From 2505e7a5ecc65d80a4f4032f50d0ceb5971d9669 Mon Sep 17 00:00:00 2001 From: Miri Yehezkel Date: Tue, 16 Jul 2024 11:16:03 +0300 Subject: [PATCH] feat: auth for GitHub Server App feat: github-server-app list installations for the authenticated app fix: remove endpoints not supported by GitHub App APIs not supporting Installation access token are not used fix: add auth to more calls such as graphQL feat: remove raw endpoints deom default filters fix: default validations for GHSA --- config.default.json | 4 +- defaultFilters/github-server-app.json | 1090 +++++++++++++++++++------ 2 files changed, 837 insertions(+), 257 deletions(-) diff --git a/config.default.json b/config.default.json index f47406941..2a9d5534f 100644 --- a/config.default.json +++ b/config.default.json @@ -228,11 +228,11 @@ "github-server-app": { "validations": [ { - "url": "https://$GITHUB_API/user", + "url": "https://$GITHUB_API/installation/repositories?per_page=1&page=1", "auth": { "type": "header", "name": "Authorization", - "value": "token $GITHUB_TOKEN" + "value": "Bearer $ACCESS_TOKEN" } } ], diff --git a/defaultFilters/github-server-app.json b/defaultFilters/github-server-app.json index 66c28f65c..8272ae451 100644 --- a/defaultFilters/github-server-app.json +++ b/defaultFilters/github-server-app.json @@ -299,6 +299,16 @@ } ], "private": [ + { + "//": "List installations for the authenticated app", + "method": "GET", + "path": "/app/installations/:installationId", + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${JWT_TOKEN}" + } + }, { "//": "look up repositories installation can access", "method": "GET", @@ -313,985 +323,1491 @@ "//": "search for user's repos", "method": "GET", "path": "/search/repositories", - "origin": "https://${GITHUB_API}" - }, - { - "//": "list the user's info, and validate their credentials", - "method": "GET", - "path": "/user", - "origin": "https://${GITHUB_API}" - }, - { - "//": "list the user's orgs", - "method": "GET", - "path": "/user/orgs", - "origin": "https://${GITHUB_API}" - }, - { - "//": "list the logged in user's repos", - "method": "GET", - "path": "/user/repos", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "list a user's repos", "method": "GET", "path": "/users/:username/repos", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "list an orgs's repos", "method": "GET", "path": "/orgs/:username/repos", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get a user's repo", "method": "GET", "path": "/repos/:user/:repo", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "rate limit check", "method": "GET", "path": "/rate_limit", - "origin": "https://x-access-token:${ACCESS_TOKEN}@${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "allow meta lookup on the api version", "method": "GET", "path": "/", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "allow webhooks to be added, to allow commits to be checked by Snyk. Rules for what is sent to Snyk are controlled in the `public` accept filters", "method": "POST", "path": "/repos/:user/:repo/hooks", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "allow webhooks to be deleted, used to cleanup when a user deactivates or deletes a project", "method": "DELETE", "path": "/repos/:owner/:repo/hooks/:id", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to create commit status messages", "method": "POST", "path": "/repos/:user/:repo/statuses/:sha", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to list branches on a repo", "method": "GET", "path": "/repos/:user/:repo/branches", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to get branch info", "method": "GET", "path": "/repos/:user/:repo/branches/:branch", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to get status checks on a branch", "method": "GET", "path": "/repos/:user/:repo/branches/:branch/protection/required_status_checks/contexts", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to create status checks on a branch", "method": "POST", "path": "/repos/:user/:repo/branches/:branch/protection/required_status_checks/contexts", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to delete status checks on a branch", "method": "DELETE", "path": "/repos/:user/:repo/branches/:branch/protection/required_status_checks/contexts", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "check if repo is public", "method": "GET", "path": "/:user/:repo", - "origin": "https://${GITHUB}" + "origin": "https://${GITHUB}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/package.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fpackage.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/package-lock.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fpackage-lock.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Gemfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FGemfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Gemfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FGemfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/pom.xml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fpom.xml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/*req*.txt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2F*req*.txt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/requirements/*.txt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Frequirements%2F*.txt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/pyproject.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fpyproject.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/poetry.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fpoetry.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/yarn.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fyarn.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/build.gradle", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fbuild.gradle", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/gradle.lockfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fgradle.lockfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/gradle.properties", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fgradle.properties", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Packages.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FPackages.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Directory.Build.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FDirectory.Build.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Directory.Build.targets", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FDirectory.Build.targets", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/build.sbt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fbuild.sbt", - "origin": "https://${GITHUB_API}" - }, + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } + }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/packages.config", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fpackages.config", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/*.csproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2F*.csproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/*.fsproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2F*.fsproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/*.vbproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2F*.vbproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/project.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fproject.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Gopkg.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FGopkg.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Gopkg.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FGopkg.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/vendor.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fvendor.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/composer.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fcomposer.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/composer.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fcomposer.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/project.assets.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fproject.assets.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Podfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FPodfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/Podfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2FPodfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/go.mod", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fgo.mod", - "origin": "https://${GITHUB_API}" - }, - { - "//": "used to determine the full dependency tree", - "method": "GET", - "path": "/:name/:repo/:path*/go.mod", - "origin": "https://${GITHUB_RAW}" - }, - { - "//": "used to determine the full dependency tree", - "method": "GET", - "path": "/:name/:repo/:path*%2Fgo.mod", - "origin": "https://${GITHUB_RAW}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/go.sum", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to determine the full dependency tree", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2Fgo.sum", - "origin": "https://${GITHUB_API}" - }, - { - "//": "used to determine the full dependency tree", - "method": "GET", - "path": "/:name/:repo/:path*/go.sum", - "origin": "https://${GITHUB_RAW}" - }, - { - "//": "used to determine the full dependency tree", - "method": "GET", - "path": "/:name/:repo/:path*%2Fgo.sum", - "origin": "https://${GITHUB_RAW}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to scan Dockerfile", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/*Dockerfile*", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to scan Dockerfile", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2F*Dockerfile*", - "origin": "https://${GITHUB_API}" - }, - { - "//": "used to scan Dockerfile", - "method": "GET", - "path": "/:name/:repo/:path*/*Dockerfile*", - "origin": "https://${GITHUB_RAW}" - }, - { - "//": "used to scan Dockerfile", - "method": "GET", - "path": "/:name/:repo/:path*%2F*Dockerfile*", - "origin": "https://${GITHUB_RAW}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/package.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fpackage.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/package-lock.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fpackage-lock.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Gemfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FGemfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Gemfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FGemfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/pom.xml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fpom.xml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/*req*.txt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2F*req*.txt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/pyproject.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fpyproject.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/poetry.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fpoetry.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/yarn.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fyarn.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/build.gradle", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fbuild.gradle", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/gradle.lockfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fgradle.lockfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/gradle.properties", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fgradle.properties", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Packages.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FPackages.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Directory.Build.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FDirectory.Build.props", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Directory.Build.targets", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FDirectory.Build.targets", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/build.sbt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fbuild.sbt", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/packages.config", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fpackages.config", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/*.csproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2F*.csproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/*.fsproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2F*.fsproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/*.vbproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2F*.vbproj", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/project.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fproject.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Gopkg.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FGopkg.toml", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Gopkg.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FGopkg.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/vendor.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fvendor.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/composer.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fcomposer.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/composer.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fcomposer.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/project.assets.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fproject.assets.json", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Podfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FPodfile", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/Podfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2FPodfile.lock", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/go.mod", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fgo.mod", - "origin": "https://${GITHUB_API}" - }, - { - "//": "used to update manifest or lock", - "method": "PUT", - "path": "/:name/:repo/:path*/go.mod", - "origin": "https://${GITHUB_RAW}" - }, - { - "//": "used to update manifest or lock", - "method": "PUT", - "path": "/:name/:repo/:path*%2Fgo.mod", - "origin": "https://${GITHUB_RAW}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/go.sum", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update manifest or lock", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2Fgo.sum", - "origin": "https://${GITHUB_API}" - }, - { - "//": "used to update manifest or lock", - "method": "PUT", - "path": "/:name/:repo/:path*/go.sum", - "origin": "https://${GITHUB_RAW}" - }, - { - "//": "used to update manifest or lock", - "method": "PUT", - "path": "/:name/:repo/:path*%2Fgo.sum", - "origin": "https://${GITHUB_RAW}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to write or update ignore rules or existing patches", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/.snyk", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to write or update ignore rules or existing patches", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2F.snyk", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update Dockerfile", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*/*Dockerfile*", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to update Dockerfile", "method": "PUT", "path": "/repos/:name/:repo/contents/:path*%2F*Dockerfile*", - "origin": "https://${GITHUB_API}" - }, - { - "//": "used to update Dockerfile", - "method": "PUT", - "path": "/:name/:repo/:path*/*Dockerfile*", - "origin": "https://${GITHUB_RAW}" - }, - { - "//": "used to update Dockerfile", - "method": "PUT", - "path": "/:name/:repo/:path*%2F*Dockerfile*", - "origin": "https://${GITHUB_RAW}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to check if there's any ignore rules or existing patches", "method": "GET", "path": "/repos/:name/:repo/contents/:path*/.snyk", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to check if there's any ignore rules or existing patches", "method": "GET", "path": "/repos/:name/:repo/contents/:path*%2F.snyk", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get details of the repo", @@ -1308,6 +1824,10 @@ "method": "GET", "path": "/repos/:name/:repo/commits/:ref", "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + }, "valid": [ { "header": "accept", @@ -1321,85 +1841,141 @@ "//": "get a list of all the refs to match find whether an existing PR is open", "method": "GET", "path": "/repos/:name/:repo/git/refs", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get the head commit of an individual ref", "method": "GET", "path": "/repos/:name/:repo/git/refs/heads/:ref", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get the details of an individual ref", "method": "GET", "path": "/repos/:name/:repo/git/refs/:ref", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "compares two commits against each other", "method": "GET", "path": "/repos/:name/:repo/compare/:base...:head", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "search for open snyk pull requests", "method": "GET", "path": "/repos/:name/:repo/pulls", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get pull request data for getting merge sha and tracking PR processing state", "method": "GET", "path": "/repos/:name/:repo/pulls/:pull_number", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get pull request file names", "method": "GET", "path": "/repos/:name/:repo/pulls/:pull_number/files", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "add commit data for new PR", "method": "POST", "path": "/repos/:name/:repo/git/refs", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "create the pull request", "method": "POST", "path": "/repos/:name/:repo/pulls", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "add pull request assignees", "method": "POST", "path": "/repos/:name/:repo/issues/:pull_number/assignees", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "update ref", "method": "PATCH", "path": "/repos/:name/:repo/git/refs/:sha", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "update ref head", "method": "PATCH", "path": "/repos/:name/:repo/git/refs/heads/:ref", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "get list of all files in a repo", "method": "GET", "path": "/repos/:name/:repo/git/trees/:ref", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to get repo's contributors list", "method": "GET", "path": "/repos/:owner/:repo/commits", - "origin": "https://${GITHUB_API}" + "origin": "https://${GITHUB_API}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } }, { "//": "used to redirect requests to snyk git client", @@ -1411,7 +1987,11 @@ "//": "query graphql", "method": "POST", "path": "/graphql", - "origin": "https://${GITHUB_GRAPHQL}" + "origin": "https://${GITHUB_GRAPHQL}", + "auth": { + "scheme": "bearer", + "token": "${ACCESS_TOKEN}" + } } ] } \ No newline at end of file