diff --git a/lib/octokit/client/repositories.rb b/lib/octokit/client/repositories.rb index 8e4479653..ae598377c 100644 --- a/lib/octokit/client/repositories.rb +++ b/lib/octokit/client/repositories.rb @@ -774,6 +774,49 @@ def enable_vulnerability_alerts(repo, options = {}) def disable_vulnerability_alerts(repo, options = {}) boolean_from_response(:delete, "#{Repository.path repo}/vulnerability-alerts", options) end + + # Check to see if automated security fixes are enabled for a repository + # + # The authenticated user must have admin access to the repository. + # + # @param repo [Integer, String, Hash, Repository] A GitHub repository. + # @return [Boolean] True if automated security fixes are enabled, false otherwise. + # @see https://docs.github.com/en/rest/reference/repos#check-if-automated-security-fixes-are-enabled-for-a-repository + # + # @example + # @client.automated_security_fixes_enabled?("octokit/octokit.rb") + def automated_security_fixes_enabled?(repo, options = {}) + response = get "#{Repository.path repo}/automated-security-fixes", options + return response[:enabled] if @last_response.status == 200 + + false + end + + # Enable automated security fixes for a repository + # + # @param repo [Integer, String, Hash, Repository] A GitHub repository. + # @param options [Hash] + # + # @return [Boolean] True if vulnerability alerts enabled, false otherwise. + # @see https://docs.github.com/en/rest/reference/repos#automated-security-fixes + # @example Enable automated security fixes for a repository + # @client.enable_automated_security_fixes("octokit/octokit.rb") + def enable_automated_security_fixes(repo, options = {}) + boolean_from_response(:put, "#{Repository.path repo}/automated-security-fixes", options) + end + + # Disable automated security fixes for a repository + # + # @param repo [Integer, String, Hash, Repository] A GitHub repository. + # @param options [Hash] + # + # @return [Boolean] True if vulnerability alerts disabled, false otherwise. + # @see https://docs.github.com/en/rest/reference/repos#automated-security-fixes + # @example Disable automated security fixes for a repository + # @client.disable_automated_security_fixes("octokit/octokit.rb") + def disable_automated_security_fixes(repo, options = {}) + boolean_from_response(:delete, "#{Repository.path repo}/automated-security-fixes", options) + end end end end diff --git a/spec/cassettes/Octokit_Client_Repositories/_automated_security_fixes_enabled_/returns_false_with_automated_security_fixes_disabled.json b/spec/cassettes/Octokit_Client_Repositories/_automated_security_fixes_enabled_/returns_false_with_automated_security_fixes_disabled.json new file mode 100644 index 000000000..4cb5193db --- /dev/null +++ b/spec/cassettes/Octokit_Client_Repositories/_automated_security_fixes_enabled_/returns_false_with_automated_security_fixes_disabled.json @@ -0,0 +1,229 @@ +{ + "http_interactions": [ + { + "request": { + "method": "delete", + "uri": "https://api.github.com/repos///automated-security-fixes", + "body": { + "encoding": "UTF-8", + "base64_string": "e30=\n" + }, + "headers": { + "Accept": [ + "application/vnd.github.v3+json" + ], + "User-Agent": [ + "Octokit Ruby Gem 9.1.0" + ], + "Content-Type": [ + "application/json" + ], + "Authorization": [ + "token <>" + ], + "Accept-Encoding": [ + "gzip;q=1.0,deflate;q=0.6,identity;q=0.3" + ] + } + }, + "response": { + "status": { + "code": 204, + "message": "No Content" + }, + "headers": { + "Date": [ + "Thu, 18 Jul 2024 13:41:54 GMT" + ], + "X-Oauth-Scopes": [ + "admin:public_key, codespace, gist, read:org, repo" + ], + "X-Accepted-Oauth-Scopes": [ + "repo" + ], + "X-Oauth-Client-Id": [ + "178c6fc778ccc68e1d6a" + ], + "X-Github-Media-Type": [ + "github.v3; format=json" + ], + "X-Github-Api-Version-Selected": [ + "2022-11-28" + ], + "X-Ratelimit-Limit": [ + "5000" + ], + "X-Ratelimit-Remaining": [ + "4894" + ], + "X-Ratelimit-Reset": [ + "1721311964" + ], + "X-Ratelimit-Used": [ + "106" + ], + "X-Ratelimit-Resource": [ + "core" + ], + "Access-Control-Expose-Headers": [ + "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset" + ], + "Access-Control-Allow-Origin": [ + "*" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubdomains; preload" + ], + "X-Frame-Options": [ + "deny" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "X-Xss-Protection": [ + "0" + ], + "Referrer-Policy": [ + "origin-when-cross-origin, strict-origin-when-cross-origin" + ], + "Content-Security-Policy": [ + "default-src 'none'" + ], + "Vary": [ + "Accept-Encoding, Accept, X-Requested-With" + ], + "X-Github-Request-Id": [ + "DA10:39DB3F:20F911E:3DE6752:66991BA1" + ], + "Server": [ + "github.com" + ] + }, + "body": { + "encoding": "UTF-8", + "base64_string": "" + } + }, + "recorded_at": "Thu, 18 Jul 2024 13:41:54 GMT" + }, + { + "request": { + "method": "get", + "uri": "https://api.github.com/repos///automated-security-fixes", + "body": { + "encoding": "US-ASCII", + "base64_string": "" + }, + "headers": { + "Accept": [ + "application/vnd.github.v3+json" + ], + "User-Agent": [ + "Octokit Ruby Gem 9.1.0" + ], + "Content-Type": [ + "application/json" + ], + "Authorization": [ + "token <>" + ], + "Accept-Encoding": [ + "gzip;q=1.0,deflate;q=0.6,identity;q=0.3" + ] + } + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "Date": [ + "Thu, 18 Jul 2024 13:41:54 GMT" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Cache-Control": [ + "private, max-age=60, s-maxage=60" + ], + "Vary": [ + "Accept, Authorization, Cookie, X-GitHub-OTP,Accept-Encoding, Accept, X-Requested-With" + ], + "Etag": [ + "W/\"7a86f4321c1d0f17a11c8d0a1c1105f6bda69697bfd035b8d50a6cda1e17c5a6\"" + ], + "X-Oauth-Scopes": [ + "admin:public_key, codespace, gist, read:org, repo" + ], + "X-Accepted-Oauth-Scopes": [ + "repo" + ], + "X-Oauth-Client-Id": [ + "178c6fc778ccc68e1d6a" + ], + "X-Github-Media-Type": [ + "github.v3; format=json" + ], + "X-Github-Api-Version-Selected": [ + "2022-11-28" + ], + "X-Ratelimit-Limit": [ + "5000" + ], + "X-Ratelimit-Remaining": [ + "4891" + ], + "X-Ratelimit-Reset": [ + "1721311964" + ], + "X-Ratelimit-Used": [ + "109" + ], + "X-Ratelimit-Resource": [ + "core" + ], + "Access-Control-Expose-Headers": [ + "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset" + ], + "Access-Control-Allow-Origin": [ + "*" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubdomains; preload" + ], + "X-Frame-Options": [ + "deny" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "X-Xss-Protection": [ + "0" + ], + "Referrer-Policy": [ + "origin-when-cross-origin, strict-origin-when-cross-origin" + ], + "Content-Security-Policy": [ + "default-src 'none'" + ], + "Transfer-Encoding": [ + "chunked" + ], + "X-Github-Request-Id": [ + "DA13:209DFA:411CDC6:78D2A89:66991BA2" + ], + "Server": [ + "github.com" + ] + }, + "body": { + "encoding": "ASCII-8BIT", + "base64_string": "eyJlbmFibGVkIjpmYWxzZSwicGF1c2VkIjpmYWxzZX0=\n" + } + }, + "recorded_at": "Thu, 18 Jul 2024 13:41:54 GMT" + } + ], + "recorded_with": "VCR 6.2.0" +} \ No newline at end of file diff --git a/spec/cassettes/Octokit_Client_Repositories/_automated_security_fixes_enabled_/returns_true_when_automated_security_fixes_are_enabled.json b/spec/cassettes/Octokit_Client_Repositories/_automated_security_fixes_enabled_/returns_true_when_automated_security_fixes_are_enabled.json new file mode 100644 index 000000000..c6dfd1793 --- /dev/null +++ b/spec/cassettes/Octokit_Client_Repositories/_automated_security_fixes_enabled_/returns_true_when_automated_security_fixes_are_enabled.json @@ -0,0 +1,229 @@ +{ + "http_interactions": [ + { + "request": { + "method": "put", + "uri": "https://api.github.com/repos///automated-security-fixes", + "body": { + "encoding": "UTF-8", + "base64_string": "e30=\n" + }, + "headers": { + "Accept": [ + "application/vnd.github.v3+json" + ], + "User-Agent": [ + "Octokit Ruby Gem 9.1.0" + ], + "Content-Type": [ + "application/json" + ], + "Authorization": [ + "token <>" + ], + "Accept-Encoding": [ + "gzip;q=1.0,deflate;q=0.6,identity;q=0.3" + ] + } + }, + "response": { + "status": { + "code": 204, + "message": "No Content" + }, + "headers": { + "Date": [ + "Thu, 18 Jul 2024 13:41:38 GMT" + ], + "X-Oauth-Scopes": [ + "admin:public_key, codespace, gist, read:org, repo" + ], + "X-Accepted-Oauth-Scopes": [ + "repo" + ], + "X-Oauth-Client-Id": [ + "178c6fc778ccc68e1d6a" + ], + "X-Github-Media-Type": [ + "github.v3; format=json" + ], + "X-Github-Api-Version-Selected": [ + "2022-11-28" + ], + "X-Ratelimit-Limit": [ + "5000" + ], + "X-Ratelimit-Remaining": [ + "4900" + ], + "X-Ratelimit-Reset": [ + "1721311964" + ], + "X-Ratelimit-Used": [ + "100" + ], + "X-Ratelimit-Resource": [ + "core" + ], + "Access-Control-Expose-Headers": [ + "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset" + ], + "Access-Control-Allow-Origin": [ + "*" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubdomains; preload" + ], + "X-Frame-Options": [ + "deny" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "X-Xss-Protection": [ + "0" + ], + "Referrer-Policy": [ + "origin-when-cross-origin, strict-origin-when-cross-origin" + ], + "Content-Security-Policy": [ + "default-src 'none'" + ], + "Vary": [ + "Accept-Encoding, Accept, X-Requested-With" + ], + "X-Github-Request-Id": [ + "DA06:307B49:219DF39:3F47174:66991B92" + ], + "Server": [ + "github.com" + ] + }, + "body": { + "encoding": "UTF-8", + "base64_string": "" + } + }, + "recorded_at": "Thu, 18 Jul 2024 13:41:38 GMT" + }, + { + "request": { + "method": "get", + "uri": "https://api.github.com/repos///automated-security-fixes", + "body": { + "encoding": "US-ASCII", + "base64_string": "" + }, + "headers": { + "Accept": [ + "application/vnd.github.v3+json" + ], + "User-Agent": [ + "Octokit Ruby Gem 9.1.0" + ], + "Content-Type": [ + "application/json" + ], + "Authorization": [ + "token <>" + ], + "Accept-Encoding": [ + "gzip;q=1.0,deflate;q=0.6,identity;q=0.3" + ] + } + }, + "response": { + "status": { + "code": 200, + "message": "OK" + }, + "headers": { + "Date": [ + "Thu, 18 Jul 2024 13:41:39 GMT" + ], + "Content-Type": [ + "application/json; charset=utf-8" + ], + "Cache-Control": [ + "private, max-age=60, s-maxage=60" + ], + "Vary": [ + "Accept, Authorization, Cookie, X-GitHub-OTP,Accept-Encoding, Accept, X-Requested-With" + ], + "Etag": [ + "W/\"c1017bef99473260bb4a77e5bbf50af9cb7623bcb9c42ea3b4d06941dddb5a57\"" + ], + "X-Oauth-Scopes": [ + "admin:public_key, codespace, gist, read:org, repo" + ], + "X-Accepted-Oauth-Scopes": [ + "repo" + ], + "X-Oauth-Client-Id": [ + "178c6fc778ccc68e1d6a" + ], + "X-Github-Media-Type": [ + "github.v3; format=json" + ], + "X-Github-Api-Version-Selected": [ + "2022-11-28" + ], + "X-Ratelimit-Limit": [ + "5000" + ], + "X-Ratelimit-Remaining": [ + "4897" + ], + "X-Ratelimit-Reset": [ + "1721311964" + ], + "X-Ratelimit-Used": [ + "103" + ], + "X-Ratelimit-Resource": [ + "core" + ], + "Access-Control-Expose-Headers": [ + "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset" + ], + "Access-Control-Allow-Origin": [ + "*" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubdomains; preload" + ], + "X-Frame-Options": [ + "deny" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "X-Xss-Protection": [ + "0" + ], + "Referrer-Policy": [ + "origin-when-cross-origin, strict-origin-when-cross-origin" + ], + "Content-Security-Policy": [ + "default-src 'none'" + ], + "Transfer-Encoding": [ + "chunked" + ], + "X-Github-Request-Id": [ + "DA0B:307B49:219E2A7:3F47802:66991B93" + ], + "Server": [ + "github.com" + ] + }, + "body": { + "encoding": "ASCII-8BIT", + "base64_string": "eyJlbmFibGVkIjp0cnVlLCJwYXVzZWQiOmZhbHNlfQ==\n" + } + }, + "recorded_at": "Thu, 18 Jul 2024 13:41:39 GMT" + } + ], + "recorded_with": "VCR 6.2.0" +} \ No newline at end of file diff --git a/spec/cassettes/Octokit_Client_Repositories/_disable_automated_security_fixes/disables_automated_security_fixes_for_the_repository.json b/spec/cassettes/Octokit_Client_Repositories/_disable_automated_security_fixes/disables_automated_security_fixes_for_the_repository.json new file mode 100644 index 000000000..2cd56ff8a --- /dev/null +++ b/spec/cassettes/Octokit_Client_Repositories/_disable_automated_security_fixes/disables_automated_security_fixes_for_the_repository.json @@ -0,0 +1,111 @@ +{ + "http_interactions": [ + { + "request": { + "method": "delete", + "uri": "https://api.github.com/repos///automated-security-fixes", + "body": { + "encoding": "UTF-8", + "base64_string": "e30=\n" + }, + "headers": { + "Accept": [ + "application/vnd.github.v3+json" + ], + "User-Agent": [ + "Octokit Ruby Gem 9.1.0" + ], + "Content-Type": [ + "application/json" + ], + "Authorization": [ + "token <>" + ], + "Accept-Encoding": [ + "gzip;q=1.0,deflate;q=0.6,identity;q=0.3" + ] + } + }, + "response": { + "status": { + "code": 204, + "message": "No Content" + }, + "headers": { + "Date": [ + "Thu, 18 Jul 2024 13:42:37 GMT" + ], + "X-Oauth-Scopes": [ + "admin:public_key, codespace, gist, read:org, repo" + ], + "X-Accepted-Oauth-Scopes": [ + "repo" + ], + "X-Oauth-Client-Id": [ + "178c6fc778ccc68e1d6a" + ], + "X-Github-Media-Type": [ + "github.v3; format=json" + ], + "X-Github-Api-Version-Selected": [ + "2022-11-28" + ], + "X-Ratelimit-Limit": [ + "5000" + ], + "X-Ratelimit-Remaining": [ + "4885" + ], + "X-Ratelimit-Reset": [ + "1721311964" + ], + "X-Ratelimit-Used": [ + "115" + ], + "X-Ratelimit-Resource": [ + "core" + ], + "Access-Control-Expose-Headers": [ + "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset" + ], + "Access-Control-Allow-Origin": [ + "*" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubdomains; preload" + ], + "X-Frame-Options": [ + "deny" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "X-Xss-Protection": [ + "0" + ], + "Referrer-Policy": [ + "origin-when-cross-origin, strict-origin-when-cross-origin" + ], + "Content-Security-Policy": [ + "default-src 'none'" + ], + "Vary": [ + "Accept-Encoding, Accept, X-Requested-With" + ], + "X-Github-Request-Id": [ + "DA2A:1CD271:1234B45:231003D:66991BCC" + ], + "Server": [ + "github.com" + ] + }, + "body": { + "encoding": "UTF-8", + "base64_string": "" + } + }, + "recorded_at": "Thu, 18 Jul 2024 13:42:37 GMT" + } + ], + "recorded_with": "VCR 6.2.0" +} \ No newline at end of file diff --git a/spec/cassettes/Octokit_Client_Repositories/_enable_automated_security_fixes/enables_automated_security_fixes_for_the_repository.json b/spec/cassettes/Octokit_Client_Repositories/_enable_automated_security_fixes/enables_automated_security_fixes_for_the_repository.json new file mode 100644 index 000000000..b39710de0 --- /dev/null +++ b/spec/cassettes/Octokit_Client_Repositories/_enable_automated_security_fixes/enables_automated_security_fixes_for_the_repository.json @@ -0,0 +1,111 @@ +{ + "http_interactions": [ + { + "request": { + "method": "put", + "uri": "https://api.github.com/repos///automated-security-fixes", + "body": { + "encoding": "UTF-8", + "base64_string": "e30=\n" + }, + "headers": { + "Accept": [ + "application/vnd.github.v3+json" + ], + "User-Agent": [ + "Octokit Ruby Gem 9.1.0" + ], + "Content-Type": [ + "application/json" + ], + "Authorization": [ + "token <>" + ], + "Accept-Encoding": [ + "gzip;q=1.0,deflate;q=0.6,identity;q=0.3" + ] + } + }, + "response": { + "status": { + "code": 204, + "message": "No Content" + }, + "headers": { + "Date": [ + "Thu, 18 Jul 2024 13:42:24 GMT" + ], + "X-Oauth-Scopes": [ + "admin:public_key, codespace, gist, read:org, repo" + ], + "X-Accepted-Oauth-Scopes": [ + "repo" + ], + "X-Oauth-Client-Id": [ + "178c6fc778ccc68e1d6a" + ], + "X-Github-Media-Type": [ + "github.v3; format=json" + ], + "X-Github-Api-Version-Selected": [ + "2022-11-28" + ], + "X-Ratelimit-Limit": [ + "5000" + ], + "X-Ratelimit-Remaining": [ + "4888" + ], + "X-Ratelimit-Reset": [ + "1721311964" + ], + "X-Ratelimit-Used": [ + "112" + ], + "X-Ratelimit-Resource": [ + "core" + ], + "Access-Control-Expose-Headers": [ + "ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset" + ], + "Access-Control-Allow-Origin": [ + "*" + ], + "Strict-Transport-Security": [ + "max-age=31536000; includeSubdomains; preload" + ], + "X-Frame-Options": [ + "deny" + ], + "X-Content-Type-Options": [ + "nosniff" + ], + "X-Xss-Protection": [ + "0" + ], + "Referrer-Policy": [ + "origin-when-cross-origin, strict-origin-when-cross-origin" + ], + "Content-Security-Policy": [ + "default-src 'none'" + ], + "Vary": [ + "Accept-Encoding, Accept, X-Requested-With" + ], + "X-Github-Request-Id": [ + "DA25:1AD52:11B9514:2215AE5:66991BC0" + ], + "Server": [ + "github.com" + ] + }, + "body": { + "encoding": "UTF-8", + "base64_string": "" + } + }, + "recorded_at": "Thu, 18 Jul 2024 13:42:24 GMT" + } + ], + "recorded_with": "VCR 6.2.0" +} \ No newline at end of file diff --git a/spec/octokit/client/repositories_spec.rb b/spec/octokit/client/repositories_spec.rb index ce5ea21fe..4a83a7ff5 100644 --- a/spec/octokit/client/repositories_spec.rb +++ b/spec/octokit/client/repositories_spec.rb @@ -609,4 +609,38 @@ expect(result).to be true end end # .disable_vulnerability_alerts + + describe '.automated_security_fixes_enabled?', :vcr do + it 'returns true when automated security fixes are enabled' do + @client.enable_automated_security_fixes(@test_repo) + + result = @client.automated_security_fixes_enabled?(@test_repo) + assert_requested :get, github_url("/repos/#{@test_repo}/automated-security-fixes") + expect(result).to be true + end + + it 'returns false with automated security fixes disabled' do + @client.disable_automated_security_fixes(@test_repo) + + result = @client.automated_security_fixes_enabled?(@test_repo) + assert_requested :get, github_url("/repos/#{@test_repo}/automated-security-fixes") + expect(result).to be false + end + end # .automated_security_fixes_enabled? + + describe '.enable_automated_security_fixes', :vcr do + it 'enables automated security fixes for the repository' do + result = @client.enable_automated_security_fixes(@test_repo) + assert_requested :put, github_url("/repos/#{@test_repo}/automated-security-fixes") + expect(result).to be true + end + end # .enable_automated_security_fixes + + describe '.disable_automated_security_fixes', :vcr do + it 'disables automated security fixes for the repository' do + result = @client.disable_automated_security_fixes(@test_repo) + assert_requested :delete, github_url("/repos/#{@test_repo}/automated-security-fixes") + expect(result).to be true + end + end # .disable_automated_security_fixes end