From 71ca4975add0c9715eb2feeec7175ff186929b94 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Nov 2025 21:22:13 +0000 Subject: [PATCH 1/3] build(deps-dev): bump @octokit/openapi from 19.1.0 to 20.0.0 Bumps [@octokit/openapi](https://github.com/octokit/openapi) from 19.1.0 to 20.0.0. - [Release notes](https://github.com/octokit/openapi/releases) - [Commits](https://github.com/octokit/openapi/compare/v19.1.0...v20.0.0) --- updated-dependencies: - dependency-name: "@octokit/openapi" dependency-version: 20.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package-lock.json | 11 +++++++---- package.json | 2 +- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index ff71011..f85a5d7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "undici": "^7.16.0" }, "devDependencies": { - "@octokit/openapi": "^19.1.0", + "@octokit/openapi": "^21.0.0", "@sinonjs/fake-timers": "^14.0.0", "ava": "^6.4.1", "c8": "^10.1.3", @@ -25,6 +25,9 @@ "execa": "^9.6.0", "open-cli": "^8.0.0", "yaml": "^2.8.1" + }, + "engines": { + "node": ">=20" } }, "node_modules/@actions/core": { @@ -797,9 +800,9 @@ } }, "node_modules/@octokit/openapi": { - "version": "19.1.0", - "resolved": "https://registry.npmjs.org/@octokit/openapi/-/openapi-19.1.0.tgz", - "integrity": "sha512-geiTDyEF3/QEFcb41IlIhl070NlqUStxiZycbSCmUn17Vrc7F+tHyDc34kavqprVe6I5z+2/SQQj9gz1w7UsVA==", + "version": "21.0.0", + "resolved": "https://registry.npmjs.org/@octokit/openapi/-/openapi-21.0.0.tgz", + "integrity": "sha512-NybZQUNsa6yErKW1EEniJs0c/KFEFkXOrWlHk9IVFkY2OC5SQJMsjJnfCfVFyIuBjt8qBHGTopri7y/cKafxPQ==", "dev": true, "license": "MIT", "engines": { diff --git a/package.json b/package.json index 9bb77da..2a4add2 100644 --- a/package.json +++ b/package.json @@ -23,7 +23,7 @@ "undici": "^7.16.0" }, "devDependencies": { - "@octokit/openapi": "^19.1.0", + "@octokit/openapi": "^21.0.0", "@sinonjs/fake-timers": "^14.0.0", "ava": "^6.4.1", "c8": "^10.1.3", From f6be8d0a0e1432d8824565f9007de126ae307de2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Nov 2025 21:22:38 +0000 Subject: [PATCH 2/3] feat: update permission inputs --- action.yml | 6 +++++- scripts/generated/app-permissions.json | 19 ++++++++++++++++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index ab7d7f3..67616d4 100644 --- a/action.yml +++ b/action.yml @@ -37,12 +37,16 @@ inputs: description: "The level of permission to grant the access token to create, edit, delete, and list Codespaces. Can be set to 'read' or 'write'." permission-contents: description: "The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be set to 'read' or 'write'." + permission-custom-properties-for-organizations: + description: "The level of permission to grant the access token to view and edit custom properties for an organization, when allowed by the property. Can be set to 'read' or 'write'." permission-dependabot-secrets: description: "The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'." permission-deployments: description: "The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'." permission-email-addresses: description: "The level of permission to grant the access token to manage the email addresses belonging to a user. Can be set to 'read' or 'write'." + permission-enterprise-custom-properties-for-organizations: + description: "The level of permission to grant the access token for organization custom properties management at the enterprise level. Can be set to 'read', 'write', or 'admin'." permission-environments: description: "The level of permission to grant the access token for managing repository environments. Can be set to 'read' or 'write'." permission-followers: @@ -68,7 +72,7 @@ inputs: permission-organization-custom-org-roles: description: "The level of permission to grant the access token for custom organization roles management. Can be set to 'read' or 'write'." permission-organization-custom-properties: - description: "The level of permission to grant the access token for custom property management. Can be set to 'read', 'write', or 'admin'." + description: "The level of permission to grant the access token for repository custom properties management at the organization level. Can be set to 'read', 'write', or 'admin'." permission-organization-custom-roles: description: "The level of permission to grant the access token for custom repository roles management. Can be set to 'read' or 'write'." permission-organization-events: diff --git a/scripts/generated/app-permissions.json b/scripts/generated/app-permissions.json index 5a00882..aae22e8 100644 --- a/scripts/generated/app-permissions.json +++ b/scripts/generated/app-permissions.json @@ -187,6 +187,14 @@ "write" ] }, + "custom_properties_for_organizations": { + "type": "string", + "description": "The level of permission to grant the access token to view and edit custom properties for an organization, when allowed by the property.", + "enum": [ + "read", + "write" + ] + }, "members": { "type": "string", "description": "The level of permission to grant the access token for organization teams and members.", @@ -221,7 +229,7 @@ }, "organization_custom_properties": { "type": "string", - "description": "The level of permission to grant the access token for custom property management.", + "description": "The level of permission to grant the access token for repository custom properties management at the organization level.", "enum": [ "read", "write", @@ -384,6 +392,15 @@ "read", "write" ] + }, + "enterprise_custom_properties_for_organizations": { + "type": "string", + "description": "The level of permission to grant the access token for organization custom properties management at the enterprise level.", + "enum": [ + "read", + "write", + "admin" + ] } }, "example": { From 212112e61a7d11ab56aa699407e7e73dacce59e5 Mon Sep 17 00:00:00 2001 From: Parker Brown <17183625+parkerbxyz@users.noreply.github.com> Date: Fri, 21 Nov 2025 14:58:42 -0800 Subject: [PATCH 3/3] Update workflow to set PR title after auto-commit Adds a step to update the pull request title when changes are auto-committed. Also sets the commit message via environment variable and updates the git-auto-commit-action version for improved compatibility. --- .github/workflows/update-permission-inputs.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-permission-inputs.yml b/.github/workflows/update-permission-inputs.yml index d239fdf..502d52e 100644 --- a/.github/workflows/update-permission-inputs.yml +++ b/.github/workflows/update-permission-inputs.yml @@ -13,10 +13,13 @@ concurrency: permissions: contents: write + pull-requests: write jobs: update-permission-inputs: runs-on: ubuntu-latest + env: + COMMIT_MESSAGE: 'feat: update permission inputs' steps: - uses: actions/checkout@v6 - uses: actions/setup-node@v6 @@ -27,6 +30,13 @@ jobs: - name: Run permission inputs update script run: node scripts/update-permission-inputs.js - name: Commit changes - uses: stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3 # v7.0.0 + id: auto-commit + uses: stefanzweifel/git-auto-commit-action@778341af668090896ca464160c2def5d1d1a3eb0 # v6.0.1 with: - commit_message: 'feat: update permission inputs' + commit_message: ${{ env.COMMIT_MESSAGE }} + - name: Update PR title + if: github.event_name == 'pull_request' && steps.auto-commit.outputs.changes_detected == 'true' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr edit ${{ github.event.pull_request.number }} --title "${{ env.COMMIT_MESSAGE }}"