github · Pandatabe223 · May 30, 2024 · Jul 12, 2024 · Sep 5, 2024 · Sep 6, 2024
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -0,0 +1,5 @@
+#/ AUTHOR: @IAmHughes{
+  "image": "mcr.microsoft.com/devcontainers/universal:2",
+  "features": {
+  }
+}
diff --git a/SUPPORT.md b/SUPPORT.md
@@ -0,0 +1,8 @@
+# Support
+
+This repository contains sample code provided by GitHub for demonstration purposes.
+
+- **No Official Support**: These samples are provided "as-is" without official support.
+- **Use at Your Own Risk**: Intended for learning and experimentation, not for production use.
+
+Thank you for understanding.
diff --git a/api/javascript/es2015-nodejs/package.json b/api/javascript/es2015-nodejs/package.json
@@ -6,6 +6,6 @@
   },
   "author": "@k33g",
   "dependencies": {
-    "node-fetch": "^1.6.3"
+    "node-fetch": "^3.3.2"
   }
 }
diff --git a/api/javascript/gha-cleanup/package-lock.json b/api/javascript/gha-cleanup/package-lock.json
diff --git a/api/ruby/building-a-ci-server/Gemfile b/api/ruby/building-a-ci-server/Gemfile
@@ -3,4 +3,4 @@ source "https://rubygems.org"
 gem "json",        "~> 2.3"
 gem "octokit",     "~> 3.0"
 gem "shotgun"
-gem "sinatra",     "~> 2.2.3"
+gem "sinatra",     "~> 4.0.0"
diff --git a/api/ruby/building-a-ci-server/Gemfile.lock b/api/ruby/building-a-ci-server/Gemfile.lock
@@ -2,29 +2,34 @@ GEM
   remote: https://rubygems.org/
   specs:
     addressable (2.3.6)
+    base64 (0.2.0)
     faraday (0.9.0)
       multipart-post (>= 1.2, < 3)
     json (2.3.0)
     multipart-post (2.0.0)
-    mustermann (2.0.2)
+    mustermann (3.0.3)
       ruby2_keywords (~> 0.0.1)
     octokit (3.0.0)
       sawyer (~> 0.5.3)
-    rack (2.2.8.1)
-    rack-protection (2.2.3)
-      rack
+    rack (3.1.7)
+    rack-protection (4.0.0)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     ruby2_keywords (0.0.5)
     sawyer (0.5.4)
       addressable (~> 2.3.5)
       faraday (~> 0.8, < 0.10)
     shotgun (0.9)
       rack (>= 1.0)
-    sinatra (2.2.3)
-      mustermann (~> 2.0)
-      rack (~> 2.2)
-      rack-protection (= 2.2.3)
+    sinatra (4.0.0)
+      mustermann (~> 3.0)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.0.0)
+      rack-session (>= 2.0.0, < 3)
       tilt (~> 2.0)
-    tilt (2.0.11)
+    tilt (2.4.0)
 
 PLATFORMS
   ruby
@@ -33,7 +38,7 @@ DEPENDENCIES
   json (~> 2.3)
   octokit (~> 3.0)
   shotgun
-  sinatra (~> 2.2.3)
+  sinatra (~> 4.0.0)
 
 BUNDLED WITH
    1.11.2
diff --git a/api/ruby/delivering-deployments/Gemfile b/api/ruby/delivering-deployments/Gemfile
@@ -3,4 +3,4 @@ source "https://rubygems.org"
 gem "json",        "~> 2.3"
 gem "octokit",     "~> 3.0"
 gem "shotgun"
-gem "sinatra",     "~> 2.2.3"
+gem "sinatra",     "~> 4.0.0"
diff --git a/api/ruby/delivering-deployments/Gemfile.lock b/api/ruby/delivering-deployments/Gemfile.lock
@@ -2,29 +2,34 @@ GEM
   remote: https://rubygems.org/
   specs:
     addressable (2.3.6)
+    base64 (0.2.0)
     faraday (0.9.0)
       multipart-post (>= 1.2, < 3)
     json (2.3.0)
     multipart-post (2.0.0)
-    mustermann (2.0.2)
+    mustermann (3.0.3)
       ruby2_keywords (~> 0.0.1)
     octokit (3.0.0)
       sawyer (~> 0.5.3)
-    rack (2.2.8.1)
-    rack-protection (2.2.3)
-      rack
+    rack (3.1.7)
+    rack-protection (4.0.0)
+      base64 (>= 0.1.0)
+      rack (>= 3.0.0, < 4)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     ruby2_keywords (0.0.5)
     sawyer (0.5.4)
       addressable (~> 2.3.5)
       faraday (~> 0.8, < 0.10)
     shotgun (0.9)
       rack (>= 1.0)
-    sinatra (2.2.3)
-      mustermann (~> 2.0)
-      rack (~> 2.2)
-      rack-protection (= 2.2.3)
+    sinatra (4.0.0)
+      mustermann (~> 3.0)
+      rack (>= 3.0.0, < 4)
+      rack-protection (= 4.0.0)
+      rack-session (>= 2.0.0, < 3)
       tilt (~> 2.0)
-    tilt (2.1.0)
+    tilt (2.4.0)
 
 PLATFORMS
   ruby
@@ -33,7 +38,7 @@ DEPENDENCIES
   json (~> 2.3)
   octokit (~> 3.0)
   shotgun
-  sinatra (~> 2.2.3)
+  sinatra (~> 4.0.0)
 
 BUNDLED WITH
    1.11.2
diff --git a/api/ruby/rendering-data-as-graphs/Gemfile.lock b/api/ruby/rendering-data-as-graphs/Gemfile.lock
@@ -6,8 +6,8 @@ GEM
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-    addressable (2.8.1)
-      public_suffix (>= 2.0.2, < 6.0)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     concurrent-ruby (1.2.2)
     faraday (1.10.3)
       faraday-em_http (~> 1.0)
@@ -39,7 +39,7 @@ GEM
     multipart-post (2.3.0)
     octokit (4.7.0)
       sawyer (~> 0.8.0, >= 0.5.3)
-    public_suffix (5.0.1)
+    public_suffix (6.0.1)
     rack (1.6.13)
     rack-protection (1.5.5)
       rack

diff --git a/graphql/enterprise/yarn.lock b/graphql/enterprise/yarn.lock
@@ -316,11 +316,11 @@ brace-expansion@^1.1.7:
     balanced-match "^1.0.0"
     concat-map "0.0.1"
 
-braces@^3.0.2:
-  version "3.0.2"
-  resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107"
+braces@^3.0.2, braces@^3.0.3:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.3.tgz#490332f40919452272d55a8480adc0c441358789"
   dependencies:
-    fill-range "^7.0.1"
+    fill-range "^7.1.1"
 
 busboy@^1.6.0:
   version "1.6.0"
@@ -473,9 +473,9 @@ fbjs@^0.8.9:
     setimmediate "^1.0.5"
     ua-parser-js "^0.7.9"
 
-fill-range@^7.0.1:
-  version "7.0.1"
-  resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40"
+fill-range@^7.1.1:
+  version "7.1.1"
+  resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.1.1.tgz#44265d3cac07e3ea7dc247516380643754a05292"
   dependencies:
     to-regex-range "^5.0.1"
 
@@ -695,10 +695,10 @@ meros@^1.1.4, meros@^1.2.1:
   resolved "https://registry.yarnpkg.com/meros/-/meros-1.2.1.tgz#056f7a76e8571d0aaf3c7afcbe7eb6407ff7329e"
 
 micromatch@^4.0.4:
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.5.tgz#bc8999a7cbbf77cdc89f132f6e467051b49090c6"
+  version "4.0.8"
+  resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.8.tgz#d66fa18f3a47076789320b9b1af32bd86d9fa202"
   dependencies:
-    braces "^3.0.2"
+    braces "^3.0.3"
     picomatch "^2.3.1"
 
 minimatch@4.2.1:

diff --git a/...u-list-enterprise-scim-identities.graphql → ...ies/emu-scim-list-scim-identities.graphql b/...u-list-enterprise-scim-identities.graphql → ...ies/emu-scim-list-scim-identities.graphql
diff --git a/...-enterprises-list-scim-identities.graphql → ...mu-scim-oidc-list-scim-identities.graphql b/...-enterprises-list-scim-identities.graphql → ...mu-scim-oidc-list-scim-identities.graphql
diff --git a/graphql/queries/enterprise-get-ip-allow-list.graphql b/graphql/queries/enterprise-get-ip-allow-list.graphql
@@ -0,0 +1,25 @@
+# Grab current IP allow list settings for an enterprise.
+# This includes:
+# - The IP allow list entries
+# - The IP allow list enabled setting
+# - The IP allow list for GitHub Apps enabled setting
+
+query GetEnterpriseIPAllowList {
+  enterprise(slug: "ENTERPRISE_SLUG") {
+    owner_id: id
+    enterprise_slug: slug
+    enterprise_owner_info: ownerInfo {
+      is_ip_allow_list_enabled: ipAllowListEnabledSetting
+      is_ip_allow_list_for_github_apps_enabled: ipAllowListForInstalledAppsEnabledSetting
+      ipAllowListEntries(first: 100) {
+        nodes {
+          ip_allow_list_entry_id: id
+          ip_allow_list_entry_name: name
+          ip_allow_list_entry_value: allowListValue
+          ip_allow_list_entry_created: createdAt
+          is_ip_allow_list_entry_active: isActive
+        }
+      }
+    }
+  }
+}
diff --git a/graphql/queries/enterprise-members-2fa-disabled.graphql b/graphql/queries/enterprise-members-2fa-disabled.graphql
@@ -0,0 +1,28 @@
+# This GraphQL query will list any enterprise members who have yet to enable 2FA on their personal GitHub account.
+# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.
+
+query GetEnterpriseMembersWith2faDisabled {
+  enterprise(slug: "ENTERPRISE_SLUG") {
+    enterprise_id: id
+    enterprise_slug: slug
+    members_with_no_2fa: members(
+      first: 100
+      twoFactorMethodSecurity: DISABLED
+    ) {
+      num_of_members: totalCount
+      edges {
+        node {
+          ... on EnterpriseUserAccount {
+            login
+          }
+        }
+      }
+      pageInfo {
+        endCursor
+        startCursor
+        hasNextPage
+        hasPreviousPage
+      }
+    }
+  }
+}
diff --git a/graphql/queries/enterprise-members-2fa-insecure.graphql b/graphql/queries/enterprise-members-2fa-insecure.graphql
@@ -0,0 +1,28 @@
+# This GraphQL query will list any enterprise members who have enabled 2FA on their GitHub account, but amongst their 2FA methods is SMS (which is deemed insecure).
+# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.
+
+query GetEnterpriseMembersWithInsecure2fa {
+  enterprise(slug: "ENTERPRISE_SLUG") {
+    enterprise_id: id
+    enterprise_slug: slug
+    members_with_insecure_2fa: members(
+      first: 100
+      twoFactorMethodSecurity: INSECURE
+    ) {
+      num_of_members: totalCount
+      edges {
+        node {
+          ... on EnterpriseUserAccount {
+            login
+          }
+        }
+      }
+      pageInfo {
+        endCursor
+        startCursor
+        hasNextPage
+        hasPreviousPage
+      }
+    }
+  }
+}
diff --git a/graphql/queries/enterprise-members-2fa-secure.graphql b/graphql/queries/enterprise-members-2fa-secure.graphql
@@ -0,0 +1,28 @@
+# This GraphQL query will list any enterprise members who have enabled 2FA on their GitHub account with a secure (non-SMS) method.
+# This does not list any outside collaborators, and will not work with Enterprise Managed Users other than the setup user.
+
+query GetEnterpriseMembersWithSecure2fa {
+  enterprise(slug: "ENTERPRISE_SLUG") {
+    enterprise_id: id
+    enterprise_slug: slug
+    members_with_secure_2fa: members(
+      first: 100
+      twoFactorMethodSecurity: SECURE
+    ) {
+      num_of_members: totalCount
+      edges {
+        node {
+          ... on EnterpriseUserAccount {
+            login
+          }
+        }
+      }
+      pageInfo {
+        endCursor
+        startCursor
+        hasNextPage
+        hasPreviousPage
+      }
+    }
+  }
+}
diff --git a/graphql/queries/enterprise-outside-collaborators-2fa-disabled.graphql b/graphql/queries/enterprise-outside-collaborators-2fa-disabled.graphql
@@ -0,0 +1,25 @@
+# This GraphQL query will list any outside collaborators in an enterprise who have yet to enable 2FA on their GitHub account.
+
+query GetEnterpriseollaboratorsWith2faDisabled {
+  enterprise(slug: "ENTERPRISE_SLUG") {
+    enterprise_id: id
+    enterprise_slug: slug
+    enterprise_owner_info: ownerInfo {
+      collaborators_with_no_2fa: outsideCollaborators(
+        twoFactorMethodSecurity: DISABLED
+        first: 100
+      ) {
+        num_of_collaborators: totalCount
+        nodes {
+          login
+        }
+        pageInfo {
+          endCursor
+          startCursor
+          hasNextPage
+          hasPreviousPage
+        }
+      }
+    }
+  }
+}
diff --git a/graphql/queries/enterprise-outside-collaborators-2fa-insecure.graphql b/graphql/queries/enterprise-outside-collaborators-2fa-insecure.graphql
@@ -0,0 +1,25 @@
+# This GraphQL query will list any outside collaborators in an enterprise who have enabled 2FA on their GitHub account, but amongst the 2FA methods is SMS (which is deemed insecure).
+
+query GetEnterpriseCollaboratorsWithInsecure2fa {
+  enterprise(slug: "ENTERPRISE_SLUG") {
+    enterprise_id: id
+    enterprise_slug: slug
+    enterprise_owner_info: ownerInfo {
+      collaborators_with_insecure_2fa: outsideCollaborators(
+        twoFactorMethodSecurity: INSECURE
+        first: 100
+      ) {
+        num_of_collaborators: totalCount
+        nodes {
+          login
+        }
+        pageInfo {
+          endCursor
+          startCursor
+          hasNextPage
+          hasPreviousPage
+        }
+      }
+    }
+  }
+}