Skip to content

Repo sync #32080

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Mar 13, 2024
Merged

Repo sync #32080

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions ...s/learn-github-packages/configuring-a-packages-access-control-and-visibility.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ If you publish a package in a registry that only supports repository-scoped perm

## Configuring access to packages for your personal account

If you have admin permissions to a package that's scoped to a personal account, you can assign read, write, or admin roles to other users. For more information about these permission roles, see "[Visibility and access permissions for packages](#visibility-and-access-permissions-for-packages)."
If you have admin permissions to a package that's scoped to a personal account, you can assign read, write, or admin roles to other users. For more information about these permission roles, see "[About inheritance of access permissions](#about-inheritance-of-access-permissions)."

If your package is private or internal and scoped to an organization, then you can only give access to other organization members or teams.

Expand All @@ -60,7 +60,7 @@ The selected users will automatically be given access and don't need to accept a

## Configuring access to packages for an organization

If you have admin permissions to a package that is scoped to an organization, you can assign read, write, or admin roles to other users and teams. For more information about these permission roles, see "[Visibility and access permissions for packages](#visibility-and-access-permissions-for-packages)."
If you have admin permissions to a package that is scoped to an organization, you can assign read, write, or admin roles to other users and teams. For more information about these permission roles, see "[About inheritance of access permissions](#about-inheritance-of-access-permissions)."

If your package is private or internal and scoped to an organization, then you can only give access to other organization members or teams.

Expand Down Expand Up @@ -134,7 +134,7 @@ For packages scoped to a personal account or an organization, to ensure that a {
The specified repository does not need to be the repository where the source code for the package is kept. You can give multiple repositories workflow access to a package.

{% ifversion packages-inherit-permissions %}
If you publish a package that is linked to a repository, {% data variables.product.prodname_actions %} workflows in the linked repository automatically get access to the package, unless your organization has disabled the automatic inheritance of access permissions. For more information, see "[About inheritance of access permissions and visibility](#about-inheritance-of-access-permissions-and-visibility)" above.
If you publish a package that is linked to a repository, {% data variables.product.prodname_actions %} workflows in the linked repository automatically get access to the package, unless your organization has disabled the automatic inheritance of access permissions. For more information, see "[About inheritance of access permissions](#about-inheritance-of-access-permissions)" above.
{% endif %}

{% note %}
Expand Down
68 changes: 0 additions & 68 deletions content/rest/activity/feeds.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,72 +14,4 @@ topics:
autogenerated: rest
---

## About {% data variables.product.prodname_dotcom %} feeds

The [Get feeds](#get-feeds) endpoint lists all the feeds available to the authenticated user. You can then get a feed by sending a request to one of the feed URLs.

By default, timeline resources are returned in JSON. You can specify the `application/atom+xml` type in the `Accept` header to return timeline resources in Atom format.

### Example request

To get the feed for GitHub security advisories in Atom format:

curl -H "Accept: application/atom+xml" https://github.com/security-advisories

#### Example response

```shell
HTTP/2 200
```

```xml
<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom"
xmlns:media="http://search.yahoo.com/mrss/"
xml:lang="en-US">
<id>tag:github.com,2008:/security-advisories</id>
<link rel="self" type="application/atom+xml"
href="https://github.com/security-advisories.atom"/>
<title>GitHub Security Advisory Feed</title>
<author>
<name>GitHub</name>
</author>
<updated>2019-01-14T19:34:52Z</updated>
<entry>
<id>tag:github.com,2008:GHSA-abcd-12ab-23cd</id>
<published>2018-07-26T15:14:52Z</published>
<updated>2019-01-14T19:34:52Z</updated>
<title type="html">[GHSA-abcd-12ab-23cd] Moderate
severity vulnerability that affects Octoapp</title>
<category term="NPM"/>
<content type="html">
&lt;p&gt;Octoapp node module before 4.17.5 suffers
from a Modification of Assumed-Immutable Data (MAID)
vulnerability via defaultsDeep, merge, and mergeWith
functions, which allows a malicious user to modify
the prototype of &quot;Object&quot; via
&lt;strong&gt;proto&lt;/strong&gt;, causing the
addition or modification of an existing property
that will exist on all objects.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Affected Packages&lt;/strong&gt;&lt;/p&gt;

&lt;dl&gt;
&lt;dt&gt;Octoapp&lt;/dt&gt;
&lt;dd&gt;Ecosystem: npm&lt;/dd&gt;
&lt;dd&gt;Severity: moderate&lt;/dd&gt;
&lt;dd&gt;Versions: &amp;lt; 4.17.5&lt;/dd&gt;
&lt;dd&gt;Fixed in: 4.17.5&lt;/dd&gt;
&lt;/dl&gt;

&lt;p&gt;&lt;strong&gt;References&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;https://nvd.nist.gov/vuln/detail/CVE-2018-123&lt;/li&gt;
&lt;/ul&gt;

</content>
</entry>
</feed>
```

<!-- Content after this section is automatically generated -->
2 changes: 1 addition & 1 deletion data/reusables/package_registry/auto-inherit-permissions-note.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

{% note %}

**Note:** If you publish a package that is linked to a repository, the package automatically inherits the access permissions of the linked repository, and {% data variables.product.prodname_actions %} workflows in the linked repository automatically get access to the package, unless your organization has disabled automatic inheritance of access permissions. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#about-inheritance-of-access-permissions-and-visibility)."
**Note:** If you publish a package that is linked to a repository, the package automatically inherits the access permissions of the linked repository, and {% data variables.product.prodname_actions %} workflows in the linked repository automatically get access to the package, unless your organization has disabled automatic inheritance of access permissions. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#about-inheritance-of-access-permissions)."

{% endnote %}

Expand Down