From ab85fadd00ce949d0dbe433c119dde1268c8f79f Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Tue, 15 Apr 2025 11:28:49 -0700
Subject: [PATCH 1/7] GraphQL schema update (#55294)
Co-authored-by: lumaxis <406937+lumaxis@users.noreply.github.com>
---
src/graphql/data/fpt/changelog.json | 14 ++++++++++++
src/graphql/data/fpt/schema.docs.graphql | 20 +++++++++++++++++
src/graphql/data/fpt/schema.json | 27 +++++++++++++++++++++++
src/graphql/data/ghec/schema.docs.graphql | 20 +++++++++++++++++
src/graphql/data/ghec/schema.json | 27 +++++++++++++++++++++++
5 files changed, 108 insertions(+)
diff --git a/src/graphql/data/fpt/changelog.json b/src/graphql/data/fpt/changelog.json
index cddb7d965784..596d8908055a 100644
--- a/src/graphql/data/fpt/changelog.json
+++ b/src/graphql/data/fpt/changelog.json
@@ -1,4 +1,18 @@
[
+ {
+ "schemaChanges": [
+ {
+ "title": "The GraphQL schema includes these changes:",
+ "changes": [
+ "Type RepositorySuggestedActorFilter was added
",
+ "Argument 'capabilities: [RepositorySuggestedActorFilter!]!added to fieldRepository.suggestedActors'
"
+ ]
+ }
+ ],
+ "previewChanges": [],
+ "upcomingChanges": [],
+ "date": "2025-04-15"
+ },
{
"schemaChanges": [
{
diff --git a/src/graphql/data/fpt/schema.docs.graphql b/src/graphql/data/fpt/schema.docs.graphql
index c955b6cdff76..065f92a6965b 100644
--- a/src/graphql/data/fpt/schema.docs.graphql
+++ b/src/graphql/data/fpt/schema.docs.graphql
@@ -50840,6 +50840,11 @@ type Repository implements Node & PackageOwner & ProjectOwner & ProjectV2Recent
"""
before: String
+ """
+ A list of capabilities to filter actors by.
+ """
+ capabilities: [RepositorySuggestedActorFilter!]!
+
"""
Returns the first _n_ elements from the list.
"""
@@ -52888,6 +52893,21 @@ enum RepositoryRulesetTarget {
TAG
}
+"""
+The possible filters for suggested actors in a repository
+"""
+enum RepositorySuggestedActorFilter {
+ """
+ Actors that can be assigned to issues and pull requests
+ """
+ CAN_BE_ASSIGNED
+
+ """
+ Actors that can be the author of issues and pull requests
+ """
+ CAN_BE_AUTHOR
+}
+
"""
A repository-topic connects a repository to a topic.
"""
diff --git a/src/graphql/data/fpt/schema.json b/src/graphql/data/fpt/schema.json
index de01471a1166..d9790ed5b32c 100644
--- a/src/graphql/data/fpt/schema.json
+++ b/src/graphql/data/fpt/schema.json
@@ -67349,6 +67349,16 @@
"href": "/graphql/reference/scalars#string"
}
},
+ {
+ "name": "capabilities",
+ "description": "A list of capabilities to filter actors by.
",
+ "type": {
+ "name": "[RepositorySuggestedActorFilter!]!",
+ "id": "repositorysuggestedactorfilter",
+ "kind": "enums",
+ "href": "/graphql/reference/enums#repositorysuggestedactorfilter"
+ }
+ },
{
"name": "first",
"description": "Returns the first n elements from the list.
",
@@ -92393,6 +92403,23 @@
}
]
},
+ {
+ "name": "RepositorySuggestedActorFilter",
+ "kind": "enums",
+ "id": "repositorysuggestedactorfilter",
+ "href": "/graphql/reference/enums#repositorysuggestedactorfilter",
+ "description": "The possible filters for suggested actors in a repository.
",
+ "values": [
+ {
+ "name": "CAN_BE_ASSIGNED",
+ "description": "Actors that can be assigned to issues and pull requests.
"
+ },
+ {
+ "name": "CAN_BE_AUTHOR",
+ "description": "Actors that can be the author of issues and pull requests.
"
+ }
+ ]
+ },
{
"name": "RepositoryVisibility",
"kind": "enums",
diff --git a/src/graphql/data/ghec/schema.docs.graphql b/src/graphql/data/ghec/schema.docs.graphql
index c955b6cdff76..065f92a6965b 100644
--- a/src/graphql/data/ghec/schema.docs.graphql
+++ b/src/graphql/data/ghec/schema.docs.graphql
@@ -50840,6 +50840,11 @@ type Repository implements Node & PackageOwner & ProjectOwner & ProjectV2Recent
"""
before: String
+ """
+ A list of capabilities to filter actors by.
+ """
+ capabilities: [RepositorySuggestedActorFilter!]!
+
"""
Returns the first _n_ elements from the list.
"""
@@ -52888,6 +52893,21 @@ enum RepositoryRulesetTarget {
TAG
}
+"""
+The possible filters for suggested actors in a repository
+"""
+enum RepositorySuggestedActorFilter {
+ """
+ Actors that can be assigned to issues and pull requests
+ """
+ CAN_BE_ASSIGNED
+
+ """
+ Actors that can be the author of issues and pull requests
+ """
+ CAN_BE_AUTHOR
+}
+
"""
A repository-topic connects a repository to a topic.
"""
diff --git a/src/graphql/data/ghec/schema.json b/src/graphql/data/ghec/schema.json
index de01471a1166..d9790ed5b32c 100644
--- a/src/graphql/data/ghec/schema.json
+++ b/src/graphql/data/ghec/schema.json
@@ -67349,6 +67349,16 @@
"href": "/graphql/reference/scalars#string"
}
},
+ {
+ "name": "capabilities",
+ "description": "A list of capabilities to filter actors by.
",
+ "type": {
+ "name": "[RepositorySuggestedActorFilter!]!",
+ "id": "repositorysuggestedactorfilter",
+ "kind": "enums",
+ "href": "/graphql/reference/enums#repositorysuggestedactorfilter"
+ }
+ },
{
"name": "first",
"description": "Returns the first n elements from the list.
",
@@ -92393,6 +92403,23 @@
}
]
},
+ {
+ "name": "RepositorySuggestedActorFilter",
+ "kind": "enums",
+ "id": "repositorysuggestedactorfilter",
+ "href": "/graphql/reference/enums#repositorysuggestedactorfilter",
+ "description": "The possible filters for suggested actors in a repository.
",
+ "values": [
+ {
+ "name": "CAN_BE_ASSIGNED",
+ "description": "Actors that can be assigned to issues and pull requests.
"
+ },
+ {
+ "name": "CAN_BE_AUTHOR",
+ "description": "Actors that can be the author of issues and pull requests.
"
+ }
+ ]
+ },
{
"name": "RepositoryVisibility",
"kind": "enums",
From 11f2b9fda6218c42a3ca78d99c0e5688c7e2cde1 Mon Sep 17 00:00:00 2001
From: Evan Bonsignori
Date: Tue, 15 Apr 2025 11:56:20 -0700
Subject: [PATCH 2/7] fix bug where search reference would link to wrong page
(#55296)
---
src/search/components/input/SearchOverlay.tsx | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/search/components/input/SearchOverlay.tsx b/src/search/components/input/SearchOverlay.tsx
index ad298a04925d..1c54f0f952ce 100644
--- a/src/search/components/input/SearchOverlay.tsx
+++ b/src/search/components/input/SearchOverlay.tsx
@@ -338,6 +338,9 @@ export function SearchOverlay({
if (searchParams.has('search-overlay-ask-ai')) {
searchParams.delete('search-overlay-ask-ai')
}
+ if (searchParams.has('query')) {
+ searchParams.delete('query')
+ }
router.push(`${selectedOption.url}?${searchParams.toString()}` || '')
onClose()
}
@@ -389,6 +392,9 @@ export function SearchOverlay({
if (searchParams.has('search-overlay-ask-ai')) {
searchParams.delete('search-overlay-ask-ai')
}
+ if (searchParams.has('query')) {
+ searchParams.delete('query')
+ }
window.open(`${url}?${searchParams.toString()}` || '', '_blank')
}
From 506d3aa81105d4ff717b83df14941ea13e025da3 Mon Sep 17 00:00:00 2001
From: Kate Catlin
Date: Tue, 15 Apr 2025 12:32:51 -0700
Subject: [PATCH 3/7] Update automatic-token-authentication.md (#55278)
---
.../security-guides/automatic-token-authentication.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md b/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md
index e4329489d70b..9d2f7e25c42b 100644
--- a/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md
+++ b/content/actions/security-for-github-actions/security-guides/automatic-token-authentication.md
@@ -92,6 +92,7 @@ The following table shows the permissions granted to the `GITHUB_TOKEN` by defau
| {% endif %} |
| issues | read/write | none | read |
| metadata | read | read | read |
+| models | read | none | none |
| packages | read/write | read | read |
| pages | read/write | none | read |
| pull-requests | read/write | none | read |
From 4c624e4785bbfa502d9327c41c80a034979e06d1 Mon Sep 17 00:00:00 2001
From: Evan Bonsignori
Date: Tue, 15 Apr 2025 12:53:30 -0700
Subject: [PATCH 4/7] fix keyboard related copilot search bugs (#55297)
---
src/search/components/input/SearchOverlay.tsx | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/search/components/input/SearchOverlay.tsx b/src/search/components/input/SearchOverlay.tsx
index 1c54f0f952ce..e8497173d944 100644
--- a/src/search/components/input/SearchOverlay.tsx
+++ b/src/search/components/input/SearchOverlay.tsx
@@ -471,8 +471,11 @@ export function SearchOverlay({
selectedIndex < combinedOptions.length
) {
const selectedItem = combinedOptions[selectedIndex]
+ if (!selectedItem) {
+ return
+ }
let action = () => {} // Execute the action after we send the event
- if (selectedItem.group === 'general') {
+ if (selectedItem?.group === 'general') {
if (
(selectedItem.option as GeneralSearchHitWithOptions).isViewAllResults ||
(selectedItem.option as GeneralSearchHitWithOptions).isSearchDocsOption
@@ -483,10 +486,10 @@ export function SearchOverlay({
pressedOnContext = 'general-option'
action = () => generalSearchResultOnSelect(selectedItem.option as GeneralSearchHit)
}
- } else if (selectedItem.group === 'ai') {
+ } else if (selectedItem?.group === 'ai') {
pressedOnContext = 'ai-option'
action = () => aiSearchOptionOnSelect(selectedItem.option as AutocompleteSearchHit)
- } else if (selectedItem.group === 'reference') {
+ } else if (selectedItem?.group === 'reference') {
// On a reference select, we are in the Ask AI State / Screen
pressedGroupKey = ASK_AI_EVENT_GROUP
pressedGroupId = askAIEventGroupId
@@ -509,6 +512,8 @@ export function SearchOverlay({
'search-overlay-ask-ai': '',
'search-overlay-input': urlSearchInputQuery,
})
+ // Focus the search input
+ inputRef.current?.focus()
}
// We render the AI Result in the searchGroups call, so we pass the props down via an object
@@ -681,7 +686,7 @@ export function SearchOverlay({
aria-expanded={combinedOptions.length > 0}
aria-activedescendant={
selectedIndex >= 0
- ? `search-option-${combinedOptions[selectedIndex].group}-${selectedIndex}`
+ ? `search-option-${combinedOptions[selectedIndex]?.group}-${selectedIndex}`
: undefined
}
onKeyDown={handleKeyDown}
From e9b3891ed9c18c7d685cc7d2d27769b790467860 Mon Sep 17 00:00:00 2001
From: Tadas Labudis
Date: Tue, 15 Apr 2025 21:01:16 +0100
Subject: [PATCH 5/7] Added warning about automatic watching deprecation
(#55283)
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
---
.../configuring-notifications.md | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md
index 42ec698c92d4..ea0c51ca39b2 100644
--- a/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md
+++ b/content/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications.md
@@ -160,6 +160,17 @@ The `reply-to` address on each email notification identifies the thread and the
## Automatic watching
+
+
+
+
+{% ifversion fpt or ghec %}
+
+>[!WARNING] Starting May 18, 2025, {% data variables.product.company_short %} will deprecate automatic watching of repositories and teams. Existing subscriptions will remain unaffected, ensuring you can stay subscribed to repositories or teams that you were previously watching.
+
+{% endif %}
+
+
By default, anytime you gain access to a new repository, you will automatically begin watching that repository. Anytime you join a new team, you will automatically be subscribed to updates and receive notifications when that team is @mentioned. If you don't want to automatically be subscribed, you can unselect the automatic watching options in your notification settings.
{% ifversion update-notification-settings-22 %}
From 7bbc276e3fb1518e08598ed01e0063227e4412b4 Mon Sep 17 00:00:00 2001
From: Cody Soyland
Date: Tue, 15 Apr 2025 16:09:11 -0400
Subject: [PATCH 6/7] Artifact attestations: update policy-controller version
number (#55289)
Signed-off-by: Cody Soyland
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
---
...act-attestations-with-a-kubernetes-admission-controller.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md b/content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md
index 01a913b94008..011145a7e32a 100644
--- a/content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md
+++ b/content/actions/security-for-github-actions/using-artifact-attestations/enforcing-artifact-attestations-with-a-kubernetes-admission-controller.md
@@ -55,7 +55,7 @@ First, install the Helm chart that deploys the Sigstore Policy Controller:
helm upgrade policy-controller --install --atomic \
--create-namespace --namespace artifact-attestations \
oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller \
- --version v0.12.0-github10
+ --version v0.12.0-github12
```
This installs the Policy Controller into the `artifact-attestations` namespace. At this point, no policies have been configured, and it will not enforce any attestations.
@@ -139,7 +139,7 @@ To see the full set of options you may configure with the Helm chart, you can ru
For policy controller options:
```bash copy
-helm show values oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller --version v0.12.0-github10
+helm show values oci://ghcr.io/github/artifact-attestations-helm-charts/policy-controller --version v0.12.0-github12
```
For trust policy options:
From da6b6ec4bd3b2374e0c7fa1c6bc0cc50486780d2 Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Tue, 15 Apr 2025 13:14:35 -0700
Subject: [PATCH 7/7] Update audit log event data (#55291)
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
---
src/audit-logs/data/fpt/organization.json | 10 ++++++++++
src/audit-logs/data/ghec/enterprise.json | 14 ++++++++++++--
src/audit-logs/data/ghec/organization.json | 10 ++++++++++
src/audit-logs/data/ghes-3.16/enterprise.json | 2 +-
src/audit-logs/data/ghes-3.17/enterprise.json | 4 ++--
src/audit-logs/lib/config.json | 5 ++---
6 files changed, 37 insertions(+), 8 deletions(-)
diff --git a/src/audit-logs/data/fpt/organization.json b/src/audit-logs/data/fpt/organization.json
index 2dee7b9c700d..68e28a40bede 100644
--- a/src/audit-logs/data/fpt/organization.json
+++ b/src/audit-logs/data/fpt/organization.json
@@ -2814,6 +2814,16 @@
"description": "Branch protections were enabled for this repository.",
"docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule"
},
+ {
+ "action": "repository_code_security.disable",
+ "description": "Code security was disabled for a repository.",
+ "docs_reference_links": "N/A"
+ },
+ {
+ "action": "repository_code_security.enable",
+ "description": "Code security was enabled for a repository.",
+ "docs_reference_links": "N/A"
+ },
{
"action": "repository_content_analysis.disable",
"description": "Data use settings were disabled for a private repository.",
diff --git a/src/audit-logs/data/ghec/enterprise.json b/src/audit-logs/data/ghec/enterprise.json
index 3b13290462cd..1323f178dbc3 100644
--- a/src/audit-logs/data/ghec/enterprise.json
+++ b/src/audit-logs/data/ghec/enterprise.json
@@ -222,12 +222,12 @@
{
"action": "business.code_scanning_autofix_third_party_tools_policy_update",
"description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
- "docs_reference_links": "N/A"
+ "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
},
{
"action": "business.code_security_enablement_policy_update",
"description": "The policy for Code Security enablement was updated for an enterprise.",
- "docs_reference_links": "N/A"
+ "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
},
{
"action": "business.connect_usage_metrics_export",
@@ -3569,6 +3569,16 @@
"description": "Branch protections were enabled for this repository.",
"docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule"
},
+ {
+ "action": "repository_code_security.disable",
+ "description": "Code security was disabled for a repository.",
+ "docs_reference_links": "N/A"
+ },
+ {
+ "action": "repository_code_security.enable",
+ "description": "Code security was enabled for a repository.",
+ "docs_reference_links": "N/A"
+ },
{
"action": "repository_content_analysis.disable",
"description": "Data use settings were disabled for a private repository.",
diff --git a/src/audit-logs/data/ghec/organization.json b/src/audit-logs/data/ghec/organization.json
index 2dee7b9c700d..68e28a40bede 100644
--- a/src/audit-logs/data/ghec/organization.json
+++ b/src/audit-logs/data/ghec/organization.json
@@ -2814,6 +2814,16 @@
"description": "Branch protections were enabled for this repository.",
"docs_reference_links": "/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule"
},
+ {
+ "action": "repository_code_security.disable",
+ "description": "Code security was disabled for a repository.",
+ "docs_reference_links": "N/A"
+ },
+ {
+ "action": "repository_code_security.enable",
+ "description": "Code security was enabled for a repository.",
+ "docs_reference_links": "N/A"
+ },
{
"action": "repository_content_analysis.disable",
"description": "Data use settings were disabled for a private repository.",
diff --git a/src/audit-logs/data/ghes-3.16/enterprise.json b/src/audit-logs/data/ghes-3.16/enterprise.json
index 1092fcdfe504..cf6efb0cb729 100644
--- a/src/audit-logs/data/ghes-3.16/enterprise.json
+++ b/src/audit-logs/data/ghes-3.16/enterprise.json
@@ -167,7 +167,7 @@
{
"action": "business.code_scanning_autofix_third_party_tools_policy_update",
"description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
- "docs_reference_links": "N/A"
+ "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
},
{
"action": "business.create",
diff --git a/src/audit-logs/data/ghes-3.17/enterprise.json b/src/audit-logs/data/ghes-3.17/enterprise.json
index 84550f9998b8..a370c871da7b 100644
--- a/src/audit-logs/data/ghes-3.17/enterprise.json
+++ b/src/audit-logs/data/ghes-3.17/enterprise.json
@@ -167,12 +167,12 @@
{
"action": "business.code_scanning_autofix_third_party_tools_policy_update",
"description": "The policy for Code scanning autofix third party tools was updated for an enterprise.",
- "docs_reference_links": "N/A"
+ "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
},
{
"action": "business.code_security_enablement_policy_update",
"description": "The policy for Code Security enablement was updated for an enterprise.",
- "docs_reference_links": "N/A"
+ "docs_reference_links": "/code-security/getting-started/github-security-features#available-with-github-code-security"
},
{
"action": "business.create",
diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json
index 4686e3525b1a..bfb65863b400 100644
--- a/src/audit-logs/lib/config.json
+++ b/src/audit-logs/lib/config.json
@@ -3,6 +3,5 @@
"apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
"apiRequestEvent": "This event is only available via audit log streaming."
},
- "sha": "d6aa2c08e5ced4ad92d2d6563fabaa683a9a7663"
-}
-
+ "sha": "ae4d8faa66c3986541a6db3a45bcf66e839fd773"
+}
\ No newline at end of file