images/error/octocat_happy.gif", + "gravatar_id": "", + "url": "https://api.github.com/users/octocat", + "html_url": "https://github.com/octocat", + "followers_url": "https://api.github.com/users/octocat/followers", + "following_url": "https://api.github.com/users/octocat/following{/other_user}", + "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}", + "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/octocat/subscriptions", + "organizations_url": "https://api.github.com/users/octocat/orgs", + "repos_url": "https://api.github.com/users/octocat/repos", + "events_url": "https://api.github.com/users/octocat/events{/privacy}", + "received_events_url": "https://api.github.com/users/octocat/received_events", + "type": "User", + "site_admin": false + }, + "private": false, + "html_url": "https://github.com/octocat/Hello-World", + "description": "This your first repo!", + "fork": false, + "url": "https://api.github.com/repos/octocat/Hello-World", + "archive_url": "https://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}", + "assignees_url": "https://api.github.com/repos/octocat/Hello-World/assignees{/user}", + "blobs_url": "https://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/octocat/Hello-World/branches{/branch}", + "collaborators_url": "https://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/octocat/Hello-World/comments{/number}", + "commits_url": "https://api.github.com/repos/octocat/Hello-World/commits{/sha}", + "compare_url": "https://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/octocat/Hello-World/contents/{+path}", + "contributors_url": "https://api.github.com/repos/octocat/Hello-World/contributors", + "deployments_url": "https://api.github.com/repos/octocat/Hello-World/deployments", + "downloads_url": "https://api.github.com/repos/octocat/Hello-World/downloads", + "events_url": "https://api.github.com/repos/octocat/Hello-World/events", + "forks_url": "https://api.github.com/repos/octocat/Hello-World/forks", + "git_commits_url": "https://api.github.com/repos/octocat/Hello-World/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/octocat/Hello-World/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/octocat/Hello-World/git/tags{/sha}", + "git_url": "git:github.com/octocat/Hello-World.git", + "issue_comment_url": "https://api.github.com/repos/octocat/Hello-World/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/octocat/Hello-World/issues/events{/number}", + "issues_url": "https://api.github.com/repos/octocat/Hello-World/issues{/number}", + "keys_url": "https://api.github.com/repos/octocat/Hello-World/keys{/key_id}", + "labels_url": "https://api.github.com/repos/octocat/Hello-World/labels{/name}", + "languages_url": "https://api.github.com/repos/octocat/Hello-World/languages", + "merges_url": "https://api.github.com/repos/octocat/Hello-World/merges", + "milestones_url": "https://api.github.com/repos/octocat/Hello-World/milestones{/number}", + "notifications_url": "https://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}", + "pulls_url": "https://api.github.com/repos/octocat/Hello-World/pulls{/number}", + "releases_url": "https://api.github.com/repos/octocat/Hello-World/releases{/id}", + "ssh_url": "git@github.com:octocat/Hello-World.git", + "stargazers_url": "https://api.github.com/repos/octocat/Hello-World/stargazers", + "statuses_url": "https://api.github.com/repos/octocat/Hello-World/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/octocat/Hello-World/subscribers", + "subscription_url": "https://api.github.com/repos/octocat/Hello-World/subscription", + "tags_url": "https://api.github.com/repos/octocat/Hello-World/tags", + "teams_url": "https://api.github.com/repos/octocat/Hello-World/teams", + "trees_url": "https://api.github.com/repos/octocat/Hello-World/git/trees{/sha}", + "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "repositories" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "repositories": { + "type": "array", + "items": { + "title": "Minimal Repository", + "description": "Minimal Repository", + "type": "object", + "properties": { + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "name": { + "type": "string" + }, + "full_name": { + "type": "string" + }, + "owner": { + "title": "Simple User", + "description": "A GitHub user.", + "type": "object", + "properties": { + "name": { + "type": [ + "string", + "null" + ] + }, + "email": { + "type": [ + "string", + "null" + ] + }, + "login": { + "type": "string" + }, + "id": { + "type": "integer", + "format": "int64" + }, + "node_id": { + "type": "string" + }, + "avatar_url": { + "type": "string", + "format": "uri" + }, + "gravatar_id": { + "type": [ + "string", + "null" + ] + }, + "url": { + "type": "string", + "format": "uri" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "followers_url": { + "type": "string", + "format": "uri" + }, + "following_url": { + "type": "string" + }, + "gists_url": { + "type": "string" + }, + "starred_url": { + "type": "string" + }, + "subscriptions_url": { + "type": "string", + "format": "uri" + }, + "organizations_url": { + "type": "string", + "format": "uri" + }, + "repos_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string" + }, + "received_events_url": { + "type": "string", + "format": "uri" + }, + "type": { + "type": "string" + }, + "site_admin": { + "type": "boolean" + }, + "starred_at": { + "type": "string" + }, + "user_view_type": { + "type": "string" + } + }, + "required": [ + "avatar_url", + "events_url", + "followers_url", + "following_url", + "gists_url", + "gravatar_id", + "html_url", + "id", + "node_id", + "login", + "organizations_url", + "received_events_url", + "repos_url", + "site_admin", + "starred_url", + "subscriptions_url", + "type", + "url" + ] + }, + "private": { + "type": "boolean" + }, + "html_url": { + "type": "string", + "format": "uri" + }, + "description": { + "type": [ + "string", + "null" + ] + }, + "fork": { + "type": "boolean" + }, + "url": { + "type": "string", + "format": "uri" + }, + "archive_url": { + "type": "string" + }, + "assignees_url": { + "type": "string" + }, + "blobs_url": { + "type": "string" + }, + "branches_url": { + "type": "string" + }, + "collaborators_url": { + "type": "string" + }, + "comments_url": { + "type": "string" + }, + "commits_url": { + "type": "string" + }, + "compare_url": { + "type": "string" + }, + "contents_url": { + "type": "string" + }, + "contributors_url": { + "type": "string", + "format": "uri" + }, + "deployments_url": { + "type": "string", + "format": "uri" + }, + "downloads_url": { + "type": "string", + "format": "uri" + }, + "events_url": { + "type": "string", + "format": "uri" + }, + "forks_url": { + "type": "string", + "format": "uri" + }, + "git_commits_url": { + "type": "string" + }, + "git_refs_url": { + "type": "string" + }, + "git_tags_url": { + "type": "string" + }, + "git_url": { + "type": "string" + }, + "issue_comment_url": { + "type": "string" + }, + "issue_events_url": { + "type": "string" + }, + "issues_url": { + "type": "string" + }, + "keys_url": { + "type": "string" + }, + "labels_url": { + "type": "string" + }, + "languages_url": { + "type": "string", + "format": "uri" + }, + "merges_url": { + "type": "string", + "format": "uri" + }, + "milestones_url": { + "type": "string" + }, + "notifications_url": { + "type": "string" + }, + "pulls_url": { + "type": "string" + }, + "releases_url": { + "type": "string" + }, + "ssh_url": { + "type": "string" + }, + "stargazers_url": { + "type": "string", + "format": "uri" + }, + "statuses_url": { + "type": "string" + }, + "subscribers_url": { + "type": "string", + "format": "uri" + }, + "subscription_url": { + "type": "string", + "format": "uri" + }, + "tags_url": { + "type": "string", + "format": "uri" + }, + "teams_url": { + "type": "string", + "format": "uri" + }, + "trees_url": { + "type": "string" + }, + "clone_url": { + "type": "string" + }, + "mirror_url": { + "type": [ + "string", + "null" + ] + }, + "hooks_url": { + "type": "string", + "format": "uri" + }, + "svn_url": { + "type": "string" + }, + "homepage": { + "type": [ + "string", + "null" + ] + }, + "language": { + "type": [ + "string", + "null" + ] + }, + "forks_count": { + "type": "integer" + }, + "stargazers_count": { + "type": "integer" + }, + "watchers_count": { + "type": "integer" + }, + "size": { + "description": "The size of the repository, in kilobytes. Size is calculated hourly. When a repository is initially created, the size is 0.", + "type": "integer" + }, + "default_branch": { + "type": "string" + }, + "open_issues_count": { + "type": "integer" + }, + "is_template": { + "type": "boolean" + }, + "topics": { + "type": "array", + "items": { + "type": "string" + } + }, + "has_issues": { + "type": "boolean" + }, + "has_projects": { + "type": "boolean" + }, + "has_wiki": { + "type": "boolean" + }, + "has_pages": { + "type": "boolean" + }, + "has_discussions": { + "type": "boolean" + }, + "has_pull_requests": { + "type": "boolean" + }, + "pull_request_creation_policy": { + "description": "The policy controlling who can create pull requests: all or collaborators_only.", + "type": "string", + "enum": [ + "all", + "collaborators_only" + ] + }, + "archived": { + "type": "boolean" + }, + "disabled": { + "type": "boolean" + }, + "visibility": { + "type": "string" + }, + "pushed_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "created_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "updated_at": { + "type": [ + "string", + "null" + ], + "format": "date-time" + }, + "permissions": { + "type": "object", + "properties": { + "admin": { + "type": "boolean" + }, + "maintain": { + "type": "boolean" + }, + "push": { + "type": "boolean" + }, + "triage": { + "type": "boolean" + }, + "pull": { + "type": "boolean" + } + } + }, + "role_name": { + "type": "string" + }, + "temp_clone_token": { + "type": "string" + }, + "delete_branch_on_merge": { + "type": "boolean" + }, + "subscribers_count": { + "type": "integer" + }, + "network_count": { + "type": "integer" + }, + "code_of_conduct": { + "title": "Code Of Conduct", + "description": "Code Of Conduct", + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "url": { + "type": "string", + "format": "uri" + }, + "body": { + "type": "string" + }, + "html_url": { + "type": [ + "string", + "null" + ], + "format": "uri" + } + }, + "required": [ + "url", + "html_url", + "key", + "name" + ] + }, + "license": { + "type": [ + "object", + "null" + ], + "properties": { + "key": { + "type": "string" + }, + "name": { + "type": "string" + }, + "spdx_id": { + "type": "string" + }, + "url": { + "type": [ + "string", + "null" + ] + }, + "node_id": { + "type": "string" + } + } + }, + "forks": { + "type": "integer" + }, + "open_issues": { + "type": "integer" + }, + "watchers": { + "type": "integer" + }, + "allow_forking": { + "type": "boolean" + }, + "web_commit_signoff_required": { + "type": "boolean" + }, + "security_and_analysis": { + "type": [ + "object", + "null" + ], + "properties": { + "advanced_security": { + "description": "Enable or disable GitHub Advanced Security for the repository.\n\nFor standalone Code Scanning or Secret Protection products, this parameter cannot be used.\n", + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "code_security": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "dependabot_security_updates": { + "description": "Enable or disable Dependabot security updates for the repository.", + "type": "object", + "properties": { + "status": { + "description": "The enablement status of Dependabot security updates for the repository.", + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_push_protection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_non_provider_patterns": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_ai_detection": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_validity_checks": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_alert_dismissal": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass": { + "type": "object", + "properties": { + "status": { + "type": "string", + "enum": [ + "enabled", + "disabled" + ] + } + } + }, + "secret_scanning_delegated_bypass_options": { + "type": "object", + "properties": { + "reviewers": { + "type": "array", + "description": "The bypass reviewers for secret scanning delegated bypass", + "items": { + "type": "object", + "required": [ + "reviewer_id", + "reviewer_type" + ], + "properties": { + "reviewer_id": { + "type": "integer", + "description": "The ID of the team or role selected as a bypass reviewer" + }, + "reviewer_type": { + "type": "string", + "description": "The type of the bypass reviewer", + "enum": [ + "TEAM", + "ROLE" + ] + }, + "mode": { + "type": "string", + "description": "The bypass mode for the reviewer", + "enum": [ + "ALWAYS", + "EXEMPT" + ], + "default": "ALWAYS" + } + } + } + } + } + } + } + }, + "custom_properties": { + "type": "object", + "description": "The custom properties that were defined for the repository. The keys are the custom property names, and the values are the corresponding custom property values.", + "additionalProperties": true + } + }, + "required": [ + "archive_url", + "assignees_url", + "blobs_url", + "branches_url", + "collaborators_url", + "comments_url", + "commits_url", + "compare_url", + "contents_url", + "contributors_url", + "deployments_url", + "description", + "downloads_url", + "events_url", + "fork", + "forks_url", + "full_name", + "git_commits_url", + "git_refs_url", + "git_tags_url", + "hooks_url", + "html_url", + "id", + "node_id", + "issue_comment_url", + "issue_events_url", + "issues_url", + "keys_url", + "labels_url", + "languages_url", + "merges_url", + "milestones_url", + "name", + "notifications_url", + "owner", + "private", + "pulls_url", + "releases_url", + "stargazers_url", + "statuses_url", + "subscribers_url", + "subscription_url", + "tags_url", + "teams_url", + "trees_url", + "url" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories", + "title": "Set selected repositories for an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "array of integers", + "name": "selected_repository_ids", + "description": "

The IDs of the repositories that can access the organization variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Replaces all repositories for an organization agent variable that is available\nto selected repositories. Organization variables that are available to selected\nrepositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "selected_repository_ids": [ + 64780797 + ] + }, + "parameters": { + "org": "ORG", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "put", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Add selected repository to an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Adds a repository to an organization agent variable that is available to selected repositories.\nOrganization variables that are available to selected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/orgs/{org}/agents/variables/{name}/repositories/{repository_id}", + "title": "Remove selected repository from an organization variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "org", + "description": "

The organization name. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repository_id", + "in": "path", + "required": true, + "schema": { + "type": "integer" + }, + "description": "" + } + ], + "bodyParameters": [], + "descriptionHTML": "

Removes a repository from an organization agent variable that is\navailable to selected repositories. Organization variables that are available to\nselected repositories have their visibility field set to selected.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the admin:org scope to use this endpoint. If the repository is private, the repo scope is also required.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "org": "ORG", + "name": "NAME", + "repository_id": "REPOSITORY_ID" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + }, + { + "httpStatusCode": "409", + "description": "

Response when the visibility of the variable is not set to selected

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" organization permissions": "write", + "\"Metadata\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/organization-variables", + "title": "List repository organization variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all organization variables shared with a repository.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "List repository variables", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "description": "

The number of results per page (max 30). For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 10 + } + }, + { + "name": "page", + "description": "

The page number of the results to fetch. For more information, see \"Using pagination in the REST API.\"

", + "in": "query", + "schema": { + "type": "integer", + "default": 1 + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Lists all repository variables.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "total_count": 2, + "variables": [ + { + "name": "USERNAME", + "value": "octocat", + "created_at": "2019-08-10T14:59:22Z", + "updated_at": "2020-01-10T14:59:22Z" + }, + { + "name": "EMAIL", + "value": "octocat@github.com", + "created_at": "2020-01-10T10:59:22Z", + "updated_at": "2020-01-11T11:59:22Z" + } + ] + }, + "schema": { + "type": "object", + "required": [ + "total_count", + "variables" + ], + "properties": { + "total_count": { + "type": "integer" + }, + "variables": { + "type": "array", + "items": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "post", + "requestPath": "/repos/{owner}/{repo}/agents/variables", + "title": "Create a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

", + "isRequired": true + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

", + "isRequired": true + } + ], + "descriptionHTML": "

Creates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO" + } + }, + "response": { + "statusCode": "201", + "contentType": "application/json", + "description": "

Response

", + "example": null, + "schema": { + "title": "Empty Object", + "description": "An object without any properties.", + "type": "object", + "properties": {}, + "additionalProperties": false + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "201", + "description": "

Created

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "get", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Get a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Gets a specific variable in a repository.

\n

The authenticated user must have collaborator access to the repository to use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "200", + "contentType": "application/json", + "description": "

Response

", + "example": { + "name": "USERNAME", + "value": "octocat", + "created_at": "2021-08-10T14:59:22Z", + "updated_at": "2022-01-10T14:59:22Z" + }, + "schema": { + "title": "Actions Variable", + "type": "object", + "properties": { + "name": { + "description": "The name of the variable.", + "type": "string" + }, + "value": { + "description": "The value of the variable.", + "type": "string" + }, + "created_at": { + "description": "The date and time at which the variable was created, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + }, + "updated_at": { + "description": "The date and time at which the variable was last updated, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "name", + "value", + "created_at", + "updated_at" + ] + } + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "200", + "description": "

OK

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "read" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "patch", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Update a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [ + { + "type": "string", + "name": "name", + "description": "

The name of the variable.

" + }, + { + "type": "string", + "name": "value", + "description": "

The value of the variable.

" + } + ], + "descriptionHTML": "

Updates a repository variable that you can reference in a GitHub Actions workflow.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth app tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "contentType": "application/json", + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "bodyParameters": { + "name": "USERNAME", + "value": "octocat" + }, + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + }, + { + "serverUrl": "https://api.github.com", + "verb": "delete", + "requestPath": "/repos/{owner}/{repo}/agents/variables/{name}", + "title": "Delete a repository variable", + "category": "agents", + "subcategory": "variables", + "parameters": [ + { + "name": "owner", + "description": "

The account owner of the repository. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "description": "

The name of the repository without the .git extension. The name is not case sensitive.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "name", + "description": "

The name of the variable.

", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + } + ], + "bodyParameters": [], + "descriptionHTML": "

Deletes a repository variable using the variable name.

\n

Authenticated users must have collaborator access to a repository to create, update, or read variables.

\n

OAuth tokens and personal access tokens (classic) need the repo scope to use this endpoint.

", + "codeExamples": [ + { + "request": { + "description": "Example", + "acceptHeader": "application/vnd.github.v3+json", + "parameters": { + "owner": "OWNER", + "repo": "REPO", + "name": "NAME" + } + }, + "response": { + "statusCode": "204", + "description": "

Response

" + } + } + ], + "statusCodes": [ + { + "httpStatusCode": "204", + "description": "

No Content

" + } + ], + "previews": [], + "progAccess": { + "userToServerRest": true, + "serverToServer": true, + "fineGrainedPat": true, + "permissions": [ + { + "\"Agent variables\" repository permissions": "write" + } + ] + } + } + ] +} \ No newline at end of file diff --git a/src/rest/data/ghec-2026-03-10/copilot.json b/src/rest/data/ghec-2026-03-10/copilot.json index 9bb1fc230c75..cf8673b68a8e 100644 --- a/src/rest/data/ghec-2026-03-10/copilot.json +++ b/src/rest/data/ghec-2026-03-10/copilot.json @@ -2425,7 +2425,7 @@ } ], "bodyParameters": [], - "descriptionHTML": "

Gets the organization and repository configured as the source for custom agent definitions in an enterprise.

\n

Custom agents are enterprise-defined AI agents stored as markdown files in a special repository.\nAn enterprise admin configures one organization as the \"source\" and that org must have a repo named\n.github-private containing agent definitions in /agents/*.md.

\n

Enterprise owners with read access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", + "descriptionHTML": "

Gets the organization and repository configured as the source for custom agent definitions and Copilot CLI client settings in an enterprise.

\n

Custom agents are enterprise-defined AI agents stored as markdown files in a special repository.\nAn enterprise admin configures one organization as the \"source\" for custom agents and\nCopilot CLI client settings, and that org must have a repo named .github-private containing agent\ndefinitions in /agents/*.md, or enterprise-managed AI standards in .github/copilot/settings.json. Learn more about configuring enterprise-managed AI standards for Copilot clients.

\n

Enterprise owners with read access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "codeExamples": [ { "request": { @@ -2566,7 +2566,7 @@ "default": true } ], - "descriptionHTML": "

Sets an organization as the source for custom agent definitions in the enterprise.\nThe organization must have a .github-private repository containing agent definitions.

\n

By default, this endpoint also creates an enterprise-level ruleset to protect\nagent definition files (agents/.md and .github/agents/.md). You can opt out\nof ruleset creation by setting create_ruleset to false.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", + "descriptionHTML": "

Sets an organization as the source for custom agent definitions and Copilot CLI client settings in the enterprise.\nThe organization must have a .github-private repository containing agent definitions.

\n

By default, this endpoint also creates an enterprise-level ruleset to protect\nagent definition files (agents/.md and .github/agents/.md). You can opt out\nof ruleset creation by setting create_ruleset to false.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "codeExamples": [ { "request": { @@ -2715,7 +2715,7 @@ } ], "bodyParameters": [], - "descriptionHTML": "

Removes the custom agents source configuration for the enterprise.\nThis effectively disables custom agents for the enterprise by removing\nthe reference to the source organization's .github-private repository.

\n

Note: This does not delete the .github-private repository or any agent\ndefinition files. It only removes the association between the enterprise\nand the source repository.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", + "descriptionHTML": "

Removes the custom agents source configuration for the enterprise.\nThis effectively disables custom agents and Copilot CLI client settings\nfor the enterprise by removing the reference to the source organization's .github-private repository.

\n

Note: This does not delete the .github-private repository or any agent\ndefinition files. It only removes the association between the enterprise\nand the source repository.

\n

Enterprise owners with write access to AI Controls can use this endpoint.

\n

OAuth app tokens and personal access tokens (classic) need the admin:enterprise scope to use this endpoint.

", "codeExamples": [ { "request": { @@ -6553,6 +6553,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -7686,6 +7694,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -8585,6 +8601,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -9674,6 +9698,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghec-2026-03-10/enterprise-admin.json b/src/rest/data/ghec-2026-03-10/enterprise-admin.json index d6456841a252..fded9ac5200f 100644 --- a/src/rest/data/ghec-2026-03-10/enterprise-admin.json +++ b/src/rest/data/ghec-2026-03-10/enterprise-admin.json @@ -6397,6 +6397,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -6758,6 +6766,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghec-2026-03-10/enterprise-teams.json b/src/rest/data/ghec-2026-03-10/enterprise-teams.json index 74552928deaa..05845b2eab2d 100644 --- a/src/rest/data/ghec-2026-03-10/enterprise-teams.json +++ b/src/rest/data/ghec-2026-03-10/enterprise-teams.json @@ -123,6 +123,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -219,6 +227,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. You can get this value from the REST API endpoints for SCIM.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n\n

Default: notifications_enabled

", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To create an enterprise team, the authenticated user must be an owner of the enterprise.

", @@ -309,6 +326,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -456,6 +481,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -559,6 +592,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. The new IdP group will replace the existing one, or replace existing direct members if the team isn't currently linked to an IdP group.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To edit a team, the authenticated user must be an enterprise owner.

", @@ -650,6 +692,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/data/ghes-3.20-2022-11-28/enterprise-teams.json b/src/rest/data/ghes-3.20-2022-11-28/enterprise-teams.json index d44ebb23914d..91b67f1f3711 100644 --- a/src/rest/data/ghes-3.20-2022-11-28/enterprise-teams.json +++ b/src/rest/data/ghes-3.20-2022-11-28/enterprise-teams.json @@ -123,6 +123,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -219,6 +227,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. You can get this value from the REST API endpoints for SCIM.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n\n

Default: notifications_enabled

", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To create an enterprise team, the authenticated user must be an owner of the enterprise.

", @@ -309,6 +326,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -456,6 +481,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ @@ -559,6 +592,15 @@ "type": "string or null", "name": "group_id", "description": "

The ID of the IdP group to assign team membership with. The new IdP group will replace the existing one, or replace existing direct members if the team isn't currently linked to an IdP group.

" + }, + { + "type": "string", + "name": "notification_setting", + "description": "

The notification setting the team is set to. The options are:

\n", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } ], "descriptionHTML": "

To edit a team, the authenticated user must be an enterprise owner.

", @@ -650,6 +692,14 @@ "updated_at": { "type": "string", "format": "date-time" + }, + "notification_setting": { + "type": "string", + "description": "Whether team members will receive notifications when the team is mentioned.", + "enum": [ + "notifications_enabled", + "notifications_disabled" + ] } }, "required": [ diff --git a/src/rest/lib/config.json b/src/rest/lib/config.json index 5b779bc49ebe..df14d26d2fae 100644 --- a/src/rest/lib/config.json +++ b/src/rest/lib/config.json @@ -49,5 +49,5 @@ ] } }, - "sha": "d0fa019e82a366eaa70a2b6238076d5b3c427c2c" + "sha": "88dc3d8d8159aa2513e49fbc62651e4e5b67af6d" } \ No newline at end of file diff --git a/src/webhooks/data/fpt/sub_issues.json b/src/webhooks/data/fpt/sub_issues.json index 025ce6496f7a..137cda46232f 100644 --- a/src/webhooks/data/fpt/sub_issues.json +++ b/src/webhooks/data/fpt/sub_issues.json @@ -16,14 +16,12 @@ { "type": "number", "name": "parent_issue_id", - "description": "

The ID of the parent issue.

", - "isRequired": true + "description": "

The ID of the parent issue.

" }, { "type": "object", "name": "parent_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -2519,7 +2517,6 @@ "type": "object", "name": "parent_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -5853,12 +5850,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], @@ -5887,14 +5886,12 @@ { "type": "number", "name": "parent_issue_id", - "description": "

The ID of the parent issue.

", - "isRequired": true + "description": "

The ID of the parent issue.

" }, { "type": "object", "name": "parent_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -8390,7 +8387,6 @@ "type": "object", "name": "parent_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -11724,12 +11720,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], @@ -11758,14 +11756,12 @@ { "type": "number", "name": "sub_issue_id", - "description": "

The ID of the sub-issue.

", - "isRequired": true + "description": "

The ID of the sub-issue.

" }, { "type": "object", "name": "sub_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -14261,7 +14257,6 @@ "type": "object", "name": "sub_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -17595,12 +17590,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], @@ -17629,14 +17626,12 @@ { "type": "number", "name": "sub_issue_id", - "description": "

The ID of the sub-issue.

", - "isRequired": true + "description": "

The ID of the sub-issue.

" }, { "type": "object", "name": "sub_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -20132,7 +20127,6 @@ "type": "object", "name": "sub_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -23466,12 +23460,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], diff --git a/src/webhooks/data/ghec/sub_issues.json b/src/webhooks/data/ghec/sub_issues.json index 2d82fce84a2c..609b1da4c460 100644 --- a/src/webhooks/data/ghec/sub_issues.json +++ b/src/webhooks/data/ghec/sub_issues.json @@ -16,14 +16,12 @@ { "type": "number", "name": "parent_issue_id", - "description": "

The ID of the parent issue.

", - "isRequired": true + "description": "

The ID of the parent issue.

" }, { "type": "object", "name": "parent_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -2519,7 +2517,6 @@ "type": "object", "name": "parent_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -5853,12 +5850,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], @@ -5887,14 +5886,12 @@ { "type": "number", "name": "parent_issue_id", - "description": "

The ID of the parent issue.

", - "isRequired": true + "description": "

The ID of the parent issue.

" }, { "type": "object", "name": "parent_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -8390,7 +8387,6 @@ "type": "object", "name": "parent_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -11724,12 +11720,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], @@ -11758,14 +11756,12 @@ { "type": "number", "name": "sub_issue_id", - "description": "

The ID of the sub-issue.

", - "isRequired": true + "description": "

The ID of the sub-issue.

" }, { "type": "object", "name": "sub_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -14261,7 +14257,6 @@ "type": "object", "name": "sub_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -17595,12 +17590,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], @@ -17629,14 +17626,12 @@ { "type": "number", "name": "sub_issue_id", - "description": "

The ID of the sub-issue.

", - "isRequired": true + "description": "

The ID of the sub-issue.

" }, { "type": "object", "name": "sub_issue", "description": "

Issues are a great way to keep track of tasks, enhancements, and bugs for your projects.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -20132,7 +20127,6 @@ "type": "object", "name": "sub_issue_repo", "description": "

A repository on GitHub.

", - "isRequired": true, "childParamsGroups": [ { "type": "integer", @@ -23466,12 +23460,14 @@ "type": "object", "name": "repository", "description": "

The repository on GitHub where the event occurred. Webhook payloads contain the repository property\nwhen the event occurs from activity in a repository.

", + "isRequired": true, "childParamsGroups": [] }, { "type": "object", "name": "sender", "description": "

A GitHub user.

", + "isRequired": true, "childParamsGroups": [] } ], diff --git a/src/webhooks/lib/config.json b/src/webhooks/lib/config.json index 936829caeb00..b77961002687 100644 --- a/src/webhooks/lib/config.json +++ b/src/webhooks/lib/config.json @@ -1,3 +1,3 @@ { - "sha": "d0fa019e82a366eaa70a2b6238076d5b3c427c2c" + "sha": "88dc3d8d8159aa2513e49fbc62651e4e5b67af6d" } \ No newline at end of file