Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Repository Security Advisories APIs #2902

Merged
merged 14 commits into from Oct 5, 2023
+672 −12
Merged

Add Repository Security Advisories APIs #2902

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
e53fa92
added API for Lists repository security advisories for an organization
anishrajan25 Aug 26, 2023
bc0f60e
added API to lists security advisories in a repository
anishrajan25 Aug 26, 2023
a338d64
fmt test file
anishrajan25 Aug 27, 2023
1eb354f
Merge branch 'google:master' into addRepositorySecurityAdvisoryAPIs
anishrajan25 Sep 10, 2023
a96fc16
Merge branch 'master' into addRepositorySecurityAdvisoryAPIs
anishrajan25 Sep 30, 2023
8830158
updated structs and fmt
anishrajan25 Sep 30, 2023
3c72dec
updated and reuse existing structs
anishrajan25 Oct 2, 2023
8b0c9c9
Merge branch 'master' into addRepositorySecurityAdvisoryAPIs
anishrajan25 Oct 2, 2023
835aaa2
fix test case
anishrajan25 Oct 2, 2023
110c448
fixed comments
anishrajan25 Oct 2, 2023
8322f15
updated test file
anishrajan25 Oct 2, 2023
8f14e49
fix test cases
anishrajan25 Oct 3, 2023
460fd8a
go generate and fix lint errors
anishrajan25 Oct 4, 2023
8d1daf2
Merge branch 'master' into addRepositorySecurityAdvisoryAPIs
anishrajan25 Oct 4, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
45 changes: 33 additions & 12 deletions github/event_types.go
View file
Open in desktop
Expand Up @@ -1616,18 +1616,33 @@ type WorkflowRunEvent struct {
//
// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
type SecurityAdvisory struct {
CVSS *AdvisoryCVSS `json:"cvss,omitempty"`
CWEs []*AdvisoryCWEs `json:"cwes,omitempty"`
GHSAID *string `json:"ghsa_id,omitempty"`
Summary *string `json:"summary,omitempty"`
Description *string `json:"description,omitempty"`
Severity *string `json:"severity,omitempty"`
Identifiers []*AdvisoryIdentifier `json:"identifiers,omitempty"`
References []*AdvisoryReference `json:"references,omitempty"`
PublishedAt *Timestamp `json:"published_at,omitempty"`
UpdatedAt *Timestamp `json:"updated_at,omitempty"`
WithdrawnAt *Timestamp `json:"withdrawn_at,omitempty"`
Vulnerabilities []*AdvisoryVulnerability `json:"vulnerabilities,omitempty"`
CVSS *AdvisoryCVSS `json:"cvss,omitempty"`
CWEs []*AdvisoryCWEs `json:"cwes,omitempty"`
GHSAID *string `json:"ghsa_id,omitempty"`
Summary *string `json:"summary,omitempty"`
Description *string `json:"description,omitempty"`
Severity *string `json:"severity,omitempty"`
Identifiers []*AdvisoryIdentifier `json:"identifiers,omitempty"`
References []*AdvisoryReference `json:"references,omitempty"`
PublishedAt *Timestamp `json:"published_at,omitempty"`
UpdatedAt *Timestamp `json:"updated_at,omitempty"`
WithdrawnAt *Timestamp `json:"withdrawn_at,omitempty"`
Vulnerabilities []*AdvisoryVulnerability `json:"vulnerabilities,omitempty"`
CVEID *string `json:"cve_id,omitempty"`
URL *string `json:"url,omitempty"`
HTMLURL *string `json:"html_url,omitempty"`
Author *User `json:"author,omitempty"`
Publisher *User `json:"publisher,omitempty"`
State *string `json:"state,omitempty"`
CreatedAt *Timestamp `json:"created_at,omitempty"`
ClosedAt *Timestamp `json:"closed_at,omitempty"`
Submission *SecurityAdvisorySubmission `json:"submission,omitempty"`
CWEIDs []string `json:"cwe_ids,omitempty"`
Credits []*RepoAdvisoryCredit `json:"credits,omitempty"`
CreditsDetailed []*RepoAdvisoryCreditDetailed `json:"credits_detailed,omitempty"`
CollaboratingUsers []*User `json:"collaborating_users,omitempty"`
CollaboratingTeams []*Team `json:"collaborating_teams,omitempty"`
PrivateFork *Repository `json:"private_fork,omitempty"`
}

// AdvisoryIdentifier represents the identifier for a Security Advisory.
Expand All @@ -1647,6 +1662,12 @@ type AdvisoryVulnerability struct {
Severity *string `json:"severity,omitempty"`
VulnerableVersionRange *string `json:"vulnerable_version_range,omitempty"`
FirstPatchedVersion *FirstPatchedVersion `json:"first_patched_version,omitempty"`

// PatchedVersions and VulnerableFunctions are used in the following APIs:
// - https://docs.github.com/en/rest/security-advisories/repository-advisories?apiVersion=2022-11-28#list-repository-security-advisories-for-an-organization
// - https://docs.github.com/en/rest/security-advisories/repository-advisories?apiVersion=2022-11-28#list-repository-security-advisories
PatchedVersions *string `json:"patched_versions,omitempty"`
VulnerableFunctions []string `json:"vulnerable_functions,omitempty"`
}

// VulnerabilityPackage represents the package object for an Advisory Vulnerability.
Expand Down
136 changes: 136 additions & 0 deletions github/github-accessors.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.