@vm0/cli 9.74.1 → 9.74.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +2605 -31
  2. package/package.json +1 -1
package/index.js CHANGED
@@ -47,7 +47,7 @@ if (DSN) {
47
47
  Sentry.init({
48
48
  dsn: DSN,
49
49
  environment: process.env.SENTRY_ENVIRONMENT ?? "production",
50
- release: "9.74.1",
50
+ release: "9.74.2",
51
51
  sendDefaultPii: false,
52
52
  tracesSampleRate: 0,
53
53
  shutdownTimeout: 500,
@@ -66,7 +66,7 @@ if (DSN) {
66
66
  }
67
67
  });
68
68
  Sentry.setContext("cli", {
69
- version: "9.74.1",
69
+ version: "9.74.2",
70
70
  command: process.argv.slice(2).join(" ")
71
71
  });
72
72
  Sentry.setContext("runtime", {
@@ -1024,7 +1024,7 @@ var orgMembersContract = c3.router({
1024
1024
 
1025
1025
  // ../../packages/core/src/contracts/orgs.ts
1026
1026
  var c4 = initContract();
1027
- var orgTierSchema = z7.enum(["free", "pro", "max"]);
1027
+ var orgTierSchema = z7.enum(["free", "pro", "team"]);
1028
1028
  var orgSlugSchema = z7.string().min(3, "Org slug must be at least 3 characters").max(64, "Org slug must be at most 64 characters").regex(
1029
1029
  /^[a-z0-9][a-z0-9-]*[a-z0-9]$|^[a-z0-9]{1,2}$/,
1030
1030
  "Org slug must contain only lowercase letters, numbers, and hyphens, and must start and end with an alphanumeric character"
@@ -1369,7 +1369,7 @@ var agentEventsResponseSchema = z8.object({
1369
1369
  });
1370
1370
  var networkLogEntrySchema = z8.object({
1371
1371
  timestamp: z8.string(),
1372
- type: z8.enum(["http", "tcp"]).optional(),
1372
+ type: z8.string().optional(),
1373
1373
  action: z8.enum(["ALLOW", "DENY"]).optional(),
1374
1374
  host: z8.string().optional(),
1375
1375
  port: z8.number().optional(),
@@ -2039,7 +2039,7 @@ var sandboxOperationSchema = z10.object({
2039
2039
  });
2040
2040
  var networkLogSchema = z10.object({
2041
2041
  timestamp: z10.string(),
2042
- type: z10.enum(["http", "tcp"]).optional(),
2042
+ type: z10.string().optional(),
2043
2043
  action: z10.enum(["ALLOW", "DENY"]).optional(),
2044
2044
  host: z10.string().optional(),
2045
2045
  port: z10.number().optional(),
@@ -2483,20 +2483,7 @@ var VM0_MODEL_TO_PROVIDER = {
2483
2483
  "claude-opus-4.6": {
2484
2484
  concreteType: "anthropic-api-key",
2485
2485
  vendor: "anthropic"
2486
- },
2487
- "kimi-k2.5": { concreteType: "moonshot-api-key", vendor: "moonshot" },
2488
- "kimi-k2-thinking-turbo": {
2489
- concreteType: "moonshot-api-key",
2490
- vendor: "moonshot"
2491
- },
2492
- "kimi-k2-thinking": {
2493
- concreteType: "moonshot-api-key",
2494
- vendor: "moonshot"
2495
- },
2496
- "glm-5": { concreteType: "zai-api-key", vendor: "zai" },
2497
- "glm-4.7": { concreteType: "zai-api-key", vendor: "zai" },
2498
- "glm-4.5-air": { concreteType: "zai-api-key", vendor: "zai" },
2499
- "MiniMax-M2.1": { concreteType: "minimax-api-key", vendor: "minimax" }
2486
+ }
2500
2487
  };
2501
2488
  var MODEL_PROVIDER_TYPES = {
2502
2489
  "claude-code-oauth-token": {
@@ -7211,6 +7198,2574 @@ function resolveFirewallRef(input) {
7211
7198
  return trimmed;
7212
7199
  }
7213
7200
 
7201
+ // ../../packages/core/src/firewalls/github.generated.ts
7202
+ var githubFirewall = {
7203
+ name: "github",
7204
+ description: "GitHub API",
7205
+ placeholders: {
7206
+ GITHUB_TOKEN: "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",
7207
+ GH_TOKEN: "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"
7208
+ },
7209
+ apis: [
7210
+ {
7211
+ base: "https://api.github.com",
7212
+ auth: {
7213
+ headers: {
7214
+ Authorization: "Bearer ${{ secrets.GITHUB_TOKEN }}"
7215
+ }
7216
+ },
7217
+ permissions: [
7218
+ {
7219
+ name: "unrestricted",
7220
+ description: "Allow all endpoints",
7221
+ rules: ["ANY /{path*}"]
7222
+ },
7223
+ {
7224
+ name: "enterprise_teams:read",
7225
+ description: "Enterprise teams",
7226
+ rules: [
7227
+ "GET /enterprises/{enterprise}/teams",
7228
+ "GET /enterprises/{enterprise}/teams/{enterprise-team}/memberships",
7229
+ "GET /enterprises/{enterprise}/teams/{enterprise-team}/memberships/{username}",
7230
+ "GET /enterprises/{enterprise}/teams/{enterprise-team}/organizations",
7231
+ "GET /enterprises/{enterprise}/teams/{enterprise-team}/organizations/{org}",
7232
+ "GET /enterprises/{enterprise}/teams/{team_slug}"
7233
+ ]
7234
+ },
7235
+ {
7236
+ name: "enterprise_teams:write",
7237
+ description: "Enterprise teams",
7238
+ rules: [
7239
+ "POST /enterprises/{enterprise}/teams",
7240
+ "POST /enterprises/{enterprise}/teams/{enterprise-team}/memberships/add",
7241
+ "POST /enterprises/{enterprise}/teams/{enterprise-team}/memberships/remove",
7242
+ "PUT /enterprises/{enterprise}/teams/{enterprise-team}/memberships/{username}",
7243
+ "DELETE /enterprises/{enterprise}/teams/{enterprise-team}/memberships/{username}",
7244
+ "POST /enterprises/{enterprise}/teams/{enterprise-team}/organizations/add",
7245
+ "POST /enterprises/{enterprise}/teams/{enterprise-team}/organizations/remove",
7246
+ "PUT /enterprises/{enterprise}/teams/{enterprise-team}/organizations/{org}",
7247
+ "DELETE /enterprises/{enterprise}/teams/{enterprise-team}/organizations/{org}",
7248
+ "PATCH /enterprises/{enterprise}/teams/{team_slug}",
7249
+ "DELETE /enterprises/{enterprise}/teams/{team_slug}"
7250
+ ]
7251
+ },
7252
+ {
7253
+ name: "organization_api_insights:read",
7254
+ description: "API Insights",
7255
+ rules: [
7256
+ "GET /orgs/{org}/insights/api/route-stats/{actor_type}/{actor_id}",
7257
+ "GET /orgs/{org}/insights/api/subject-stats",
7258
+ "GET /orgs/{org}/insights/api/summary-stats",
7259
+ "GET /orgs/{org}/insights/api/summary-stats/users/{user_id}",
7260
+ "GET /orgs/{org}/insights/api/summary-stats/{actor_type}/{actor_id}",
7261
+ "GET /orgs/{org}/insights/api/time-stats",
7262
+ "GET /orgs/{org}/insights/api/time-stats/users/{user_id}",
7263
+ "GET /orgs/{org}/insights/api/time-stats/{actor_type}/{actor_id}",
7264
+ "GET /orgs/{org}/insights/api/user-stats/{user_id}"
7265
+ ]
7266
+ },
7267
+ {
7268
+ name: "organization_administration:read",
7269
+ description: "Administration",
7270
+ rules: [
7271
+ "GET /organizations/{org}/actions/cache/retention-limit",
7272
+ "GET /organizations/{org}/actions/cache/storage-limit",
7273
+ "GET /organizations/{org}/dependabot/repository-access",
7274
+ "GET /organizations/{org}/settings/billing/budgets",
7275
+ "GET /organizations/{org}/settings/billing/budgets/{budget_id}",
7276
+ "GET /organizations/{org}/settings/billing/premium_request/usage",
7277
+ "GET /organizations/{org}/settings/billing/usage",
7278
+ "GET /organizations/{org}/settings/billing/usage/summary",
7279
+ "GET /orgs/{org}/actions/cache/usage",
7280
+ "GET /orgs/{org}/actions/cache/usage-by-repository",
7281
+ "GET /orgs/{org}/actions/hosted-runners",
7282
+ "GET /orgs/{org}/actions/hosted-runners/images/github-owned",
7283
+ "GET /orgs/{org}/actions/hosted-runners/images/partner",
7284
+ "GET /orgs/{org}/actions/hosted-runners/limits",
7285
+ "GET /orgs/{org}/actions/hosted-runners/machine-sizes",
7286
+ "GET /orgs/{org}/actions/hosted-runners/platforms",
7287
+ "GET /orgs/{org}/actions/hosted-runners/{hosted_runner_id}",
7288
+ "GET /orgs/{org}/actions/oidc/customization/properties/repo",
7289
+ "GET /orgs/{org}/actions/oidc/customization/sub",
7290
+ "GET /orgs/{org}/actions/permissions",
7291
+ "GET /orgs/{org}/actions/permissions/artifact-and-log-retention",
7292
+ "GET /orgs/{org}/actions/permissions/fork-pr-contributor-approval",
7293
+ "GET /orgs/{org}/actions/permissions/fork-pr-workflows-private-repos",
7294
+ "GET /orgs/{org}/actions/permissions/repositories",
7295
+ "GET /orgs/{org}/actions/permissions/selected-actions",
7296
+ "GET /orgs/{org}/actions/permissions/self-hosted-runners",
7297
+ "GET /orgs/{org}/actions/permissions/self-hosted-runners/repositories",
7298
+ "GET /orgs/{org}/actions/permissions/workflow",
7299
+ "GET /orgs/{org}/code-security/configurations",
7300
+ "GET /orgs/{org}/code-security/configurations/defaults",
7301
+ "GET /orgs/{org}/code-security/configurations/{configuration_id}",
7302
+ "GET /orgs/{org}/code-security/configurations/{configuration_id}/repositories",
7303
+ "GET /orgs/{org}/copilot/billing",
7304
+ "GET /orgs/{org}/copilot/billing/seats",
7305
+ "GET /orgs/{org}/copilot/metrics",
7306
+ "GET /orgs/{org}/installations",
7307
+ "GET /orgs/{org}/interaction-limits",
7308
+ "GET /orgs/{org}/members/{username}/copilot",
7309
+ "GET /orgs/{org}/secret-scanning/pattern-configurations",
7310
+ "GET /orgs/{org}/security-managers",
7311
+ "GET /orgs/{org}/settings/immutable-releases",
7312
+ "GET /orgs/{org}/settings/immutable-releases/repositories",
7313
+ "GET /orgs/{org}/team/{team_slug}/copilot/metrics"
7314
+ ]
7315
+ },
7316
+ {
7317
+ name: "organization_administration:write",
7318
+ description: "Administration",
7319
+ rules: [
7320
+ "PUT /organizations/{org}/actions/cache/retention-limit",
7321
+ "PUT /organizations/{org}/actions/cache/storage-limit",
7322
+ "PATCH /organizations/{org}/dependabot/repository-access",
7323
+ "PUT /organizations/{org}/dependabot/repository-access/default-level",
7324
+ "PATCH /organizations/{org}/settings/billing/budgets/{budget_id}",
7325
+ "DELETE /organizations/{org}/settings/billing/budgets/{budget_id}",
7326
+ "PATCH /orgs/{org}",
7327
+ "DELETE /orgs/{org}",
7328
+ "POST /orgs/{org}/actions/hosted-runners",
7329
+ "PATCH /orgs/{org}/actions/hosted-runners/{hosted_runner_id}",
7330
+ "DELETE /orgs/{org}/actions/hosted-runners/{hosted_runner_id}",
7331
+ "POST /orgs/{org}/actions/oidc/customization/properties/repo",
7332
+ "DELETE /orgs/{org}/actions/oidc/customization/properties/repo/{custom_property_name}",
7333
+ "PUT /orgs/{org}/actions/oidc/customization/sub",
7334
+ "PUT /orgs/{org}/actions/permissions",
7335
+ "PUT /orgs/{org}/actions/permissions/artifact-and-log-retention",
7336
+ "PUT /orgs/{org}/actions/permissions/fork-pr-contributor-approval",
7337
+ "PUT /orgs/{org}/actions/permissions/fork-pr-workflows-private-repos",
7338
+ "PUT /orgs/{org}/actions/permissions/repositories",
7339
+ "PUT /orgs/{org}/actions/permissions/repositories/{repository_id}",
7340
+ "DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}",
7341
+ "PUT /orgs/{org}/actions/permissions/selected-actions",
7342
+ "PUT /orgs/{org}/actions/permissions/self-hosted-runners",
7343
+ "PUT /orgs/{org}/actions/permissions/self-hosted-runners/repositories",
7344
+ "PUT /orgs/{org}/actions/permissions/self-hosted-runners/repositories/{repository_id}",
7345
+ "DELETE /orgs/{org}/actions/permissions/self-hosted-runners/repositories/{repository_id}",
7346
+ "PUT /orgs/{org}/actions/permissions/workflow",
7347
+ "POST /orgs/{org}/code-security/configurations",
7348
+ "DELETE /orgs/{org}/code-security/configurations/detach",
7349
+ "PATCH /orgs/{org}/code-security/configurations/{configuration_id}",
7350
+ "DELETE /orgs/{org}/code-security/configurations/{configuration_id}",
7351
+ "POST /orgs/{org}/code-security/configurations/{configuration_id}/attach",
7352
+ "PUT /orgs/{org}/code-security/configurations/{configuration_id}/defaults",
7353
+ "POST /orgs/{org}/copilot/billing/selected_teams",
7354
+ "DELETE /orgs/{org}/copilot/billing/selected_teams",
7355
+ "POST /orgs/{org}/copilot/billing/selected_users",
7356
+ "DELETE /orgs/{org}/copilot/billing/selected_users",
7357
+ "PUT /orgs/{org}/interaction-limits",
7358
+ "DELETE /orgs/{org}/interaction-limits",
7359
+ "GET /orgs/{org}/rulesets",
7360
+ "POST /orgs/{org}/rulesets",
7361
+ "GET /orgs/{org}/rulesets/rule-suites",
7362
+ "GET /orgs/{org}/rulesets/rule-suites/{rule_suite_id}",
7363
+ "GET /orgs/{org}/rulesets/{ruleset_id}",
7364
+ "PUT /orgs/{org}/rulesets/{ruleset_id}",
7365
+ "DELETE /orgs/{org}/rulesets/{ruleset_id}",
7366
+ "GET /orgs/{org}/rulesets/{ruleset_id}/history",
7367
+ "GET /orgs/{org}/rulesets/{ruleset_id}/history/{version_id}",
7368
+ "PATCH /orgs/{org}/secret-scanning/pattern-configurations",
7369
+ "PUT /orgs/{org}/security-managers/teams/{team_slug}",
7370
+ "DELETE /orgs/{org}/security-managers/teams/{team_slug}",
7371
+ "PUT /orgs/{org}/settings/immutable-releases",
7372
+ "PUT /orgs/{org}/settings/immutable-releases/repositories",
7373
+ "PUT /orgs/{org}/settings/immutable-releases/repositories/{repository_id}",
7374
+ "DELETE /orgs/{org}/settings/immutable-releases/repositories/{repository_id}",
7375
+ "POST /orgs/{org}/{security_product}/{enablement}"
7376
+ ]
7377
+ },
7378
+ {
7379
+ name: "organization_user_blocking:read",
7380
+ description: "Blocking users",
7381
+ rules: [
7382
+ "GET /orgs/{org}/blocks",
7383
+ "GET /orgs/{org}/blocks/{username}"
7384
+ ]
7385
+ },
7386
+ {
7387
+ name: "organization_user_blocking:write",
7388
+ description: "Blocking users",
7389
+ rules: [
7390
+ "PUT /orgs/{org}/blocks/{username}",
7391
+ "DELETE /orgs/{org}/blocks/{username}"
7392
+ ]
7393
+ },
7394
+ {
7395
+ name: "organization_campaigns:read",
7396
+ description: "Campaigns",
7397
+ rules: [
7398
+ "GET /orgs/{org}/campaigns",
7399
+ "GET /orgs/{org}/campaigns/{campaign_number}"
7400
+ ]
7401
+ },
7402
+ {
7403
+ name: "organization_campaigns:write",
7404
+ description: "Campaigns",
7405
+ rules: [
7406
+ "POST /orgs/{org}/campaigns",
7407
+ "PATCH /orgs/{org}/campaigns/{campaign_number}",
7408
+ "DELETE /orgs/{org}/campaigns/{campaign_number}"
7409
+ ]
7410
+ },
7411
+ {
7412
+ name: "organization_copilot_agent_settings:read",
7413
+ description: "Copilot agent settings",
7414
+ rules: [
7415
+ "GET /orgs/{org}/copilot/coding-agent/permissions",
7416
+ "GET /orgs/{org}/copilot/coding-agent/permissions/repositories"
7417
+ ]
7418
+ },
7419
+ {
7420
+ name: "organization_copilot_agent_settings:write",
7421
+ description: "Copilot agent settings",
7422
+ rules: [
7423
+ "PUT /orgs/{org}/copilot/coding-agent/permissions",
7424
+ "PUT /orgs/{org}/copilot/coding-agent/permissions/repositories",
7425
+ "PUT /orgs/{org}/copilot/coding-agent/permissions/repositories/{repository_id}",
7426
+ "DELETE /orgs/{org}/copilot/coding-agent/permissions/repositories/{repository_id}"
7427
+ ]
7428
+ },
7429
+ {
7430
+ name: "org_copilot_content_exclusion:read",
7431
+ description: "Copilot content exclusion",
7432
+ rules: ["GET /orgs/{org}/copilot/content_exclusion"]
7433
+ },
7434
+ {
7435
+ name: "org_copilot_content_exclusion:write",
7436
+ description: "Copilot content exclusion",
7437
+ rules: ["PUT /orgs/{org}/copilot/content_exclusion"]
7438
+ },
7439
+ {
7440
+ name: "organization_custom_org_roles:read",
7441
+ description: "Custom organization roles",
7442
+ rules: [
7443
+ "GET /orgs/{org}/organization-roles",
7444
+ "GET /orgs/{org}/organization-roles/{role_id}"
7445
+ ]
7446
+ },
7447
+ {
7448
+ name: "organization_custom_properties:read",
7449
+ description: "Custom properties",
7450
+ rules: [
7451
+ "GET /orgs/{org}/properties/schema",
7452
+ "GET /orgs/{org}/properties/schema/{custom_property_name}",
7453
+ "GET /orgs/{org}/properties/values"
7454
+ ]
7455
+ },
7456
+ {
7457
+ name: "organization_custom_properties:admin",
7458
+ description: "Custom properties",
7459
+ rules: [
7460
+ "PATCH /orgs/{org}/properties/schema",
7461
+ "PUT /orgs/{org}/properties/schema/{custom_property_name}",
7462
+ "DELETE /orgs/{org}/properties/schema/{custom_property_name}"
7463
+ ]
7464
+ },
7465
+ {
7466
+ name: "organization_custom_properties:write",
7467
+ description: "Custom properties",
7468
+ rules: ["PATCH /orgs/{org}/properties/values"]
7469
+ },
7470
+ {
7471
+ name: "organization_events:read",
7472
+ description: "Events",
7473
+ rules: ["GET /users/{username}/events/orgs/{org}"]
7474
+ },
7475
+ {
7476
+ name: "organization_copilot_seat_management:read",
7477
+ description: "GitHub Copilot Business",
7478
+ rules: [
7479
+ "GET /orgs/{org}/copilot/billing",
7480
+ "GET /orgs/{org}/copilot/billing/seats",
7481
+ "GET /orgs/{org}/copilot/metrics",
7482
+ "GET /orgs/{org}/members/{username}/copilot",
7483
+ "GET /orgs/{org}/team/{team_slug}/copilot/metrics"
7484
+ ]
7485
+ },
7486
+ {
7487
+ name: "organization_copilot_seat_management:write",
7488
+ description: "GitHub Copilot Business",
7489
+ rules: [
7490
+ "POST /orgs/{org}/copilot/billing/selected_teams",
7491
+ "DELETE /orgs/{org}/copilot/billing/selected_teams",
7492
+ "POST /orgs/{org}/copilot/billing/selected_users",
7493
+ "DELETE /orgs/{org}/copilot/billing/selected_users"
7494
+ ]
7495
+ },
7496
+ {
7497
+ name: "organization_runner_custom_images:read",
7498
+ description: "Hosted runner custom images",
7499
+ rules: [
7500
+ "GET /orgs/{org}/actions/hosted-runners/images/custom",
7501
+ "GET /orgs/{org}/actions/hosted-runners/images/custom/{image_definition_id}",
7502
+ "GET /orgs/{org}/actions/hosted-runners/images/custom/{image_definition_id}/versions",
7503
+ "GET /orgs/{org}/actions/hosted-runners/images/custom/{image_definition_id}/versions/{version}"
7504
+ ]
7505
+ },
7506
+ {
7507
+ name: "organization_runner_custom_images:write",
7508
+ description: "Hosted runner custom images",
7509
+ rules: [
7510
+ "DELETE /orgs/{org}/actions/hosted-runners/images/custom/{image_definition_id}",
7511
+ "DELETE /orgs/{org}/actions/hosted-runners/images/custom/{image_definition_id}/versions/{version}"
7512
+ ]
7513
+ },
7514
+ {
7515
+ name: "issue_fields:read",
7516
+ description: "Issue Fields",
7517
+ rules: ["GET /orgs/{org}/issue-fields"]
7518
+ },
7519
+ {
7520
+ name: "issue_fields:write",
7521
+ description: "Issue Fields",
7522
+ rules: [
7523
+ "POST /orgs/{org}/issue-fields",
7524
+ "PATCH /orgs/{org}/issue-fields/{issue_field_id}",
7525
+ "DELETE /orgs/{org}/issue-fields/{issue_field_id}"
7526
+ ]
7527
+ },
7528
+ {
7529
+ name: "issue_types:read",
7530
+ description: "Issue Types",
7531
+ rules: ["GET /orgs/{org}/issue-types"]
7532
+ },
7533
+ {
7534
+ name: "issue_types:write",
7535
+ description: "Issue Types",
7536
+ rules: [
7537
+ "POST /orgs/{org}/issue-types",
7538
+ "PUT /orgs/{org}/issue-types/{issue_type_id}",
7539
+ "DELETE /orgs/{org}/issue-types/{issue_type_id}"
7540
+ ]
7541
+ },
7542
+ {
7543
+ name: "members:read",
7544
+ description: "Members",
7545
+ rules: [
7546
+ "GET /orgs/{org}/failed_invitations",
7547
+ "GET /orgs/{org}/invitations",
7548
+ "GET /orgs/{org}/invitations/{invitation_id}/teams",
7549
+ "GET /orgs/{org}/members",
7550
+ "GET /orgs/{org}/members/{username}",
7551
+ "GET /orgs/{org}/memberships/{username}",
7552
+ "GET /orgs/{org}/organization-roles/{role_id}/teams",
7553
+ "GET /orgs/{org}/organization-roles/{role_id}/users",
7554
+ "GET /orgs/{org}/outside_collaborators",
7555
+ "GET /orgs/{org}/public_members",
7556
+ "GET /orgs/{org}/public_members/{username}",
7557
+ "GET /orgs/{org}/teams",
7558
+ "GET /orgs/{org}/teams/{team_slug}",
7559
+ "GET /orgs/{org}/teams/{team_slug}/invitations",
7560
+ "GET /orgs/{org}/teams/{team_slug}/members",
7561
+ "GET /orgs/{org}/teams/{team_slug}/memberships/{username}",
7562
+ "GET /orgs/{org}/teams/{team_slug}/repos",
7563
+ "GET /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}",
7564
+ "PUT /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}",
7565
+ "DELETE /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}",
7566
+ "GET /orgs/{org}/teams/{team_slug}/teams",
7567
+ "GET /teams/{team_id}",
7568
+ "GET /teams/{team_id}/invitations",
7569
+ "GET /teams/{team_id}/members",
7570
+ "GET /teams/{team_id}/members/{username}",
7571
+ "GET /teams/{team_id}/memberships/{username}",
7572
+ "GET /teams/{team_id}/repos",
7573
+ "GET /teams/{team_id}/repos/{owner}/{repo}",
7574
+ "PUT /teams/{team_id}/repos/{owner}/{repo}",
7575
+ "DELETE /teams/{team_id}/repos/{owner}/{repo}",
7576
+ "GET /teams/{team_id}/teams",
7577
+ "GET /user/memberships/orgs/{org}"
7578
+ ]
7579
+ },
7580
+ {
7581
+ name: "members:write",
7582
+ description: "Members",
7583
+ rules: [
7584
+ "POST /orgs/{org}/invitations",
7585
+ "DELETE /orgs/{org}/invitations/{invitation_id}",
7586
+ "DELETE /orgs/{org}/members/{username}",
7587
+ "PUT /orgs/{org}/memberships/{username}",
7588
+ "DELETE /orgs/{org}/memberships/{username}",
7589
+ "DELETE /orgs/{org}/organization-roles/teams/{team_slug}",
7590
+ "PUT /orgs/{org}/organization-roles/teams/{team_slug}/{role_id}",
7591
+ "DELETE /orgs/{org}/organization-roles/teams/{team_slug}/{role_id}",
7592
+ "DELETE /orgs/{org}/organization-roles/users/{username}",
7593
+ "PUT /orgs/{org}/organization-roles/users/{username}/{role_id}",
7594
+ "DELETE /orgs/{org}/organization-roles/users/{username}/{role_id}",
7595
+ "PUT /orgs/{org}/outside_collaborators/{username}",
7596
+ "DELETE /orgs/{org}/outside_collaborators/{username}",
7597
+ "PUT /orgs/{org}/public_members/{username}",
7598
+ "DELETE /orgs/{org}/public_members/{username}",
7599
+ "POST /orgs/{org}/teams",
7600
+ "PATCH /orgs/{org}/teams/{team_slug}",
7601
+ "DELETE /orgs/{org}/teams/{team_slug}",
7602
+ "PUT /orgs/{org}/teams/{team_slug}/memberships/{username}",
7603
+ "DELETE /orgs/{org}/teams/{team_slug}/memberships/{username}",
7604
+ "PATCH /teams/{team_id}",
7605
+ "DELETE /teams/{team_id}",
7606
+ "PUT /teams/{team_id}/members/{username}",
7607
+ "DELETE /teams/{team_id}/members/{username}",
7608
+ "PUT /teams/{team_id}/memberships/{username}",
7609
+ "DELETE /teams/{team_id}/memberships/{username}",
7610
+ "PATCH /user/memberships/orgs/{org}"
7611
+ ]
7612
+ },
7613
+ {
7614
+ name: "organization_network_configurations:read",
7615
+ description: "Network configurations",
7616
+ rules: [
7617
+ "GET /orgs/{org}/settings/network-configurations",
7618
+ "GET /orgs/{org}/settings/network-configurations/{network_configuration_id}",
7619
+ "GET /orgs/{org}/settings/network-settings/{network_settings_id}"
7620
+ ]
7621
+ },
7622
+ {
7623
+ name: "organization_network_configurations:write",
7624
+ description: "Network configurations",
7625
+ rules: [
7626
+ "POST /orgs/{org}/settings/network-configurations",
7627
+ "PATCH /orgs/{org}/settings/network-configurations/{network_configuration_id}",
7628
+ "DELETE /orgs/{org}/settings/network-configurations/{network_configuration_id}"
7629
+ ]
7630
+ },
7631
+ {
7632
+ name: "organization_codespaces_secrets:read",
7633
+ description: "Organization codespaces secrets",
7634
+ rules: [
7635
+ "GET /orgs/{org}/codespaces/secrets",
7636
+ "GET /orgs/{org}/codespaces/secrets/public-key",
7637
+ "GET /orgs/{org}/codespaces/secrets/{secret_name}",
7638
+ "GET /orgs/{org}/codespaces/secrets/{secret_name}/repositories"
7639
+ ]
7640
+ },
7641
+ {
7642
+ name: "organization_codespaces_secrets:write",
7643
+ description: "Organization codespaces secrets",
7644
+ rules: [
7645
+ "PUT /orgs/{org}/codespaces/secrets/{secret_name}",
7646
+ "DELETE /orgs/{org}/codespaces/secrets/{secret_name}",
7647
+ "PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories",
7648
+ "PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}",
7649
+ "DELETE /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}"
7650
+ ]
7651
+ },
7652
+ {
7653
+ name: "organization_codespaces_settings:write",
7654
+ description: "Organization codespaces settings",
7655
+ rules: [
7656
+ "PUT /orgs/{org}/codespaces/access",
7657
+ "POST /orgs/{org}/codespaces/access/selected_users",
7658
+ "DELETE /orgs/{org}/codespaces/access/selected_users"
7659
+ ]
7660
+ },
7661
+ {
7662
+ name: "organization_codespaces:read",
7663
+ description: "Organization codespaces",
7664
+ rules: [
7665
+ "GET /orgs/{org}/codespaces",
7666
+ "GET /orgs/{org}/members/{username}/codespaces"
7667
+ ]
7668
+ },
7669
+ {
7670
+ name: "organization_codespaces:write",
7671
+ description: "Organization codespaces",
7672
+ rules: [
7673
+ "DELETE /orgs/{org}/members/{username}/codespaces/{codespace_name}",
7674
+ "POST /orgs/{org}/members/{username}/codespaces/{codespace_name}/stop"
7675
+ ]
7676
+ },
7677
+ {
7678
+ name: "organization_dependabot_secrets:read",
7679
+ description: "Organization dependabot secrets",
7680
+ rules: [
7681
+ "GET /orgs/{org}/dependabot/secrets",
7682
+ "GET /orgs/{org}/dependabot/secrets/public-key",
7683
+ "GET /orgs/{org}/dependabot/secrets/{secret_name}",
7684
+ "GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories"
7685
+ ]
7686
+ },
7687
+ {
7688
+ name: "organization_dependabot_secrets:write",
7689
+ description: "Organization dependabot secrets",
7690
+ rules: [
7691
+ "PUT /orgs/{org}/dependabot/secrets/{secret_name}",
7692
+ "DELETE /orgs/{org}/dependabot/secrets/{secret_name}",
7693
+ "PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories",
7694
+ "PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}",
7695
+ "DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}"
7696
+ ]
7697
+ },
7698
+ {
7699
+ name: "organization_private_registries:read",
7700
+ description: "Organization private registries",
7701
+ rules: [
7702
+ "GET /orgs/{org}/private-registries",
7703
+ "GET /orgs/{org}/private-registries/public-key",
7704
+ "GET /orgs/{org}/private-registries/{secret_name}"
7705
+ ]
7706
+ },
7707
+ {
7708
+ name: "organization_private_registries:write",
7709
+ description: "Organization private registries",
7710
+ rules: [
7711
+ "POST /orgs/{org}/private-registries",
7712
+ "PATCH /orgs/{org}/private-registries/{secret_name}",
7713
+ "DELETE /orgs/{org}/private-registries/{secret_name}"
7714
+ ]
7715
+ },
7716
+ {
7717
+ name: "organization_personal_access_token_requests:read",
7718
+ description: "Personal access token requests",
7719
+ rules: [
7720
+ "GET /orgs/{org}/personal-access-token-requests",
7721
+ "GET /orgs/{org}/personal-access-token-requests/{pat_request_id}/repositories"
7722
+ ]
7723
+ },
7724
+ {
7725
+ name: "organization_personal_access_token_requests:write",
7726
+ description: "Personal access token requests",
7727
+ rules: [
7728
+ "POST /orgs/{org}/personal-access-token-requests",
7729
+ "POST /orgs/{org}/personal-access-token-requests/{pat_request_id}"
7730
+ ]
7731
+ },
7732
+ {
7733
+ name: "organization_personal_access_tokens:read",
7734
+ description: "Personal access tokens",
7735
+ rules: [
7736
+ "GET /orgs/{org}/personal-access-tokens",
7737
+ "GET /orgs/{org}/personal-access-tokens/{pat_id}/repositories"
7738
+ ]
7739
+ },
7740
+ {
7741
+ name: "organization_personal_access_tokens:write",
7742
+ description: "Personal access tokens",
7743
+ rules: [
7744
+ "POST /orgs/{org}/personal-access-tokens",
7745
+ "POST /orgs/{org}/personal-access-tokens/{pat_id}"
7746
+ ]
7747
+ },
7748
+ {
7749
+ name: "organization_projects:read",
7750
+ description: "Projects",
7751
+ rules: [
7752
+ "GET /orgs/{org}/projectsV2",
7753
+ "GET /orgs/{org}/projectsV2/{project_number}",
7754
+ "GET /orgs/{org}/projectsV2/{project_number}/fields",
7755
+ "GET /orgs/{org}/projectsV2/{project_number}/fields/{field_id}",
7756
+ "GET /orgs/{org}/projectsV2/{project_number}/items",
7757
+ "GET /orgs/{org}/projectsV2/{project_number}/items/{item_id}",
7758
+ "GET /orgs/{org}/projectsV2/{project_number}/views/{view_number}/items"
7759
+ ]
7760
+ },
7761
+ {
7762
+ name: "organization_projects:write",
7763
+ description: "Projects",
7764
+ rules: [
7765
+ "POST /orgs/{org}/projectsV2/{project_number}/drafts",
7766
+ "POST /orgs/{org}/projectsV2/{project_number}/fields",
7767
+ "POST /orgs/{org}/projectsV2/{project_number}/items",
7768
+ "PATCH /orgs/{org}/projectsV2/{project_number}/items/{item_id}",
7769
+ "DELETE /orgs/{org}/projectsV2/{project_number}/items/{item_id}",
7770
+ "POST /orgs/{org}/projectsV2/{project_number}/views"
7771
+ ]
7772
+ },
7773
+ {
7774
+ name: "organization_secrets:read",
7775
+ description: "Secrets",
7776
+ rules: [
7777
+ "GET /orgs/{org}/actions/secrets",
7778
+ "GET /orgs/{org}/actions/secrets/public-key",
7779
+ "GET /orgs/{org}/actions/secrets/{secret_name}",
7780
+ "GET /orgs/{org}/actions/secrets/{secret_name}/repositories"
7781
+ ]
7782
+ },
7783
+ {
7784
+ name: "organization_secrets:write",
7785
+ description: "Secrets",
7786
+ rules: [
7787
+ "PUT /orgs/{org}/actions/secrets/{secret_name}",
7788
+ "DELETE /orgs/{org}/actions/secrets/{secret_name}",
7789
+ "PUT /orgs/{org}/actions/secrets/{secret_name}/repositories",
7790
+ "PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}",
7791
+ "DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}"
7792
+ ]
7793
+ },
7794
+ {
7795
+ name: "organization_self_hosted_runners:read",
7796
+ description: "Self-hosted runners",
7797
+ rules: [
7798
+ "GET /orgs/{org}/actions/runner-groups",
7799
+ "GET /orgs/{org}/actions/runner-groups/{runner_group_id}",
7800
+ "GET /orgs/{org}/actions/runner-groups/{runner_group_id}/hosted-runners",
7801
+ "GET /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories",
7802
+ "GET /orgs/{org}/actions/runner-groups/{runner_group_id}/runners",
7803
+ "GET /orgs/{org}/actions/runners",
7804
+ "GET /orgs/{org}/actions/runners/downloads",
7805
+ "GET /orgs/{org}/actions/runners/{runner_id}",
7806
+ "GET /orgs/{org}/actions/runners/{runner_id}/labels"
7807
+ ]
7808
+ },
7809
+ {
7810
+ name: "organization_self_hosted_runners:write",
7811
+ description: "Self-hosted runners",
7812
+ rules: [
7813
+ "POST /orgs/{org}/actions/runner-groups",
7814
+ "PATCH /orgs/{org}/actions/runner-groups/{runner_group_id}",
7815
+ "DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}",
7816
+ "PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories",
7817
+ "PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}",
7818
+ "DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}",
7819
+ "PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners",
7820
+ "PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}",
7821
+ "DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}",
7822
+ "POST /orgs/{org}/actions/runners/generate-jitconfig",
7823
+ "POST /orgs/{org}/actions/runners/registration-token",
7824
+ "POST /orgs/{org}/actions/runners/remove-token",
7825
+ "DELETE /orgs/{org}/actions/runners/{runner_id}",
7826
+ "POST /orgs/{org}/actions/runners/{runner_id}/labels",
7827
+ "PUT /orgs/{org}/actions/runners/{runner_id}/labels",
7828
+ "DELETE /orgs/{org}/actions/runners/{runner_id}/labels",
7829
+ "DELETE /orgs/{org}/actions/runners/{runner_id}/labels/{name}"
7830
+ ]
7831
+ },
7832
+ {
7833
+ name: "organization_actions_variables:read",
7834
+ description: "Variables",
7835
+ rules: [
7836
+ "GET /orgs/{org}/actions/variables",
7837
+ "GET /orgs/{org}/actions/variables/{name}",
7838
+ "GET /orgs/{org}/actions/variables/{name}/repositories"
7839
+ ]
7840
+ },
7841
+ {
7842
+ name: "organization_actions_variables:write",
7843
+ description: "Variables",
7844
+ rules: [
7845
+ "POST /orgs/{org}/actions/variables",
7846
+ "PATCH /orgs/{org}/actions/variables/{name}",
7847
+ "DELETE /orgs/{org}/actions/variables/{name}",
7848
+ "PUT /orgs/{org}/actions/variables/{name}/repositories",
7849
+ "PUT /orgs/{org}/actions/variables/{name}/repositories/{repository_id}",
7850
+ "DELETE /orgs/{org}/actions/variables/{name}/repositories/{repository_id}"
7851
+ ]
7852
+ },
7853
+ {
7854
+ name: "organization_hooks:read",
7855
+ description: "Webhooks",
7856
+ rules: [
7857
+ "GET /orgs/{org}/hooks",
7858
+ "GET /orgs/{org}/hooks/{hook_id}",
7859
+ "GET /orgs/{org}/hooks/{hook_id}/config",
7860
+ "GET /orgs/{org}/hooks/{hook_id}/deliveries",
7861
+ "GET /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}"
7862
+ ]
7863
+ },
7864
+ {
7865
+ name: "organization_hooks:write",
7866
+ description: "Webhooks",
7867
+ rules: [
7868
+ "POST /orgs/{org}/hooks",
7869
+ "PATCH /orgs/{org}/hooks/{hook_id}",
7870
+ "DELETE /orgs/{org}/hooks/{hook_id}",
7871
+ "PATCH /orgs/{org}/hooks/{hook_id}/config",
7872
+ "POST /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}/attempts",
7873
+ "POST /orgs/{org}/hooks/{hook_id}/pings"
7874
+ ]
7875
+ },
7876
+ {
7877
+ name: "actions:read",
7878
+ description: "Actions",
7879
+ rules: [
7880
+ "GET /repos/{owner}/{repo}/actions/artifacts",
7881
+ "GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}",
7882
+ "GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}/{archive_format}",
7883
+ "GET /repos/{owner}/{repo}/actions/cache/storage-limit",
7884
+ "GET /repos/{owner}/{repo}/actions/cache/usage",
7885
+ "GET /repos/{owner}/{repo}/actions/caches",
7886
+ "GET /repos/{owner}/{repo}/actions/jobs/{job_id}",
7887
+ "GET /repos/{owner}/{repo}/actions/jobs/{job_id}/logs",
7888
+ "GET /repos/{owner}/{repo}/actions/oidc/customization/sub",
7889
+ "GET /repos/{owner}/{repo}/actions/runs",
7890
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}",
7891
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/approvals",
7892
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts",
7893
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}",
7894
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/jobs",
7895
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/logs",
7896
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs",
7897
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/logs",
7898
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments",
7899
+ "GET /repos/{owner}/{repo}/actions/runs/{run_id}/timing",
7900
+ "GET /repos/{owner}/{repo}/actions/workflows",
7901
+ "GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}",
7902
+ "GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs",
7903
+ "GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/timing",
7904
+ "GET /repos/{owner}/{repo}/environments",
7905
+ "GET /repos/{owner}/{repo}/environments/{environment_name}",
7906
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies",
7907
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}",
7908
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules",
7909
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}"
7910
+ ]
7911
+ },
7912
+ {
7913
+ name: "actions:write",
7914
+ description: "Actions",
7915
+ rules: [
7916
+ "DELETE /repos/{owner}/{repo}/actions/artifacts/{artifact_id}",
7917
+ "DELETE /repos/{owner}/{repo}/actions/caches",
7918
+ "DELETE /repos/{owner}/{repo}/actions/caches/{cache_id}",
7919
+ "POST /repos/{owner}/{repo}/actions/jobs/{job_id}/rerun",
7920
+ "PUT /repos/{owner}/{repo}/actions/oidc/customization/sub",
7921
+ "DELETE /repos/{owner}/{repo}/actions/runs/{run_id}",
7922
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/approve",
7923
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel",
7924
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/force-cancel",
7925
+ "DELETE /repos/{owner}/{repo}/actions/runs/{run_id}/logs",
7926
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun",
7927
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs",
7928
+ "PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable",
7929
+ "POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches",
7930
+ "PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable"
7931
+ ]
7932
+ },
7933
+ {
7934
+ name: "administration:write",
7935
+ description: "Administration",
7936
+ rules: [
7937
+ "POST /orgs/{org}/repos",
7938
+ "PUT /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}",
7939
+ "DELETE /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}",
7940
+ "PATCH /repos/{owner}/{repo}",
7941
+ "DELETE /repos/{owner}/{repo}",
7942
+ "PUT /repos/{owner}/{repo}/actions/cache/retention-limit",
7943
+ "PUT /repos/{owner}/{repo}/actions/cache/storage-limit",
7944
+ "PUT /repos/{owner}/{repo}/actions/permissions",
7945
+ "PUT /repos/{owner}/{repo}/actions/permissions/access",
7946
+ "PUT /repos/{owner}/{repo}/actions/permissions/artifact-and-log-retention",
7947
+ "PUT /repos/{owner}/{repo}/actions/permissions/fork-pr-contributor-approval",
7948
+ "PUT /repos/{owner}/{repo}/actions/permissions/fork-pr-workflows-private-repos",
7949
+ "PUT /repos/{owner}/{repo}/actions/permissions/selected-actions",
7950
+ "PUT /repos/{owner}/{repo}/actions/permissions/workflow",
7951
+ "POST /repos/{owner}/{repo}/actions/runners/generate-jitconfig",
7952
+ "POST /repos/{owner}/{repo}/actions/runners/registration-token",
7953
+ "POST /repos/{owner}/{repo}/actions/runners/remove-token",
7954
+ "DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}",
7955
+ "POST /repos/{owner}/{repo}/actions/runners/{runner_id}/labels",
7956
+ "PUT /repos/{owner}/{repo}/actions/runners/{runner_id}/labels",
7957
+ "DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels",
7958
+ "DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}/labels/{name}",
7959
+ "POST /repos/{owner}/{repo}/autolinks",
7960
+ "DELETE /repos/{owner}/{repo}/autolinks/{autolink_id}",
7961
+ "PUT /repos/{owner}/{repo}/automated-security-fixes",
7962
+ "DELETE /repos/{owner}/{repo}/automated-security-fixes",
7963
+ "PUT /repos/{owner}/{repo}/branches/{branch}/protection",
7964
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection",
7965
+ "POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins",
7966
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins",
7967
+ "PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews",
7968
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews",
7969
+ "POST /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures",
7970
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures",
7971
+ "PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks",
7972
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks",
7973
+ "POST /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts",
7974
+ "PUT /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts",
7975
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts",
7976
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions",
7977
+ "POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps",
7978
+ "PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps",
7979
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps",
7980
+ "POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams",
7981
+ "PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams",
7982
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams",
7983
+ "POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users",
7984
+ "PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users",
7985
+ "DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users",
7986
+ "PATCH /repos/{owner}/{repo}/code-scanning/default-setup",
7987
+ "PUT /repos/{owner}/{repo}/collaborators/{username}",
7988
+ "DELETE /repos/{owner}/{repo}/collaborators/{username}",
7989
+ "PUT /repos/{owner}/{repo}/environments/{environment_name}",
7990
+ "DELETE /repos/{owner}/{repo}/environments/{environment_name}",
7991
+ "POST /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies",
7992
+ "PUT /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}",
7993
+ "DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}",
7994
+ "POST /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules",
7995
+ "DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}",
7996
+ "POST /repos/{owner}/{repo}/forks",
7997
+ "PUT /repos/{owner}/{repo}/immutable-releases",
7998
+ "DELETE /repos/{owner}/{repo}/immutable-releases",
7999
+ "PUT /repos/{owner}/{repo}/interaction-limits",
8000
+ "DELETE /repos/{owner}/{repo}/interaction-limits",
8001
+ "PATCH /repos/{owner}/{repo}/invitations/{invitation_id}",
8002
+ "DELETE /repos/{owner}/{repo}/invitations/{invitation_id}",
8003
+ "POST /repos/{owner}/{repo}/keys",
8004
+ "DELETE /repos/{owner}/{repo}/keys/{key_id}",
8005
+ "POST /repos/{owner}/{repo}/pages",
8006
+ "PUT /repos/{owner}/{repo}/pages",
8007
+ "DELETE /repos/{owner}/{repo}/pages",
8008
+ "GET /repos/{owner}/{repo}/pages/health",
8009
+ "PUT /repos/{owner}/{repo}/private-vulnerability-reporting",
8010
+ "DELETE /repos/{owner}/{repo}/private-vulnerability-reporting",
8011
+ "POST /repos/{owner}/{repo}/rulesets",
8012
+ "PUT /repos/{owner}/{repo}/rulesets/{ruleset_id}",
8013
+ "DELETE /repos/{owner}/{repo}/rulesets/{ruleset_id}",
8014
+ "GET /repos/{owner}/{repo}/rulesets/{ruleset_id}/history",
8015
+ "GET /repos/{owner}/{repo}/rulesets/{ruleset_id}/history/{version_id}",
8016
+ "POST /repos/{owner}/{repo}/security-advisories/{ghsa_id}/forks",
8017
+ "PUT /repos/{owner}/{repo}/topics",
8018
+ "POST /repos/{owner}/{repo}/transfer",
8019
+ "PUT /repos/{owner}/{repo}/vulnerability-alerts",
8020
+ "DELETE /repos/{owner}/{repo}/vulnerability-alerts",
8021
+ "POST /repos/{template_owner}/{template_repo}/generate",
8022
+ "PUT /teams/{team_id}/repos/{owner}/{repo}",
8023
+ "DELETE /teams/{team_id}/repos/{owner}/{repo}",
8024
+ "POST /user/repos",
8025
+ "PATCH /user/repository_invitations/{invitation_id}",
8026
+ "DELETE /user/repository_invitations/{invitation_id}"
8027
+ ]
8028
+ },
8029
+ {
8030
+ name: "administration:read",
8031
+ description: "Administration",
8032
+ rules: [
8033
+ "GET /repos/{owner}/{repo}/actions/cache/retention-limit",
8034
+ "GET /repos/{owner}/{repo}/actions/permissions",
8035
+ "GET /repos/{owner}/{repo}/actions/permissions/access",
8036
+ "GET /repos/{owner}/{repo}/actions/permissions/artifact-and-log-retention",
8037
+ "GET /repos/{owner}/{repo}/actions/permissions/fork-pr-contributor-approval",
8038
+ "GET /repos/{owner}/{repo}/actions/permissions/fork-pr-workflows-private-repos",
8039
+ "GET /repos/{owner}/{repo}/actions/permissions/selected-actions",
8040
+ "GET /repos/{owner}/{repo}/actions/permissions/workflow",
8041
+ "GET /repos/{owner}/{repo}/actions/runners",
8042
+ "GET /repos/{owner}/{repo}/actions/runners/downloads",
8043
+ "GET /repos/{owner}/{repo}/actions/runners/{runner_id}",
8044
+ "GET /repos/{owner}/{repo}/actions/runners/{runner_id}/labels",
8045
+ "GET /repos/{owner}/{repo}/autolinks",
8046
+ "GET /repos/{owner}/{repo}/autolinks/{autolink_id}",
8047
+ "GET /repos/{owner}/{repo}/automated-security-fixes",
8048
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection",
8049
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins",
8050
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews",
8051
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures",
8052
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks",
8053
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts",
8054
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions",
8055
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps",
8056
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams",
8057
+ "GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users",
8058
+ "GET /repos/{owner}/{repo}/code-scanning/default-setup",
8059
+ "GET /repos/{owner}/{repo}/code-security-configuration",
8060
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/apps",
8061
+ "GET /repos/{owner}/{repo}/immutable-releases",
8062
+ "GET /repos/{owner}/{repo}/interaction-limits",
8063
+ "GET /repos/{owner}/{repo}/invitations",
8064
+ "GET /repos/{owner}/{repo}/keys",
8065
+ "GET /repos/{owner}/{repo}/keys/{key_id}",
8066
+ "GET /repos/{owner}/{repo}/rulesets/rule-suites",
8067
+ "GET /repos/{owner}/{repo}/rulesets/rule-suites/{rule_suite_id}",
8068
+ "GET /repos/{owner}/{repo}/teams",
8069
+ "GET /repos/{owner}/{repo}/traffic/clones",
8070
+ "GET /repos/{owner}/{repo}/traffic/popular/paths",
8071
+ "GET /repos/{owner}/{repo}/traffic/popular/referrers",
8072
+ "GET /repos/{owner}/{repo}/traffic/views",
8073
+ "GET /repos/{owner}/{repo}/vulnerability-alerts",
8074
+ "GET /user/repository_invitations"
8075
+ ]
8076
+ },
8077
+ {
8078
+ name: "artifact_metadata:write",
8079
+ description: "Artifact metadata",
8080
+ rules: [
8081
+ "POST /orgs/{org}/artifacts/metadata/deployment-record",
8082
+ "POST /orgs/{org}/artifacts/metadata/deployment-record/cluster/{cluster}",
8083
+ "POST /orgs/{org}/artifacts/metadata/storage-record"
8084
+ ]
8085
+ },
8086
+ {
8087
+ name: "artifact_metadata:read",
8088
+ description: "Artifact metadata",
8089
+ rules: [
8090
+ "GET /orgs/{org}/artifacts/{subject_digest}/metadata/deployment-records",
8091
+ "GET /orgs/{org}/artifacts/{subject_digest}/metadata/storage-records"
8092
+ ]
8093
+ },
8094
+ {
8095
+ name: "attestations:write",
8096
+ description: "Attestations",
8097
+ rules: [
8098
+ "POST /orgs/{org}/attestations/delete-request",
8099
+ "DELETE /orgs/{org}/attestations/digest/{subject_digest}",
8100
+ "DELETE /orgs/{org}/attestations/{attestation_id}",
8101
+ "POST /repos/{owner}/{repo}/attestations",
8102
+ "POST /users/{username}/attestations/delete-request",
8103
+ "DELETE /users/{username}/attestations/digest/{subject_digest}",
8104
+ "DELETE /users/{username}/attestations/{attestation_id}"
8105
+ ]
8106
+ },
8107
+ {
8108
+ name: "attestations:read",
8109
+ description: "Attestations",
8110
+ rules: [
8111
+ "GET /orgs/{org}/attestations/repositories",
8112
+ "GET /repos/{owner}/{repo}/attestations/{subject_digest}"
8113
+ ]
8114
+ },
8115
+ {
8116
+ name: "checks:write",
8117
+ description: "Checks",
8118
+ rules: [
8119
+ "POST /repos/{owner}/{repo}/check-runs",
8120
+ "PATCH /repos/{owner}/{repo}/check-runs/{check_run_id}",
8121
+ "POST /repos/{owner}/{repo}/check-runs/{check_run_id}/rerequest",
8122
+ "POST /repos/{owner}/{repo}/check-suites",
8123
+ "PATCH /repos/{owner}/{repo}/check-suites/preferences",
8124
+ "POST /repos/{owner}/{repo}/check-suites/{check_suite_id}/rerequest"
8125
+ ]
8126
+ },
8127
+ {
8128
+ name: "checks:read",
8129
+ description: "Checks",
8130
+ rules: [
8131
+ "GET /repos/{owner}/{repo}/check-runs/{check_run_id}",
8132
+ "GET /repos/{owner}/{repo}/check-runs/{check_run_id}/annotations",
8133
+ "GET /repos/{owner}/{repo}/check-suites/{check_suite_id}",
8134
+ "GET /repos/{owner}/{repo}/check-suites/{check_suite_id}/check-runs",
8135
+ "GET /repos/{owner}/{repo}/commits/{ref}/check-runs",
8136
+ "GET /repos/{owner}/{repo}/commits/{ref}/check-suites"
8137
+ ]
8138
+ },
8139
+ {
8140
+ name: "security_events:read",
8141
+ description: "Code scanning alerts",
8142
+ rules: [
8143
+ "GET /orgs/{org}/code-scanning/alerts",
8144
+ "GET /repos/{owner}/{repo}/code-scanning/alerts",
8145
+ "GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}",
8146
+ "GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix",
8147
+ "GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances",
8148
+ "GET /repos/{owner}/{repo}/code-scanning/analyses",
8149
+ "GET /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}",
8150
+ "GET /repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id}"
8151
+ ]
8152
+ },
8153
+ {
8154
+ name: "security_events:write",
8155
+ description: "Code scanning alerts",
8156
+ rules: [
8157
+ "PATCH /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}",
8158
+ "POST /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix",
8159
+ "DELETE /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}",
8160
+ "POST /repos/{owner}/{repo}/code-scanning/sarifs"
8161
+ ]
8162
+ },
8163
+ {
8164
+ name: "codespaces_lifecycle_admin:write",
8165
+ description: "Codespaces lifecycle admin",
8166
+ rules: [
8167
+ "POST /orgs/{org}/members/{username}/codespaces/{codespace_name}/stop",
8168
+ "POST /user/codespaces/{codespace_name}/exports",
8169
+ "POST /user/codespaces/{codespace_name}/start",
8170
+ "POST /user/codespaces/{codespace_name}/stop"
8171
+ ]
8172
+ },
8173
+ {
8174
+ name: "codespaces_lifecycle_admin:read",
8175
+ description: "Codespaces lifecycle admin",
8176
+ rules: ["GET /user/codespaces/{codespace_name}/exports/{export_id}"]
8177
+ },
8178
+ {
8179
+ name: "codespaces_metadata:read",
8180
+ description: "Codespaces metadata",
8181
+ rules: [
8182
+ "GET /repos/{owner}/{repo}/codespaces/devcontainers",
8183
+ "GET /repos/{owner}/{repo}/codespaces/machines",
8184
+ "GET /user/codespaces/{codespace_name}/machines"
8185
+ ]
8186
+ },
8187
+ {
8188
+ name: "codespaces_secrets:write",
8189
+ description: "Codespaces secrets",
8190
+ rules: [
8191
+ "GET /repos/{owner}/{repo}/codespaces/secrets",
8192
+ "GET /repos/{owner}/{repo}/codespaces/secrets/public-key",
8193
+ "GET /repos/{owner}/{repo}/codespaces/secrets/{secret_name}",
8194
+ "PUT /repos/{owner}/{repo}/codespaces/secrets/{secret_name}",
8195
+ "DELETE /repos/{owner}/{repo}/codespaces/secrets/{secret_name}"
8196
+ ]
8197
+ },
8198
+ {
8199
+ name: "codespaces:read",
8200
+ description: "Codespaces",
8201
+ rules: [
8202
+ "GET /orgs/{org}/codespaces",
8203
+ "GET /orgs/{org}/members/{username}/codespaces",
8204
+ "GET /repos/{owner}/{repo}/codespaces",
8205
+ "GET /user/codespaces",
8206
+ "GET /user/codespaces/{codespace_name}"
8207
+ ]
8208
+ },
8209
+ {
8210
+ name: "codespaces:write",
8211
+ description: "Codespaces",
8212
+ rules: [
8213
+ "DELETE /orgs/{org}/members/{username}/codespaces/{codespace_name}",
8214
+ "POST /repos/{owner}/{repo}/codespaces",
8215
+ "GET /repos/{owner}/{repo}/codespaces/new",
8216
+ "GET /repos/{owner}/{repo}/codespaces/permissions_check",
8217
+ "POST /repos/{owner}/{repo}/pulls/{pull_number}/codespaces",
8218
+ "POST /user/codespaces",
8219
+ "PATCH /user/codespaces/{codespace_name}",
8220
+ "DELETE /user/codespaces/{codespace_name}",
8221
+ "POST /user/codespaces/{codespace_name}/publish"
8222
+ ]
8223
+ },
8224
+ {
8225
+ name: "statuses:read",
8226
+ description: "Commit statuses",
8227
+ rules: [
8228
+ "GET /repos/{owner}/{repo}/commits/{ref}/status",
8229
+ "GET /repos/{owner}/{repo}/commits/{ref}/statuses"
8230
+ ]
8231
+ },
8232
+ {
8233
+ name: "statuses:write",
8234
+ description: "Commit statuses",
8235
+ rules: ["POST /repos/{owner}/{repo}/statuses/{sha}"]
8236
+ },
8237
+ {
8238
+ name: "contents:read",
8239
+ description: "Contents",
8240
+ rules: [
8241
+ "POST /markdown",
8242
+ "GET /orgs/{org}/artifacts/{subject_digest}/metadata/deployment-records",
8243
+ "GET /orgs/{org}/artifacts/{subject_digest}/metadata/storage-records",
8244
+ "GET /repos/{owner}/{repo}/activity",
8245
+ "GET /repos/{owner}/{repo}/branches",
8246
+ "GET /repos/{owner}/{repo}/branches/{branch}",
8247
+ "GET /repos/{owner}/{repo}/code-scanning/codeql/databases",
8248
+ "GET /repos/{owner}/{repo}/code-scanning/codeql/databases/{language}",
8249
+ "GET /repos/{owner}/{repo}/code-scanning/codeql/variant-analyses/{codeql_variant_analysis_id}",
8250
+ "GET /repos/{owner}/{repo}/code-scanning/codeql/variant-analyses/{codeql_variant_analysis_id}/repos/{repo_owner}/{repo_name}",
8251
+ "GET /repos/{owner}/{repo}/codeowners/errors",
8252
+ "GET /repos/{owner}/{repo}/commits",
8253
+ "GET /repos/{owner}/{repo}/commits/{commit_sha}/branches-where-head",
8254
+ "POST /repos/{owner}/{repo}/commits/{commit_sha}/comments",
8255
+ "GET /repos/{owner}/{repo}/commits/{ref}",
8256
+ "GET /repos/{owner}/{repo}/community/profile",
8257
+ "GET /repos/{owner}/{repo}/compare/{basehead+}",
8258
+ "GET /repos/{owner}/{repo}/contents/{path*}",
8259
+ "GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead+}",
8260
+ "GET /repos/{owner}/{repo}/dependency-graph/sbom",
8261
+ "POST /repos/{owner}/{repo}/forks",
8262
+ "GET /repos/{owner}/{repo}/git/blobs/{file_sha}",
8263
+ "GET /repos/{owner}/{repo}/git/commits/{commit_sha}",
8264
+ "GET /repos/{owner}/{repo}/git/matching-refs/{ref+}",
8265
+ "GET /repos/{owner}/{repo}/git/ref/{ref+}",
8266
+ "GET /repos/{owner}/{repo}/git/tags/{tag_sha}",
8267
+ "GET /repos/{owner}/{repo}/git/trees/{tree_sha}",
8268
+ "GET /repos/{owner}/{repo}/import",
8269
+ "GET /repos/{owner}/{repo}/import/authors",
8270
+ "GET /repos/{owner}/{repo}/import/large_files",
8271
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}",
8272
+ "GET /repos/{owner}/{repo}/readme",
8273
+ "GET /repos/{owner}/{repo}/readme/{dir}",
8274
+ "GET /repos/{owner}/{repo}/releases",
8275
+ "GET /repos/{owner}/{repo}/releases/assets/{asset_id}",
8276
+ "GET /repos/{owner}/{repo}/releases/latest",
8277
+ "GET /repos/{owner}/{repo}/releases/tags/{tag}",
8278
+ "GET /repos/{owner}/{repo}/releases/{release_id}",
8279
+ "GET /repos/{owner}/{repo}/releases/{release_id}/assets",
8280
+ "GET /repos/{owner}/{repo}/tarball/{ref}",
8281
+ "GET /repos/{owner}/{repo}/zipball/{ref}",
8282
+ "POST /repos/{template_owner}/{template_repo}/generate"
8283
+ ]
8284
+ },
8285
+ {
8286
+ name: "contents:write",
8287
+ description: "Contents",
8288
+ rules: [
8289
+ "POST /orgs/{org}/artifacts/metadata/deployment-record",
8290
+ "POST /orgs/{org}/artifacts/metadata/deployment-record/cluster/{cluster}",
8291
+ "POST /orgs/{org}/artifacts/metadata/storage-record",
8292
+ "POST /repos/{owner}/{repo}/branches/{branch}/rename",
8293
+ "POST /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix/commits",
8294
+ "DELETE /repos/{owner}/{repo}/code-scanning/codeql/databases/{language}",
8295
+ "POST /repos/{owner}/{repo}/code-scanning/codeql/variant-analyses",
8296
+ "PATCH /repos/{owner}/{repo}/comments/{comment_id}",
8297
+ "DELETE /repos/{owner}/{repo}/comments/{comment_id}",
8298
+ "POST /repos/{owner}/{repo}/comments/{comment_id}/reactions",
8299
+ "DELETE /repos/{owner}/{repo}/comments/{comment_id}/reactions/{reaction_id}",
8300
+ "PUT /repos/{owner}/{repo}/contents/{path*}",
8301
+ "DELETE /repos/{owner}/{repo}/contents/{path*}",
8302
+ "POST /repos/{owner}/{repo}/dependency-graph/snapshots",
8303
+ "POST /repos/{owner}/{repo}/dispatches",
8304
+ "POST /repos/{owner}/{repo}/git/blobs",
8305
+ "POST /repos/{owner}/{repo}/git/commits",
8306
+ "POST /repos/{owner}/{repo}/git/refs",
8307
+ "PATCH /repos/{owner}/{repo}/git/refs/{ref+}",
8308
+ "DELETE /repos/{owner}/{repo}/git/refs/{ref+}",
8309
+ "POST /repos/{owner}/{repo}/git/tags",
8310
+ "POST /repos/{owner}/{repo}/git/trees",
8311
+ "PUT /repos/{owner}/{repo}/import",
8312
+ "PATCH /repos/{owner}/{repo}/import",
8313
+ "DELETE /repos/{owner}/{repo}/import",
8314
+ "PATCH /repos/{owner}/{repo}/import/authors/{author_id}",
8315
+ "PATCH /repos/{owner}/{repo}/import/lfs",
8316
+ "POST /repos/{owner}/{repo}/merge-upstream",
8317
+ "POST /repos/{owner}/{repo}/merges",
8318
+ "PUT /repos/{owner}/{repo}/pulls/{pull_number}/merge",
8319
+ "POST /repos/{owner}/{repo}/releases",
8320
+ "PATCH /repos/{owner}/{repo}/releases/assets/{asset_id}",
8321
+ "DELETE /repos/{owner}/{repo}/releases/assets/{asset_id}",
8322
+ "POST /repos/{owner}/{repo}/releases/generate-notes",
8323
+ "PATCH /repos/{owner}/{repo}/releases/{release_id}",
8324
+ "DELETE /repos/{owner}/{repo}/releases/{release_id}",
8325
+ "POST /repos/{owner}/{repo}/secret-scanning/push-protection-bypasses"
8326
+ ]
8327
+ },
8328
+ {
8329
+ name: "repository_custom_properties:write",
8330
+ description: "Custom properties",
8331
+ rules: ["PATCH /repos/{owner}/{repo}/properties/values"]
8332
+ },
8333
+ {
8334
+ name: "vulnerability_alerts:read",
8335
+ description: "Dependabot alerts",
8336
+ rules: [
8337
+ "GET /orgs/{org}/dependabot/alerts",
8338
+ "GET /repos/{owner}/{repo}/dependabot/alerts",
8339
+ "GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number}"
8340
+ ]
8341
+ },
8342
+ {
8343
+ name: "vulnerability_alerts:write",
8344
+ description: "Dependabot alerts",
8345
+ rules: [
8346
+ "PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number}"
8347
+ ]
8348
+ },
8349
+ {
8350
+ name: "dependabot_secrets:read",
8351
+ description: "Dependabot secrets",
8352
+ rules: [
8353
+ "GET /repos/{owner}/{repo}/dependabot/secrets",
8354
+ "GET /repos/{owner}/{repo}/dependabot/secrets/public-key",
8355
+ "GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name}"
8356
+ ]
8357
+ },
8358
+ {
8359
+ name: "dependabot_secrets:write",
8360
+ description: "Dependabot secrets",
8361
+ rules: [
8362
+ "PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name}",
8363
+ "DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name}"
8364
+ ]
8365
+ },
8366
+ {
8367
+ name: "deployments:write",
8368
+ description: "Deployments",
8369
+ rules: [
8370
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/deployment_protection_rule",
8371
+ "POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments",
8372
+ "POST /repos/{owner}/{repo}/deployments",
8373
+ "DELETE /repos/{owner}/{repo}/deployments/{deployment_id}",
8374
+ "POST /repos/{owner}/{repo}/deployments/{deployment_id}/statuses"
8375
+ ]
8376
+ },
8377
+ {
8378
+ name: "deployments:read",
8379
+ description: "Deployments",
8380
+ rules: [
8381
+ "GET /repos/{owner}/{repo}/deployments",
8382
+ "GET /repos/{owner}/{repo}/deployments/{deployment_id}",
8383
+ "GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses",
8384
+ "GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses/{status_id}"
8385
+ ]
8386
+ },
8387
+ {
8388
+ name: "environments:read",
8389
+ description: "Environments",
8390
+ rules: [
8391
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/secrets",
8392
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/secrets/public-key",
8393
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}",
8394
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/variables",
8395
+ "GET /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}"
8396
+ ]
8397
+ },
8398
+ {
8399
+ name: "environments:write",
8400
+ description: "Environments",
8401
+ rules: [
8402
+ "PUT /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}",
8403
+ "DELETE /repos/{owner}/{repo}/environments/{environment_name}/secrets/{secret_name}",
8404
+ "POST /repos/{owner}/{repo}/environments/{environment_name}/variables",
8405
+ "PATCH /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}",
8406
+ "DELETE /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}"
8407
+ ]
8408
+ },
8409
+ {
8410
+ name: "issues:read",
8411
+ description: "Issues",
8412
+ rules: [
8413
+ "GET /repos/{owner}/{repo}/assignees",
8414
+ "GET /repos/{owner}/{repo}/assignees/{assignee}",
8415
+ "GET /repos/{owner}/{repo}/issues",
8416
+ "GET /repos/{owner}/{repo}/issues/comments",
8417
+ "GET /repos/{owner}/{repo}/issues/comments/{comment_id}",
8418
+ "GET /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions",
8419
+ "GET /repos/{owner}/{repo}/issues/events",
8420
+ "GET /repos/{owner}/{repo}/issues/events/{event_id}",
8421
+ "GET /repos/{owner}/{repo}/issues/{issue_number}",
8422
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}",
8423
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/comments",
8424
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/dependencies/blocked_by",
8425
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/dependencies/blocking",
8426
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/events",
8427
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/issue-field-values",
8428
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/labels",
8429
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/parent",
8430
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/reactions",
8431
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/sub_issues",
8432
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/timeline",
8433
+ "GET /repos/{owner}/{repo}/labels",
8434
+ "GET /repos/{owner}/{repo}/labels/{name}",
8435
+ "GET /repos/{owner}/{repo}/milestones",
8436
+ "GET /repos/{owner}/{repo}/milestones/{milestone_number}",
8437
+ "GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels"
8438
+ ]
8439
+ },
8440
+ {
8441
+ name: "issues:write",
8442
+ description: "Issues",
8443
+ rules: [
8444
+ "POST /repos/{owner}/{repo}/issues",
8445
+ "PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}",
8446
+ "DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}",
8447
+ "PUT /repos/{owner}/{repo}/issues/comments/{comment_id}/pin",
8448
+ "DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/pin",
8449
+ "POST /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions",
8450
+ "DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}",
8451
+ "PATCH /repos/{owner}/{repo}/issues/{issue_number}",
8452
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/assignees",
8453
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees",
8454
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/comments",
8455
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/dependencies/blocked_by",
8456
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/dependencies/blocked_by/{issue_id}",
8457
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/labels",
8458
+ "PUT /repos/{owner}/{repo}/issues/{issue_number}/labels",
8459
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels",
8460
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}",
8461
+ "PUT /repos/{owner}/{repo}/issues/{issue_number}/lock",
8462
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock",
8463
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/reactions",
8464
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/reactions/{reaction_id}",
8465
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/sub_issue",
8466
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/sub_issues",
8467
+ "PATCH /repos/{owner}/{repo}/issues/{issue_number}/sub_issues/priority",
8468
+ "POST /repos/{owner}/{repo}/labels",
8469
+ "PATCH /repos/{owner}/{repo}/labels/{name}",
8470
+ "DELETE /repos/{owner}/{repo}/labels/{name}",
8471
+ "POST /repos/{owner}/{repo}/milestones",
8472
+ "PATCH /repos/{owner}/{repo}/milestones/{milestone_number}",
8473
+ "DELETE /repos/{owner}/{repo}/milestones/{milestone_number}",
8474
+ "POST /repositories/{repository_id}/issues/{issue_number}/issue-field-values",
8475
+ "PUT /repositories/{repository_id}/issues/{issue_number}/issue-field-values",
8476
+ "DELETE /repositories/{repository_id}/issues/{issue_number}/issue-field-values/{issue_field_id}"
8477
+ ]
8478
+ },
8479
+ {
8480
+ name: "metadata:read",
8481
+ description: "Metadata",
8482
+ rules: [
8483
+ "GET /orgs/{org}/repos",
8484
+ "GET /repos/{owner}/{repo}",
8485
+ "GET /repos/{owner}/{repo}/collaborators",
8486
+ "GET /repos/{owner}/{repo}/collaborators/{username}",
8487
+ "GET /repos/{owner}/{repo}/collaborators/{username}/permission",
8488
+ "GET /repos/{owner}/{repo}/comments",
8489
+ "GET /repos/{owner}/{repo}/comments/{comment_id}",
8490
+ "GET /repos/{owner}/{repo}/comments/{comment_id}/reactions",
8491
+ "GET /repos/{owner}/{repo}/commits/{commit_sha}/comments",
8492
+ "GET /repos/{owner}/{repo}/contributors",
8493
+ "GET /repos/{owner}/{repo}/events",
8494
+ "GET /repos/{owner}/{repo}/forks",
8495
+ "GET /repos/{owner}/{repo}/languages",
8496
+ "GET /repos/{owner}/{repo}/license",
8497
+ "GET /repos/{owner}/{repo}/private-vulnerability-reporting",
8498
+ "GET /repos/{owner}/{repo}/properties/values",
8499
+ "GET /repos/{owner}/{repo}/rules/branches/{branch}",
8500
+ "GET /repos/{owner}/{repo}/rulesets",
8501
+ "GET /repos/{owner}/{repo}/rulesets/{ruleset_id}",
8502
+ "GET /repos/{owner}/{repo}/stargazers",
8503
+ "GET /repos/{owner}/{repo}/stats/code_frequency",
8504
+ "GET /repos/{owner}/{repo}/stats/commit_activity",
8505
+ "GET /repos/{owner}/{repo}/stats/contributors",
8506
+ "GET /repos/{owner}/{repo}/stats/participation",
8507
+ "GET /repos/{owner}/{repo}/stats/punch_card",
8508
+ "GET /repos/{owner}/{repo}/subscribers",
8509
+ "GET /repos/{owner}/{repo}/tags",
8510
+ "GET /repos/{owner}/{repo}/topics",
8511
+ "GET /repositories",
8512
+ "GET /search/labels",
8513
+ "GET /user/installations/{installation_id}/repositories",
8514
+ "GET /user/repos",
8515
+ "GET /users/{username}/repos"
8516
+ ]
8517
+ },
8518
+ {
8519
+ name: "pages:read",
8520
+ description: "Pages",
8521
+ rules: [
8522
+ "GET /repos/{owner}/{repo}/pages",
8523
+ "GET /repos/{owner}/{repo}/pages/builds",
8524
+ "GET /repos/{owner}/{repo}/pages/builds/latest",
8525
+ "GET /repos/{owner}/{repo}/pages/builds/{build_id}",
8526
+ "GET /repos/{owner}/{repo}/pages/deployments/{pages_deployment_id}"
8527
+ ]
8528
+ },
8529
+ {
8530
+ name: "pages:write",
8531
+ description: "Pages",
8532
+ rules: [
8533
+ "POST /repos/{owner}/{repo}/pages",
8534
+ "PUT /repos/{owner}/{repo}/pages",
8535
+ "DELETE /repos/{owner}/{repo}/pages",
8536
+ "POST /repos/{owner}/{repo}/pages/builds",
8537
+ "POST /repos/{owner}/{repo}/pages/deployments",
8538
+ "POST /repos/{owner}/{repo}/pages/deployments/{pages_deployment_id}/cancel",
8539
+ "GET /repos/{owner}/{repo}/pages/health"
8540
+ ]
8541
+ },
8542
+ {
8543
+ name: "pull_requests:read",
8544
+ description: "Pull requests",
8545
+ rules: [
8546
+ "GET /repos/{owner}/{repo}/assignees",
8547
+ "GET /repos/{owner}/{repo}/assignees/{assignee}",
8548
+ "GET /repos/{owner}/{repo}/commits/{commit_sha}/pulls",
8549
+ "GET /repos/{owner}/{repo}/issues/comments",
8550
+ "GET /repos/{owner}/{repo}/issues/comments/{comment_id}",
8551
+ "GET /repos/{owner}/{repo}/issues/events/{event_id}",
8552
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/assignees/{assignee}",
8553
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/comments",
8554
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/events",
8555
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/labels",
8556
+ "GET /repos/{owner}/{repo}/issues/{issue_number}/timeline",
8557
+ "GET /repos/{owner}/{repo}/labels",
8558
+ "GET /repos/{owner}/{repo}/labels/{name}",
8559
+ "GET /repos/{owner}/{repo}/milestones",
8560
+ "GET /repos/{owner}/{repo}/milestones/{milestone_number}",
8561
+ "GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels",
8562
+ "GET /repos/{owner}/{repo}/pulls",
8563
+ "GET /repos/{owner}/{repo}/pulls/comments",
8564
+ "GET /repos/{owner}/{repo}/pulls/comments/{comment_id}",
8565
+ "GET /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions",
8566
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}",
8567
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/comments",
8568
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/commits",
8569
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/files",
8570
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/merge",
8571
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers",
8572
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews",
8573
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}",
8574
+ "GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/comments"
8575
+ ]
8576
+ },
8577
+ {
8578
+ name: "pull_requests:write",
8579
+ description: "Pull requests",
8580
+ rules: [
8581
+ "PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}",
8582
+ "DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}",
8583
+ "PATCH /repos/{owner}/{repo}/issues/{issue_number}",
8584
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/assignees",
8585
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees",
8586
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/comments",
8587
+ "POST /repos/{owner}/{repo}/issues/{issue_number}/labels",
8588
+ "PUT /repos/{owner}/{repo}/issues/{issue_number}/labels",
8589
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels",
8590
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}",
8591
+ "PUT /repos/{owner}/{repo}/issues/{issue_number}/lock",
8592
+ "DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock",
8593
+ "POST /repos/{owner}/{repo}/labels",
8594
+ "PATCH /repos/{owner}/{repo}/labels/{name}",
8595
+ "DELETE /repos/{owner}/{repo}/labels/{name}",
8596
+ "POST /repos/{owner}/{repo}/milestones",
8597
+ "PATCH /repos/{owner}/{repo}/milestones/{milestone_number}",
8598
+ "DELETE /repos/{owner}/{repo}/milestones/{milestone_number}",
8599
+ "POST /repos/{owner}/{repo}/pulls",
8600
+ "PATCH /repos/{owner}/{repo}/pulls/comments/{comment_id}",
8601
+ "DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}",
8602
+ "POST /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions",
8603
+ "DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions/{reaction_id}",
8604
+ "PATCH /repos/{owner}/{repo}/pulls/{pull_number}",
8605
+ "POST /repos/{owner}/{repo}/pulls/{pull_number}/comments",
8606
+ "POST /repos/{owner}/{repo}/pulls/{pull_number}/comments/{comment_id}/replies",
8607
+ "POST /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers",
8608
+ "DELETE /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers",
8609
+ "POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews",
8610
+ "PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}",
8611
+ "DELETE /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}",
8612
+ "PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/dismissals",
8613
+ "POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/events",
8614
+ "PUT /repos/{owner}/{repo}/pulls/{pull_number}/update-branch",
8615
+ "POST /repositories/{repository_id}/issues/{issue_number}/issue-field-values",
8616
+ "PUT /repositories/{repository_id}/issues/{issue_number}/issue-field-values",
8617
+ "DELETE /repositories/{repository_id}/issues/{issue_number}/issue-field-values/{issue_field_id}"
8618
+ ]
8619
+ },
8620
+ {
8621
+ name: "repository_advisories:write",
8622
+ description: "Repository security advisories",
8623
+ rules: [
8624
+ "GET /orgs/{org}/security-advisories",
8625
+ "POST /repos/{owner}/{repo}/security-advisories",
8626
+ "POST /repos/{owner}/{repo}/security-advisories/reports",
8627
+ "PATCH /repos/{owner}/{repo}/security-advisories/{ghsa_id}",
8628
+ "POST /repos/{owner}/{repo}/security-advisories/{ghsa_id}/cve"
8629
+ ]
8630
+ },
8631
+ {
8632
+ name: "repository_advisories:read",
8633
+ description: "Repository security advisories",
8634
+ rules: [
8635
+ "GET /repos/{owner}/{repo}/security-advisories",
8636
+ "GET /repos/{owner}/{repo}/security-advisories/{ghsa_id}",
8637
+ "POST /repos/{owner}/{repo}/security-advisories/{ghsa_id}/forks"
8638
+ ]
8639
+ },
8640
+ {
8641
+ name: "secret_scanning_alerts:read",
8642
+ description: "Secret scanning alerts",
8643
+ rules: [
8644
+ "GET /orgs/{org}/secret-scanning/alerts",
8645
+ "GET /repos/{owner}/{repo}/secret-scanning/alerts",
8646
+ "GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}",
8647
+ "GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations",
8648
+ "GET /repos/{owner}/{repo}/secret-scanning/scan-history"
8649
+ ]
8650
+ },
8651
+ {
8652
+ name: "secret_scanning_alerts:write",
8653
+ description: "Secret scanning alerts",
8654
+ rules: [
8655
+ "PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}"
8656
+ ]
8657
+ },
8658
+ {
8659
+ name: "secrets:read",
8660
+ description: "Secrets",
8661
+ rules: [
8662
+ "GET /repos/{owner}/{repo}/actions/organization-secrets",
8663
+ "GET /repos/{owner}/{repo}/actions/secrets",
8664
+ "GET /repos/{owner}/{repo}/actions/secrets/public-key",
8665
+ "GET /repos/{owner}/{repo}/actions/secrets/{secret_name}"
8666
+ ]
8667
+ },
8668
+ {
8669
+ name: "secrets:write",
8670
+ description: "Secrets",
8671
+ rules: [
8672
+ "PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}",
8673
+ "DELETE /repos/{owner}/{repo}/actions/secrets/{secret_name}"
8674
+ ]
8675
+ },
8676
+ {
8677
+ name: "actions_variables:read",
8678
+ description: "Variables",
8679
+ rules: [
8680
+ "GET /repos/{owner}/{repo}/actions/organization-variables",
8681
+ "GET /repos/{owner}/{repo}/actions/variables",
8682
+ "GET /repos/{owner}/{repo}/actions/variables/{name}"
8683
+ ]
8684
+ },
8685
+ {
8686
+ name: "actions_variables:write",
8687
+ description: "Variables",
8688
+ rules: [
8689
+ "POST /repos/{owner}/{repo}/actions/variables",
8690
+ "PATCH /repos/{owner}/{repo}/actions/variables/{name}",
8691
+ "DELETE /repos/{owner}/{repo}/actions/variables/{name}"
8692
+ ]
8693
+ },
8694
+ {
8695
+ name: "repository_hooks:read",
8696
+ description: "Webhooks",
8697
+ rules: [
8698
+ "GET /repos/{owner}/{repo}/hooks",
8699
+ "GET /repos/{owner}/{repo}/hooks/{hook_id}",
8700
+ "GET /repos/{owner}/{repo}/hooks/{hook_id}/config",
8701
+ "GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries",
8702
+ "GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}",
8703
+ "POST /repos/{owner}/{repo}/hooks/{hook_id}/pings",
8704
+ "POST /repos/{owner}/{repo}/hooks/{hook_id}/tests"
8705
+ ]
8706
+ },
8707
+ {
8708
+ name: "repository_hooks:write",
8709
+ description: "Webhooks",
8710
+ rules: [
8711
+ "POST /repos/{owner}/{repo}/hooks",
8712
+ "PATCH /repos/{owner}/{repo}/hooks/{hook_id}",
8713
+ "DELETE /repos/{owner}/{repo}/hooks/{hook_id}",
8714
+ "PATCH /repos/{owner}/{repo}/hooks/{hook_id}/config",
8715
+ "POST /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}/attempts"
8716
+ ]
8717
+ },
8718
+ {
8719
+ name: "workflows:write",
8720
+ description: "Workflows",
8721
+ rules: [
8722
+ "PUT /repos/{owner}/{repo}/contents/{path*}",
8723
+ "DELETE /repos/{owner}/{repo}/contents/{path*}",
8724
+ "POST /repos/{owner}/{repo}/git/refs",
8725
+ "PATCH /repos/{owner}/{repo}/git/refs/{ref+}",
8726
+ "POST /repos/{owner}/{repo}/releases"
8727
+ ]
8728
+ },
8729
+ {
8730
+ name: "blocking:read",
8731
+ description: "Block another user",
8732
+ rules: ["GET /user/blocks", "GET /user/blocks/{username}"]
8733
+ },
8734
+ {
8735
+ name: "blocking:write",
8736
+ description: "Block another user",
8737
+ rules: [
8738
+ "PUT /user/blocks/{username}",
8739
+ "DELETE /user/blocks/{username}"
8740
+ ]
8741
+ },
8742
+ {
8743
+ name: "codespaces_user_secrets:read",
8744
+ description: "Codespaces user secrets",
8745
+ rules: [
8746
+ "GET /user/codespaces/secrets",
8747
+ "GET /user/codespaces/secrets/public-key",
8748
+ "GET /user/codespaces/secrets/{secret_name}",
8749
+ "GET /user/codespaces/secrets/{secret_name}/repositories"
8750
+ ]
8751
+ },
8752
+ {
8753
+ name: "codespaces_user_secrets:write",
8754
+ description: "Codespaces user secrets",
8755
+ rules: [
8756
+ "PUT /user/codespaces/secrets/{secret_name}",
8757
+ "DELETE /user/codespaces/secrets/{secret_name}",
8758
+ "PUT /user/codespaces/secrets/{secret_name}/repositories",
8759
+ "PUT /user/codespaces/secrets/{secret_name}/repositories/{repository_id}",
8760
+ "DELETE /user/codespaces/secrets/{secret_name}/repositories/{repository_id}"
8761
+ ]
8762
+ },
8763
+ {
8764
+ name: "emails:write",
8765
+ description: "Email addresses",
8766
+ rules: [
8767
+ "PATCH /user/email/visibility",
8768
+ "POST /user/emails",
8769
+ "DELETE /user/emails"
8770
+ ]
8771
+ },
8772
+ {
8773
+ name: "emails:read",
8774
+ description: "Email addresses",
8775
+ rules: ["GET /user/emails", "GET /user/public_emails"]
8776
+ },
8777
+ {
8778
+ name: "followers:read",
8779
+ description: "Followers",
8780
+ rules: [
8781
+ "GET /user/followers",
8782
+ "GET /user/following",
8783
+ "GET /user/following/{username}"
8784
+ ]
8785
+ },
8786
+ {
8787
+ name: "followers:write",
8788
+ description: "Followers",
8789
+ rules: [
8790
+ "PUT /user/following/{username}",
8791
+ "DELETE /user/following/{username}"
8792
+ ]
8793
+ },
8794
+ {
8795
+ name: "gpg_keys:read",
8796
+ description: "GPG keys",
8797
+ rules: ["GET /user/gpg_keys", "GET /user/gpg_keys/{gpg_key_id}"]
8798
+ },
8799
+ {
8800
+ name: "gpg_keys:write",
8801
+ description: "GPG keys",
8802
+ rules: ["POST /user/gpg_keys", "DELETE /user/gpg_keys/{gpg_key_id}"]
8803
+ },
8804
+ {
8805
+ name: "gists:write",
8806
+ description: "Gists",
8807
+ rules: [
8808
+ "POST /gists",
8809
+ "PATCH /gists/{gist_id}",
8810
+ "DELETE /gists/{gist_id}",
8811
+ "POST /gists/{gist_id}/comments",
8812
+ "PATCH /gists/{gist_id}/comments/{comment_id}",
8813
+ "DELETE /gists/{gist_id}/comments/{comment_id}",
8814
+ "POST /gists/{gist_id}/forks",
8815
+ "PUT /gists/{gist_id}/star",
8816
+ "DELETE /gists/{gist_id}/star"
8817
+ ]
8818
+ },
8819
+ {
8820
+ name: "keys:read",
8821
+ description: "Git SSH keys",
8822
+ rules: [
8823
+ "GET /user/keys",
8824
+ "GET /user/keys/{key_id}",
8825
+ "GET /users/{username}/keys"
8826
+ ]
8827
+ },
8828
+ {
8829
+ name: "keys:write",
8830
+ description: "Git SSH keys",
8831
+ rules: ["POST /user/keys", "DELETE /user/keys/{key_id}"]
8832
+ },
8833
+ {
8834
+ name: "interaction_limits:read",
8835
+ description: "Interaction limits",
8836
+ rules: ["GET /user/interaction-limits"]
8837
+ },
8838
+ {
8839
+ name: "interaction_limits:write",
8840
+ description: "Interaction limits",
8841
+ rules: [
8842
+ "PUT /user/interaction-limits",
8843
+ "DELETE /user/interaction-limits"
8844
+ ]
8845
+ },
8846
+ {
8847
+ name: "plan:read",
8848
+ description: "Plan",
8849
+ rules: [
8850
+ "GET /users/{username}/settings/billing/premium_request/usage",
8851
+ "GET /users/{username}/settings/billing/usage",
8852
+ "GET /users/{username}/settings/billing/usage/summary"
8853
+ ]
8854
+ },
8855
+ {
8856
+ name: "private_repository_invitations:read",
8857
+ description: "Private repository invitations",
8858
+ rules: ["GET /repos/{owner}/{repo}/invitations"]
8859
+ },
8860
+ {
8861
+ name: "profile:write",
8862
+ description: "Profile",
8863
+ rules: [
8864
+ "PATCH /user",
8865
+ "POST /user/social_accounts",
8866
+ "DELETE /user/social_accounts"
8867
+ ]
8868
+ },
8869
+ {
8870
+ name: "git_signing_ssh_public_keys:read",
8871
+ description: "SSH signing keys",
8872
+ rules: [
8873
+ "GET /user/ssh_signing_keys",
8874
+ "GET /user/ssh_signing_keys/{ssh_signing_key_id}"
8875
+ ]
8876
+ },
8877
+ {
8878
+ name: "git_signing_ssh_public_keys:write",
8879
+ description: "SSH signing keys",
8880
+ rules: [
8881
+ "POST /user/ssh_signing_keys",
8882
+ "DELETE /user/ssh_signing_keys/{ssh_signing_key_id}"
8883
+ ]
8884
+ },
8885
+ {
8886
+ name: "starring:read",
8887
+ description: "Starring",
8888
+ rules: [
8889
+ "GET /user/starred",
8890
+ "GET /user/starred/{owner}/{repo}",
8891
+ "GET /users/{username}/starred"
8892
+ ]
8893
+ },
8894
+ {
8895
+ name: "starring:write",
8896
+ description: "Starring",
8897
+ rules: [
8898
+ "PUT /user/starred/{owner}/{repo}",
8899
+ "DELETE /user/starred/{owner}/{repo}"
8900
+ ]
8901
+ },
8902
+ {
8903
+ name: "watching:read",
8904
+ description: "Watching",
8905
+ rules: [
8906
+ "GET /user/subscriptions",
8907
+ "GET /users/{username}/subscriptions"
8908
+ ]
8909
+ }
8910
+ ]
8911
+ },
8912
+ {
8913
+ base: "https://uploads.github.com",
8914
+ auth: {
8915
+ headers: {
8916
+ Authorization: "Bearer ${{ secrets.GITHUB_TOKEN }}"
8917
+ }
8918
+ },
8919
+ permissions: [
8920
+ {
8921
+ name: "unrestricted",
8922
+ description: "Allow all endpoints",
8923
+ rules: ["ANY /{path*}"]
8924
+ },
8925
+ {
8926
+ name: "contents:write",
8927
+ description: "Upload release assets",
8928
+ rules: ["POST /repos/{owner}/{repo}/releases/{release_id}/assets"]
8929
+ }
8930
+ ]
8931
+ }
8932
+ ]
8933
+ };
8934
+
8935
+ // ../../packages/core/src/firewalls/slack.generated.ts
8936
+ var slackFirewall = {
8937
+ name: "slack",
8938
+ description: "Slack API",
8939
+ placeholders: {
8940
+ SLACK_TOKEN: "xoxb-000000000000-0000000000000-Vm0PlaceHolder0000000000"
8941
+ },
8942
+ apis: [
8943
+ {
8944
+ base: "https://slack.com/api",
8945
+ auth: {
8946
+ headers: {
8947
+ Authorization: "Bearer ${{ secrets.SLACK_TOKEN }}"
8948
+ }
8949
+ },
8950
+ permissions: [
8951
+ {
8952
+ name: "unrestricted",
8953
+ description: "Allow all endpoints",
8954
+ rules: ["ANY /{path*}"]
8955
+ },
8956
+ {
8957
+ name: "admin",
8958
+ rules: [
8959
+ "POST /admin.audit.anomaly.allow.getItem",
8960
+ "POST /admin.audit.anomaly.allow.updateItem",
8961
+ "GET /team.accessLogs",
8962
+ "GET /team.billableInfo",
8963
+ "GET /team.integrationLogs"
8964
+ ]
8965
+ },
8966
+ {
8967
+ name: "admin.analytics:read",
8968
+ rules: [
8969
+ "GET /admin.analytics.getFile",
8970
+ "GET /admin.analytics.messages.activity",
8971
+ "GET /admin.analytics.messages.metadata"
8972
+ ]
8973
+ },
8974
+ {
8975
+ name: "admin.app_activities:read",
8976
+ rules: ["POST /admin.apps.activities.list"]
8977
+ },
8978
+ {
8979
+ name: "admin.apps:read",
8980
+ rules: [
8981
+ "GET /admin.apps.approved.list",
8982
+ "POST /admin.apps.config.lookup",
8983
+ "GET /admin.apps.requests.list",
8984
+ "GET /admin.apps.restricted.list"
8985
+ ]
8986
+ },
8987
+ {
8988
+ name: "admin.apps:write",
8989
+ rules: [
8990
+ "POST /admin.apps.approve",
8991
+ "POST /admin.apps.clearResolution",
8992
+ "POST /admin.apps.config.set",
8993
+ "POST /admin.apps.requests.cancel",
8994
+ "POST /admin.apps.restrict",
8995
+ "POST /admin.apps.uninstall"
8996
+ ]
8997
+ },
8998
+ {
8999
+ name: "admin.barriers:read",
9000
+ rules: ["GET /admin.barriers.list"]
9001
+ },
9002
+ {
9003
+ name: "admin.barriers:write",
9004
+ rules: [
9005
+ "POST /admin.barriers.create",
9006
+ "POST /admin.barriers.delete",
9007
+ "POST /admin.barriers.update"
9008
+ ]
9009
+ },
9010
+ {
9011
+ name: "admin.conversations:manage_objects",
9012
+ rules: [
9013
+ "POST /admin.conversations.createForObjects",
9014
+ "POST /admin.conversations.linkObjects",
9015
+ "POST /admin.conversations.unlinkObjects"
9016
+ ]
9017
+ },
9018
+ {
9019
+ name: "admin.conversations:read",
9020
+ rules: [
9021
+ "POST /admin.conversations.ekm.listOriginalConnectedChannelInfo",
9022
+ "POST /admin.conversations.getConversationPrefs",
9023
+ "POST /admin.conversations.getCustomRetention",
9024
+ "POST /admin.conversations.getTeams",
9025
+ "POST /admin.conversations.lookup",
9026
+ "GET /admin.conversations.restrictAccess.listGroups",
9027
+ "POST /admin.conversations.search"
9028
+ ]
9029
+ },
9030
+ {
9031
+ name: "admin.conversations:write",
9032
+ rules: [
9033
+ "POST /admin.conversations.archive",
9034
+ "POST /admin.conversations.bulkArchive",
9035
+ "POST /admin.conversations.bulkDelete",
9036
+ "POST /admin.conversations.bulkMove",
9037
+ "GET /admin.conversations.bulkSetExcludeFromSlackAi",
9038
+ "POST /admin.conversations.convertToPrivate",
9039
+ "POST /admin.conversations.convertToPublic",
9040
+ "POST /admin.conversations.create",
9041
+ "POST /admin.conversations.delete",
9042
+ "POST /admin.conversations.disconnectShared",
9043
+ "POST /admin.conversations.invite",
9044
+ "POST /admin.conversations.removeCustomRetention",
9045
+ "POST /admin.conversations.rename",
9046
+ "GET /admin.conversations.restrictAccess.addGroup",
9047
+ "GET /admin.conversations.restrictAccess.removeGroup",
9048
+ "POST /admin.conversations.setConversationPrefs",
9049
+ "POST /admin.conversations.setCustomRetention",
9050
+ "POST /admin.conversations.setTeams",
9051
+ "POST /admin.conversations.unarchive"
9052
+ ]
9053
+ },
9054
+ {
9055
+ name: "admin.invites:read",
9056
+ rules: [
9057
+ "POST /admin.inviteRequests.approved.list",
9058
+ "POST /admin.inviteRequests.denied.list",
9059
+ "POST /admin.inviteRequests.list"
9060
+ ]
9061
+ },
9062
+ {
9063
+ name: "admin.invites:write",
9064
+ rules: [
9065
+ "POST /admin.inviteRequests.approve",
9066
+ "POST /admin.inviteRequests.deny"
9067
+ ]
9068
+ },
9069
+ {
9070
+ name: "admin.roles:read",
9071
+ rules: ["GET /admin.roles.listAssignments"]
9072
+ },
9073
+ {
9074
+ name: "admin.roles:write",
9075
+ rules: [
9076
+ "POST /admin.roles.addAssignments",
9077
+ "POST /admin.roles.removeAssignments"
9078
+ ]
9079
+ },
9080
+ {
9081
+ name: "admin.teams:read",
9082
+ rules: [
9083
+ "GET /admin.emoji.list",
9084
+ "GET /admin.teams.admins.list",
9085
+ "POST /admin.teams.list",
9086
+ "GET /admin.teams.owners.list",
9087
+ "POST /admin.teams.settings.info"
9088
+ ]
9089
+ },
9090
+ {
9091
+ name: "admin.teams:write",
9092
+ rules: [
9093
+ "GET /admin.emoji.add",
9094
+ "GET /admin.emoji.addAlias",
9095
+ "GET /admin.emoji.remove",
9096
+ "GET /admin.emoji.rename",
9097
+ "POST /admin.teams.create",
9098
+ "GET /admin.teams.settings.setDefaultChannels",
9099
+ "POST /admin.teams.settings.setDescription",
9100
+ "POST /admin.teams.settings.setDiscoverability",
9101
+ "GET /admin.teams.settings.setIcon",
9102
+ "POST /admin.teams.settings.setName",
9103
+ "POST /admin.usergroups.addTeams"
9104
+ ]
9105
+ },
9106
+ {
9107
+ name: "admin.usergroups:read",
9108
+ rules: ["POST /admin.usergroups.listChannels"]
9109
+ },
9110
+ {
9111
+ name: "admin.usergroups:write",
9112
+ rules: [
9113
+ "POST /admin.usergroups.addChannels",
9114
+ "POST /admin.usergroups.removeChannels"
9115
+ ]
9116
+ },
9117
+ {
9118
+ name: "admin.users:read",
9119
+ rules: [
9120
+ "POST /admin.auth.policy.getEntities",
9121
+ "GET /admin.users.getExpiration",
9122
+ "POST /admin.users.list",
9123
+ "POST /admin.users.session.getSettings",
9124
+ "POST /admin.users.session.list",
9125
+ "POST /admin.users.unsupportedVersions.export"
9126
+ ]
9127
+ },
9128
+ {
9129
+ name: "admin.users:write",
9130
+ rules: [
9131
+ "POST /admin.auth.policy.assignEntities",
9132
+ "POST /admin.auth.policy.removeEntities",
9133
+ "POST /admin.users.assign",
9134
+ "POST /admin.users.invite",
9135
+ "POST /admin.users.remove",
9136
+ "POST /admin.users.session.clearSettings",
9137
+ "POST /admin.users.session.invalidate",
9138
+ "POST /admin.users.session.reset",
9139
+ "POST /admin.users.session.resetBulk",
9140
+ "POST /admin.users.session.setSettings",
9141
+ "POST /admin.users.setAdmin",
9142
+ "POST /admin.users.setExpiration",
9143
+ "POST /admin.users.setOwner",
9144
+ "POST /admin.users.setRegular"
9145
+ ]
9146
+ },
9147
+ {
9148
+ name: "admin.workflows:read",
9149
+ rules: [
9150
+ "POST /admin.functions.list",
9151
+ "POST /admin.functions.permissions.lookup",
9152
+ "POST /admin.functions.permissions.set",
9153
+ "POST /admin.workflows.permissions.lookup",
9154
+ "POST /admin.workflows.search"
9155
+ ]
9156
+ },
9157
+ {
9158
+ name: "admin.workflows:write",
9159
+ rules: [
9160
+ "POST /admin.workflows.collaborators.add",
9161
+ "POST /admin.workflows.collaborators.remove",
9162
+ "POST /admin.workflows.unpublish"
9163
+ ]
9164
+ },
9165
+ {
9166
+ name: "assistant:write",
9167
+ rules: [
9168
+ "POST /assistant.threads.setSuggestedPrompts",
9169
+ "POST /assistant.threads.setTitle"
9170
+ ]
9171
+ },
9172
+ {
9173
+ name: "bookmarks:read",
9174
+ rules: ["POST /bookmarks.list", "POST /workflows.featured.list"]
9175
+ },
9176
+ {
9177
+ name: "bookmarks:write",
9178
+ rules: [
9179
+ "POST /bookmarks.add",
9180
+ "POST /bookmarks.edit",
9181
+ "POST /bookmarks.remove",
9182
+ "POST /workflows.featured.add",
9183
+ "POST /workflows.featured.remove",
9184
+ "POST /workflows.featured.set"
9185
+ ]
9186
+ },
9187
+ {
9188
+ name: "calls:read",
9189
+ rules: ["POST /calls.info"]
9190
+ },
9191
+ {
9192
+ name: "calls:write",
9193
+ rules: [
9194
+ "POST /calls.add",
9195
+ "POST /calls.end",
9196
+ "POST /calls.participants.add",
9197
+ "POST /calls.participants.remove",
9198
+ "POST /calls.update"
9199
+ ]
9200
+ },
9201
+ {
9202
+ name: "canvases:read",
9203
+ rules: ["POST /canvases.sections.lookup"]
9204
+ },
9205
+ {
9206
+ name: "canvases:write",
9207
+ rules: [
9208
+ "POST /canvases.access.delete",
9209
+ "POST /canvases.access.set",
9210
+ "POST /canvases.create",
9211
+ "POST /canvases.delete",
9212
+ "POST /canvases.edit",
9213
+ "POST /conversations.canvases.create"
9214
+ ]
9215
+ },
9216
+ {
9217
+ name: "channels:history",
9218
+ rules: ["GET /conversations.history", "GET /conversations.replies"]
9219
+ },
9220
+ {
9221
+ name: "channels:join",
9222
+ rules: ["POST /conversations.join"]
9223
+ },
9224
+ {
9225
+ name: "channels:manage",
9226
+ rules: [
9227
+ "POST /conversations.archive",
9228
+ "POST /conversations.close",
9229
+ "POST /conversations.create",
9230
+ "POST /conversations.invite",
9231
+ "POST /conversations.kick",
9232
+ "POST /conversations.leave",
9233
+ "POST /conversations.mark",
9234
+ "POST /conversations.open",
9235
+ "POST /conversations.rename",
9236
+ "POST /conversations.setPurpose",
9237
+ "POST /conversations.setTopic",
9238
+ "POST /conversations.unarchive"
9239
+ ]
9240
+ },
9241
+ {
9242
+ name: "channels:read",
9243
+ rules: [
9244
+ "GET /conversations.info",
9245
+ "GET /conversations.list",
9246
+ "GET /conversations.members",
9247
+ "GET /users.conversations"
9248
+ ]
9249
+ },
9250
+ {
9251
+ name: "channels:write",
9252
+ rules: [
9253
+ "POST /conversations.archive",
9254
+ "POST /conversations.close",
9255
+ "POST /conversations.create",
9256
+ "POST /conversations.invite",
9257
+ "POST /conversations.join",
9258
+ "POST /conversations.kick",
9259
+ "POST /conversations.leave",
9260
+ "POST /conversations.mark",
9261
+ "POST /conversations.open",
9262
+ "POST /conversations.rename",
9263
+ "POST /conversations.setPurpose",
9264
+ "POST /conversations.setTopic",
9265
+ "POST /conversations.unarchive"
9266
+ ]
9267
+ },
9268
+ {
9269
+ name: "channels:write.invites",
9270
+ rules: ["POST /conversations.invite"]
9271
+ },
9272
+ {
9273
+ name: "channels:write.topic",
9274
+ rules: [
9275
+ "POST /conversations.setPurpose",
9276
+ "POST /conversations.setTopic"
9277
+ ]
9278
+ },
9279
+ {
9280
+ name: "chat:write",
9281
+ rules: [
9282
+ "POST /assistant.threads.setStatus",
9283
+ "POST /chat.appendStream",
9284
+ "POST /chat.delete",
9285
+ "POST /chat.deleteScheduledMessage",
9286
+ "POST /chat.meMessage",
9287
+ "POST /chat.postEphemeral",
9288
+ "POST /chat.postMessage",
9289
+ "POST /chat.scheduleMessage",
9290
+ "POST /chat.startStream",
9291
+ "POST /chat.stopStream",
9292
+ "POST /chat.update"
9293
+ ]
9294
+ },
9295
+ {
9296
+ name: "client",
9297
+ rules: [
9298
+ "POST /admin.workflows.triggers.types.permissions.lookup",
9299
+ "POST /admin.workflows.triggers.types.permissions.set"
9300
+ ]
9301
+ },
9302
+ {
9303
+ name: "conversations.connect:manage",
9304
+ rules: [
9305
+ "POST /conversations.approveSharedInvite",
9306
+ "GET /conversations.declineSharedInvite",
9307
+ "POST /conversations.externalInvitePermissions.set",
9308
+ "POST /conversations.listConnectInvites",
9309
+ "POST /conversations.requestSharedInvite.approve",
9310
+ "POST /conversations.requestSharedInvite.deny",
9311
+ "POST /conversations.requestSharedInvite.list",
9312
+ "POST /team.externalTeams.disconnect",
9313
+ "GET /team.externalTeams.list",
9314
+ "POST /users.discoverableContacts.lookup"
9315
+ ]
9316
+ },
9317
+ {
9318
+ name: "conversations.connect:write",
9319
+ rules: [
9320
+ "POST /conversations.acceptSharedInvite",
9321
+ "GET /conversations.inviteShared"
9322
+ ]
9323
+ },
9324
+ {
9325
+ name: "datastore:read",
9326
+ rules: [
9327
+ "POST /apps.datastore.bulkGet",
9328
+ "POST /apps.datastore.count",
9329
+ "POST /apps.datastore.get",
9330
+ "POST /apps.datastore.query"
9331
+ ]
9332
+ },
9333
+ {
9334
+ name: "datastore:write",
9335
+ rules: [
9336
+ "POST /apps.datastore.bulkDelete",
9337
+ "POST /apps.datastore.bulkPut",
9338
+ "POST /apps.datastore.delete",
9339
+ "POST /apps.datastore.put",
9340
+ "POST /apps.datastore.update"
9341
+ ]
9342
+ },
9343
+ {
9344
+ name: "dnd:read",
9345
+ rules: ["GET /dnd.info", "GET /dnd.teamInfo"]
9346
+ },
9347
+ {
9348
+ name: "dnd:write",
9349
+ rules: [
9350
+ "POST /dnd.endDnd",
9351
+ "POST /dnd.endSnooze",
9352
+ "GET /dnd.setSnooze"
9353
+ ]
9354
+ },
9355
+ {
9356
+ name: "emoji:read",
9357
+ rules: ["GET /emoji.list"]
9358
+ },
9359
+ {
9360
+ name: "files:read",
9361
+ rules: ["GET /files.info", "GET /files.list"]
9362
+ },
9363
+ {
9364
+ name: "files:write",
9365
+ rules: [
9366
+ "POST /files.comments.delete",
9367
+ "POST /files.completeUploadExternal",
9368
+ "POST /files.delete",
9369
+ "POST /files.getUploadURLExternal",
9370
+ "POST /files.revokePublicURL",
9371
+ "POST /files.sharedPublicURL",
9372
+ "POST /files.upload"
9373
+ ]
9374
+ },
9375
+ {
9376
+ name: "groups:history",
9377
+ rules: ["GET /conversations.history", "GET /conversations.replies"]
9378
+ },
9379
+ {
9380
+ name: "groups:read",
9381
+ rules: [
9382
+ "GET /conversations.info",
9383
+ "GET /conversations.list",
9384
+ "GET /conversations.members",
9385
+ "GET /users.conversations"
9386
+ ]
9387
+ },
9388
+ {
9389
+ name: "groups:write",
9390
+ rules: [
9391
+ "POST /conversations.archive",
9392
+ "POST /conversations.close",
9393
+ "POST /conversations.create",
9394
+ "POST /conversations.invite",
9395
+ "POST /conversations.kick",
9396
+ "POST /conversations.leave",
9397
+ "POST /conversations.mark",
9398
+ "POST /conversations.open",
9399
+ "POST /conversations.rename",
9400
+ "POST /conversations.setPurpose",
9401
+ "POST /conversations.setTopic",
9402
+ "POST /conversations.unarchive"
9403
+ ]
9404
+ },
9405
+ {
9406
+ name: "groups:write.invites",
9407
+ rules: ["POST /conversations.invite"]
9408
+ },
9409
+ {
9410
+ name: "groups:write.topic",
9411
+ rules: [
9412
+ "POST /conversations.setPurpose",
9413
+ "POST /conversations.setTopic"
9414
+ ]
9415
+ },
9416
+ {
9417
+ name: "hosting:read",
9418
+ rules: ["POST /apps.activities.list"]
9419
+ },
9420
+ {
9421
+ name: "identity:read",
9422
+ rules: ["GET /users.identity"]
9423
+ },
9424
+ {
9425
+ name: "im:history",
9426
+ rules: ["GET /conversations.history", "GET /conversations.replies"]
9427
+ },
9428
+ {
9429
+ name: "im:read",
9430
+ rules: [
9431
+ "GET /conversations.info",
9432
+ "GET /conversations.list",
9433
+ "GET /conversations.members",
9434
+ "GET /users.conversations"
9435
+ ]
9436
+ },
9437
+ {
9438
+ name: "im:write",
9439
+ rules: [
9440
+ "POST /conversations.archive",
9441
+ "POST /conversations.close",
9442
+ "POST /conversations.create",
9443
+ "POST /conversations.invite",
9444
+ "POST /conversations.kick",
9445
+ "POST /conversations.leave",
9446
+ "POST /conversations.mark",
9447
+ "POST /conversations.open",
9448
+ "POST /conversations.rename",
9449
+ "POST /conversations.setPurpose",
9450
+ "POST /conversations.setTopic",
9451
+ "POST /conversations.unarchive"
9452
+ ]
9453
+ },
9454
+ {
9455
+ name: "im:write.topic",
9456
+ rules: [
9457
+ "POST /conversations.setPurpose",
9458
+ "POST /conversations.setTopic"
9459
+ ]
9460
+ },
9461
+ {
9462
+ name: "links:write",
9463
+ rules: ["POST /chat.unfurl"]
9464
+ },
9465
+ {
9466
+ name: "lists:read",
9467
+ rules: [
9468
+ "POST /slackLists.download.get",
9469
+ "POST /slackLists.download.start",
9470
+ "POST /slackLists.items.info",
9471
+ "POST /slackLists.items.list"
9472
+ ]
9473
+ },
9474
+ {
9475
+ name: "lists:write",
9476
+ rules: [
9477
+ "POST /slackLists.access.delete",
9478
+ "POST /slackLists.access.set",
9479
+ "POST /slackLists.create",
9480
+ "POST /slackLists.items.create",
9481
+ "POST /slackLists.items.delete",
9482
+ "POST /slackLists.items.deleteMultiple",
9483
+ "POST /slackLists.items.update",
9484
+ "POST /slackLists.update"
9485
+ ]
9486
+ },
9487
+ {
9488
+ name: "mpim:history",
9489
+ rules: ["GET /conversations.history", "GET /conversations.replies"]
9490
+ },
9491
+ {
9492
+ name: "mpim:read",
9493
+ rules: [
9494
+ "GET /conversations.info",
9495
+ "GET /conversations.list",
9496
+ "GET /conversations.members",
9497
+ "GET /users.conversations"
9498
+ ]
9499
+ },
9500
+ {
9501
+ name: "mpim:write",
9502
+ rules: [
9503
+ "POST /conversations.archive",
9504
+ "POST /conversations.close",
9505
+ "POST /conversations.create",
9506
+ "POST /conversations.invite",
9507
+ "POST /conversations.kick",
9508
+ "POST /conversations.leave",
9509
+ "POST /conversations.mark",
9510
+ "POST /conversations.open",
9511
+ "POST /conversations.rename",
9512
+ "POST /conversations.setPurpose",
9513
+ "POST /conversations.setTopic",
9514
+ "POST /conversations.unarchive"
9515
+ ]
9516
+ },
9517
+ {
9518
+ name: "mpim:write.topic",
9519
+ rules: [
9520
+ "POST /conversations.setPurpose",
9521
+ "POST /conversations.setTopic"
9522
+ ]
9523
+ },
9524
+ {
9525
+ name: "openid",
9526
+ rules: ["POST /openid.connect.userInfo"]
9527
+ },
9528
+ {
9529
+ name: "pins:read",
9530
+ rules: ["GET /pins.list"]
9531
+ },
9532
+ {
9533
+ name: "pins:write",
9534
+ rules: ["POST /pins.add", "POST /pins.remove"]
9535
+ },
9536
+ {
9537
+ name: "reactions:read",
9538
+ rules: ["GET /reactions.get", "GET /reactions.list"]
9539
+ },
9540
+ {
9541
+ name: "reactions:write",
9542
+ rules: ["POST /reactions.add", "POST /reactions.remove"]
9543
+ },
9544
+ {
9545
+ name: "reminders:read",
9546
+ rules: ["GET /reminders.info", "GET /reminders.list"]
9547
+ },
9548
+ {
9549
+ name: "reminders:write",
9550
+ rules: [
9551
+ "POST /reminders.add",
9552
+ "POST /reminders.complete",
9553
+ "POST /reminders.delete"
9554
+ ]
9555
+ },
9556
+ {
9557
+ name: "remote_files:read",
9558
+ rules: ["GET /files.remote.info", "GET /files.remote.list"]
9559
+ },
9560
+ {
9561
+ name: "remote_files:share",
9562
+ rules: ["GET /files.remote.share"]
9563
+ },
9564
+ {
9565
+ name: "remote_files:write",
9566
+ rules: [
9567
+ "POST /files.remote.add",
9568
+ "POST /files.remote.remove",
9569
+ "POST /files.remote.update"
9570
+ ]
9571
+ },
9572
+ {
9573
+ name: "search:read",
9574
+ rules: [
9575
+ "POST /assistant.search.info",
9576
+ "GET /search.all",
9577
+ "GET /search.files",
9578
+ "GET /search.messages"
9579
+ ]
9580
+ },
9581
+ {
9582
+ name: "search:read.files",
9583
+ rules: ["POST /assistant.search.context"]
9584
+ },
9585
+ {
9586
+ name: "search:read.im",
9587
+ rules: ["POST /assistant.search.context"]
9588
+ },
9589
+ {
9590
+ name: "search:read.mpim",
9591
+ rules: ["POST /assistant.search.context"]
9592
+ },
9593
+ {
9594
+ name: "search:read.private",
9595
+ rules: ["POST /assistant.search.context"]
9596
+ },
9597
+ {
9598
+ name: "search:read.public",
9599
+ rules: [
9600
+ "POST /assistant.search.context",
9601
+ "POST /assistant.search.info"
9602
+ ]
9603
+ },
9604
+ {
9605
+ name: "search:read.users",
9606
+ rules: ["POST /assistant.search.context"]
9607
+ },
9608
+ {
9609
+ name: "stars:read",
9610
+ rules: ["GET /stars.list"]
9611
+ },
9612
+ {
9613
+ name: "stars:write",
9614
+ rules: ["POST /stars.add", "POST /stars.remove"]
9615
+ },
9616
+ {
9617
+ name: "team.billing:read",
9618
+ rules: ["POST /team.billing.info"]
9619
+ },
9620
+ {
9621
+ name: "team.preferences:read",
9622
+ rules: ["POST /team.preferences.list"]
9623
+ },
9624
+ {
9625
+ name: "team:read",
9626
+ rules: [
9627
+ "GET /team.externalTeams.list",
9628
+ "GET /team.info",
9629
+ "POST /users.discoverableContacts.lookup"
9630
+ ]
9631
+ },
9632
+ {
9633
+ name: "tokens.basic",
9634
+ rules: ["GET /migration.exchange"]
9635
+ },
9636
+ {
9637
+ name: "triggers:read",
9638
+ rules: ["POST /workflows.triggers.permissions.list"]
9639
+ },
9640
+ {
9641
+ name: "triggers:write",
9642
+ rules: [
9643
+ "POST /workflows.triggers.permissions.add",
9644
+ "POST /workflows.triggers.permissions.remove",
9645
+ "POST /workflows.triggers.permissions.set"
9646
+ ]
9647
+ },
9648
+ {
9649
+ name: "usergroups:read",
9650
+ rules: ["GET /usergroups.list", "GET /usergroups.users.list"]
9651
+ },
9652
+ {
9653
+ name: "usergroups:write",
9654
+ rules: [
9655
+ "POST /usergroups.create",
9656
+ "POST /usergroups.disable",
9657
+ "POST /usergroups.enable",
9658
+ "POST /usergroups.update",
9659
+ "POST /usergroups.users.update"
9660
+ ]
9661
+ },
9662
+ {
9663
+ name: "users.profile:read",
9664
+ rules: ["GET /team.profile.get", "GET /users.profile.get"]
9665
+ },
9666
+ {
9667
+ name: "users.profile:write",
9668
+ rules: [
9669
+ "GET /users.deletePhoto",
9670
+ "POST /users.profile.set",
9671
+ "POST /users.setPhoto"
9672
+ ]
9673
+ },
9674
+ {
9675
+ name: "users:read",
9676
+ rules: [
9677
+ "GET /bots.info",
9678
+ "GET /users.getPresence",
9679
+ "GET /users.info",
9680
+ "GET /users.list"
9681
+ ]
9682
+ },
9683
+ {
9684
+ name: "users:read.email",
9685
+ rules: ["GET /users.lookupByEmail"]
9686
+ },
9687
+ {
9688
+ name: "users:write",
9689
+ rules: [
9690
+ "POST /apps.user.connection.update",
9691
+ "POST /users.setActive",
9692
+ "POST /users.setPresence"
9693
+ ]
9694
+ },
9695
+ {
9696
+ name: "no_scopes_required",
9697
+ description: "Methods that require a valid token but no specific scope",
9698
+ rules: [
9699
+ "POST /api.test",
9700
+ "POST /apps.auth.external.delete",
9701
+ "POST /apps.auth.external.get",
9702
+ "POST /apps.connections.open",
9703
+ "POST /apps.event.authorizations.list",
9704
+ "POST /apps.manifest.create",
9705
+ "POST /apps.manifest.delete",
9706
+ "POST /apps.manifest.export",
9707
+ "POST /apps.manifest.update",
9708
+ "POST /apps.manifest.validate",
9709
+ "POST /apps.uninstall",
9710
+ "GET /auth.revoke",
9711
+ "POST /auth.teams.list",
9712
+ "POST /auth.test",
9713
+ "GET /chat.getPermalink",
9714
+ "POST /chat.scheduledMessages.list",
9715
+ "POST /dialog.open",
9716
+ "POST /functions.completeError",
9717
+ "POST /functions.completeSuccess",
9718
+ "POST /functions.distributions.permissions.add",
9719
+ "POST /functions.distributions.permissions.list",
9720
+ "POST /functions.distributions.permissions.remove",
9721
+ "POST /functions.distributions.permissions.set",
9722
+ "POST /functions.workflows.steps.list",
9723
+ "POST /functions.workflows.steps.responses.export",
9724
+ "POST /oauth.access",
9725
+ "POST /oauth.v2.access",
9726
+ "POST /oauth.v2.exchange",
9727
+ "POST /oauth.v2.user.access",
9728
+ "POST /openid.connect.token",
9729
+ "GET /rtm.connect",
9730
+ "GET /rtm.start",
9731
+ "POST /tooling.tokens.rotate",
9732
+ "POST /views.open",
9733
+ "POST /views.publish",
9734
+ "POST /views.push",
9735
+ "POST /views.update"
9736
+ ]
9737
+ }
9738
+ ]
9739
+ },
9740
+ {
9741
+ base: "https://files.slack.com",
9742
+ auth: {
9743
+ headers: {
9744
+ Authorization: "Bearer ${{ secrets.SLACK_TOKEN }}"
9745
+ }
9746
+ },
9747
+ permissions: [
9748
+ {
9749
+ name: "unrestricted",
9750
+ description: "Allow all endpoints",
9751
+ rules: ["ANY /{path*}"]
9752
+ },
9753
+ {
9754
+ name: "files:read",
9755
+ description: "Download files from Slack",
9756
+ rules: ["GET /{path+}"]
9757
+ }
9758
+ ]
9759
+ }
9760
+ ]
9761
+ };
9762
+
9763
+ // ../../packages/core/src/firewalls/index.ts
9764
+ var builtinFirewalls = {
9765
+ github: githubFirewall,
9766
+ slack: slackFirewall
9767
+ };
9768
+
7214
9769
  // ../../packages/core/src/firewall-loader.ts
7215
9770
  var MAX_RESPONSE_SIZE = 128 * 1024;
7216
9771
  function buildFirewallYamlUrl(ref) {
@@ -7223,6 +9778,11 @@ function buildFirewallYamlUrl(ref) {
7223
9778
  return `https://raw.githubusercontent.com/${parsed.owner}/${parsed.repo}/${parsed.branch}/${pathPrefix}firewall.yaml`;
7224
9779
  }
7225
9780
  async function fetchFirewallConfig(ref, fetchFn = fetch) {
9781
+ const trimmed = ref.trim();
9782
+ const builtin = !trimmed.includes("/") ? builtinFirewalls[trimmed] : void 0;
9783
+ if (builtin) {
9784
+ return builtin;
9785
+ }
7226
9786
  const rawUrl = buildFirewallYamlUrl(ref);
7227
9787
  const res = await fetchFn(rawUrl);
7228
9788
  if (!res.ok) {
@@ -7528,7 +10088,6 @@ var onboardingStatusResponseSchema = z25.object({
7528
10088
  needsOnboarding: z25.boolean(),
7529
10089
  isAdmin: z25.boolean(),
7530
10090
  hasOrg: z25.boolean(),
7531
- hasModelProvider: z25.boolean(),
7532
10091
  hasDefaultAgent: z25.boolean(),
7533
10092
  defaultAgentName: z25.string().nullable(),
7534
10093
  defaultAgentComposeId: z25.string().nullable(),
@@ -8147,7 +10706,14 @@ var zeroComposesListContract = c31.router({
8147
10706
  // ../../packages/core/src/contracts/zero-runs.ts
8148
10707
  import { z as z35 } from "zod";
8149
10708
  var zeroRunRequestSchema = unifiedRunRequestSchema.omit({
8150
- triggerSource: true
10709
+ triggerSource: true,
10710
+ memoryName: true,
10711
+ artifactName: true,
10712
+ artifactVersion: true,
10713
+ disallowedTools: true,
10714
+ volumeVersions: true,
10715
+ vars: true,
10716
+ secrets: true
8151
10717
  });
8152
10718
  var c32 = initContract();
8153
10719
  var zeroRunsMainContract = c32.router({
@@ -8785,7 +11351,7 @@ var FEATURE_SWITCHES = {
8785
11351
  enabled: false,
8786
11352
  enabledUserHashes: STAFF_USER_HASHES
8787
11353
  },
8788
- ["vm0ModelProvider" /* Vm0ModelProvider */]: {
11354
+ ["usage" /* Usage */]: {
8789
11355
  maintainer: "ethan@vm0.ai",
8790
11356
  enabled: false,
8791
11357
  enabledUserHashes: STAFF_USER_HASHES
@@ -9170,7 +11736,7 @@ function getConfigPath() {
9170
11736
  return join2(homedir2(), ".vm0", "config.json");
9171
11737
  }
9172
11738
  var infoCommand = new Command6().name("info").description("Display environment and debug information").action(async () => {
9173
- console.log(chalk4.bold(`VM0 CLI v${"9.74.1"}`));
11739
+ console.log(chalk4.bold(`VM0 CLI v${"9.74.2"}`));
9174
11740
  console.log();
9175
11741
  const config = await loadConfig();
9176
11742
  const hasEnvToken = !!process.env.VM0_TOKEN;
@@ -11230,7 +13796,7 @@ var composeCommand = new Command7().name("compose").description("Create or updat
11230
13796
  options.autoUpdate = false;
11231
13797
  }
11232
13798
  if (options.autoUpdate !== false) {
11233
- await startSilentUpgrade("9.74.1");
13799
+ await startSilentUpgrade("9.74.2");
11234
13800
  }
11235
13801
  try {
11236
13802
  let result;
@@ -12065,7 +14631,7 @@ var mainRunCommand = new Command8().name("run").description("Run an agent").argu
12065
14631
  withErrorHandler(
12066
14632
  async (identifier, prompt, options) => {
12067
14633
  if (options.autoUpdate !== false) {
12068
- await startSilentUpgrade("9.74.1");
14634
+ await startSilentUpgrade("9.74.2");
12069
14635
  }
12070
14636
  const { org, name, version } = parseIdentifier(identifier);
12071
14637
  let composeId;
@@ -13821,7 +16387,7 @@ var cookAction = new Command35().name("cook").description("Quick start: prepare,
13821
16387
  withErrorHandler(
13822
16388
  async (prompt, options) => {
13823
16389
  if (options.autoUpdate !== false) {
13824
- const shouldExit = await checkAndUpgrade("9.74.1", prompt);
16390
+ const shouldExit = await checkAndUpgrade("9.74.2", prompt);
13825
16391
  if (shouldExit) {
13826
16392
  process.exit(0);
13827
16393
  }
@@ -14843,8 +17409,16 @@ function formatNetworkTcp(entry) {
14843
17409
  const error = entry.error ? ` ${chalk36.red(entry.error)}` : "";
14844
17410
  return `[${entry.timestamp}] ${chalk36.blue("TCP")} ${latencyMs}ms ${formatBytes(requestSize)}/${formatBytes(responseSize)} ${chalk36.dim(`${host}:${port}`)}${error}`;
14845
17411
  }
17412
+ function formatNetworkOther(entry) {
17413
+ const proto = (entry.type || "???").toUpperCase();
17414
+ const host = entry.host || "unknown";
17415
+ const port = entry.port || 0;
17416
+ const size = entry.request_size || 0;
17417
+ return `[${entry.timestamp}] ${chalk36.magenta(proto.padEnd(5))} ${formatBytes(size)} ${chalk36.dim(`${host}:${port}`)}`;
17418
+ }
14846
17419
  function formatNetworkLog(entry) {
14847
17420
  if (entry.type === "tcp") return formatNetworkTcp(entry);
17421
+ if (entry.type && entry.type !== "http") return formatNetworkOther(entry);
14848
17422
  if (entry.action === "DENY") return formatNetworkDeny(entry);
14849
17423
  return formatNetworkRequest(entry);
14850
17424
  }
@@ -19195,13 +21769,13 @@ var upgradeCommand = new Command94().name("upgrade").description("Upgrade vm0 CL
19195
21769
  if (latestVersion === null) {
19196
21770
  throw new Error("Could not check for updates. Please try again later.");
19197
21771
  }
19198
- if (latestVersion === "9.74.1") {
19199
- console.log(chalk86.green(`\u2713 Already up to date (${"9.74.1"})`));
21772
+ if (latestVersion === "9.74.2") {
21773
+ console.log(chalk86.green(`\u2713 Already up to date (${"9.74.2"})`));
19200
21774
  return;
19201
21775
  }
19202
21776
  console.log(
19203
21777
  chalk86.yellow(
19204
- `Current version: ${"9.74.1"} -> Latest version: ${latestVersion}`
21778
+ `Current version: ${"9.74.2"} -> Latest version: ${latestVersion}`
19205
21779
  )
19206
21780
  );
19207
21781
  console.log();
@@ -19228,7 +21802,7 @@ var upgradeCommand = new Command94().name("upgrade").description("Upgrade vm0 CL
19228
21802
  const success = await performUpgrade(packageManager);
19229
21803
  if (success) {
19230
21804
  console.log(
19231
- chalk86.green(`\u2713 Upgraded from ${"9.74.1"} to ${latestVersion}`)
21805
+ chalk86.green(`\u2713 Upgraded from ${"9.74.2"} to ${latestVersion}`)
19232
21806
  );
19233
21807
  return;
19234
21808
  }
@@ -19302,7 +21876,7 @@ var whoamiCommand = new Command95().name("whoami").description("Show current ide
19302
21876
 
19303
21877
  // src/index.ts
19304
21878
  var program = new Command96();
19305
- program.name("vm0").description("VM0 CLI - Build and run agents with natural language").version("9.74.1");
21879
+ program.name("vm0").description("VM0 CLI - Build and run agents with natural language").version("9.74.2");
19306
21880
  program.addCommand(authCommand);
19307
21881
  program.addCommand(infoCommand);
19308
21882
  program.addCommand(composeCommand);