Back to monitors
Additive AI classification

Add license_compliance_scanning repository rule type

The API now supports a new license_compliance_scanning repository rule type that enforces added or changed dependencies to comply with the organization's license policy. This is a purely additive change that does not affect existing integrations. Additionally, several example URLs were updated from internal examples (mycompany.com, my-github-app.com) to standard examples (example.com), which are documentation-only changes.

Alert history

  • Additive

    Add license_compliance_scanning repository rule type

    The API now supports a new license_compliance_scanning repository rule type that enforces added or changed dependencies to comply with the organization's license policy. This is a purely additive change that does not affect existing integrations. Additionally, several example URLs were updated from internal examples (mycompany.com, my-github-app.com) to standard examples (example.com), which are documentation-only changes.

  • Additive

    Team member endpoints now include role and inheritance info

    The GET /orgs/{org}/teams/{team_slug}/members and legacy GET /teams/{team_id}/members endpoints now return a new team-member schema instead of simple-user, including two new response fields: role (member/maintainer) and inherited (boolean indicating child team membership). These are purely additive fields on the response; existing code continues to work since all previous fields are still present.

  • Additive

    Add duplicate_issue_id parameter to issue update

    A new optional duplicate_issue_id parameter has been added to issue update requests, allowing users to specify the canonical duplicate issue when marking an issue as a duplicate. This is purely additive and cannot break existing code.

  • Additive

    Add agent_assignment param and multi_user_cost_center budget scope

    The diff adds an optional agent_assignment object to Dependabot Alert assignment requests, enabling custom instructions, agents, and models when assigning AI agents. It also adds multi_user_cost_center as a new budget scope option across multiple endpoints. Both changes are backwards-compatible additions that don't affect existing integrations.

  • Additive

    Add issue blocking/blocked-by events and update org invitation response

    The API now supports webhook events for issue blocking relationships: new event types blocked-by-added-issue-event, blocked-by-removed-issue-event, blocking-added-issue-event, and blocking-removed-issue-event have been added to the issue-event-for-issue schema. Additionally, the Accept Organization Invitation endpoint now returns 202 Accepted responses alongside 200 OK, and the interaction limits bypass-list endpoint's permission requirement documentation was updated from "repository admins" to "users with maintainer permissions". These are backward-compatible enhancements to the API.

  • Additive

    Add support for issue hierarchies and expanded budget scopes

    GitHub REST API adds support for issue hierarchies (parent/sub-issue relationships) via new schema types issue-reference, sub-issue-added-issue-event, sub-issue-removed-issue-event, parent-issue-added-issue-event, and parent-issue-removed-issue-event. The issue event timeline now includes these new event types. Additionally, budget APIs now support user and multi_user_customer scopes with new optional fields user and consumed_amount. The assignees field in issue creation is expanded to accept both strings and objects. Finally, permission requirements for pull request bypass list management are clarified from "repository admins" to "maintainer permissions." All changes are backward-compatible additions.

  • Additive

    Add code quality findings API endpoints

    GitHub added two new code quality findings endpoints: GET /repos/{owner}/{repo}/code-quality/findings to list findings and GET /repos/{owner}/{repo}/code-quality/findings/{finding_number} to retrieve a single finding. These are entirely new API routes with no breaking changes to existing functionality. The diff also includes minor documentation updates to existing code scanning endpoints and adds new schema fields like minimized to issue comments and new issue type event types to support the timeline API.

  • Breaking

    Remove GET /orgs/{org}/copilot/metrics and GET /orgs/{org}/team/{team_slug}/copilot/metrics endpoints

    Two Copilot metrics endpoints have been removed from the spec:

    • GET /orgs/{org}/copilot/metrics (operationId copilot/copilot-metrics-for-organization)
    • GET /orgs/{org}/team/{team_slug}/copilot/metrics (operationId copilot/copilot-metrics-for-team)

    Any clients or SDK calls targeting these endpoints will receive 404s. Additionally, the usage_metrics_api_disabled response component and the code_scanning_upload rate-limit field were removed. The description for GET /orgs/{org}/artifacts/{subject_digest}/metadata/storage-records also notes a changed required permission: fine-grained tokens now need artifact-metadata:read instead of content:read.

  • Additive

    Add GET /repos/{owner}/{repo}/issue-types endpoint

    A new endpoint GET /repos/{owner}/{repo}/issue-types has been added to list issue types available for a repository. This is a purely additive change that does not affect any existing functionality, and requires only the "Metadata" repository permission (read) for fine-grained access tokens.

  • Additive

    Add BundlePricing budget type, user field, runtime_risks, and drives scope

    The GitHub API adds support for BundlePricing as a new budget type option (alongside existing ProductPricing and SkuPricing), introduces a new optional user field for user-scoped budgets, adds a runtime_risks array field to deployment examples, and introduces a new drives OAuth scope for read/write access. All changes are additive with improved documentation of budget type behavior and no removals of existing functionality.

  • Informational

    Update budget API pagination documentation

    The GitHub API documentation for GET /organizations/{org}/settings/billing/budgets was updated to clarify that the endpoint can return up to 100 budgets per page (changed from "up to 10"). This is a documentation-only change to the description field that reflects actual API capability and does not alter behavior or breaking compatibility.

  • Breaking

    description no longer required in code security config requests

    Two changes affect code security configuration endpoints: description is removed from the required array in request bodies (in two places), making it optional — this is additive/relaxing for clients. Additionally, the description response field now has "nullable": true, meaning clients must handle null values where they previously could assume a string. The nullable change could break clients that don't guard against null for description.

  • Additive

    Add multi-select field support to GitHub Projects API

    The GitHub API now supports multi_select field types and associated properties across Projects endpoints. New optional fields include has_pull_requests and pull_request_creation_policy for repository settings, and responses now include multi_select_options, value_ids, and options for multi-select field data. All changes are purely additive with no breaking modifications to existing fields or endpoints.

  • Additive

    Add budget management schemas and examples to API

    The GitHub API OpenAPI specification has been refactored to extract and consolidate budget response schemas into reusable components. Inline schema definitions for budget creation and update endpoints have been replaced with $ref pointers to newly created create-budget and update-budget schema components. A new repository-rule-params-dismissal-restriction schema component has been added. A concrete example for budget creation has been added to the examples section. These changes maintain backward compatibility while improving API specification organization and maintainability.

  • Informational

    Remove public preview notice from budgets API descriptions

    Removed the "> [!NOTE]\n> This endpoint is in public preview and is subject to change." notice from the descriptions of five budget-related endpoints. This indicates the budgets API endpoints have exited public preview and are now stable, which is a positive development for clients but does not change the functional API contract or require code changes.

  • Additive

    Add budget scopes and user filtering for GitHub billing APIs

    The GitHub billing budgets API gains two new budget scopes (multi_user_customer and user), a new optional user query parameter for filtering budget details, and a new POST endpoint to create budgets for organizations. Response schemas also add user and effective_budget fields when using the user filter. All changes are backward-compatible additions.

  • Additive

    Add AI credit usage billing report endpoints

    Two new GET endpoints for AI credit usage reports: /organizations/{org}/settings/billing/ai_credit/usage for organizations and /users/{username}/settings/billing/ai_credit/usage for users. Both support optional query parameters for filtering by year, month, day, and AI model/product. These are purely additive endpoints with no impact on existing functionality.

  • Additive

    New hash algorithm endpoint and runner version field

    GitHub API adds a new GET /repos/{owner}/{repo}/hash-algorithm endpoint to retrieve the hash algorithm used by a repository, a new optional version field to runner objects, a new repository-rule-params-actor schema for repository rules, and a new evaluate_status query parameter for rule suite filtering. These are all backward-compatible additions that do not affect existing integrations.

  • Additive

    GitHub API: new optional parameters and response fields

    GitHub API adds several new optional features: creator_id query parameter now accepts multiple user IDs (type changed to array), new optional head_ref field in commit request body, custom_properties object in repository responses, read permission level option for organization_copilot_seat_management, and relaxed commit SHA validation pattern. All changes are backward-compatible and purely additive.

  • Additive

    Add code quality setup configuration endpoints

    Two new endpoints added to manage code quality setup configuration: GET /repos/{owner}/{repo}/code-quality/setup to retrieve configuration and PATCH /repos/{owner}/{repo}/code-quality/setup to update configuration. These additions enable programmatic management of code quality setup and do not affect existing API contracts.

  • Additive

    New Copilot and repository rule endpoints and fields

    Added new endpoint GET /enterprises/{enterprise}/copilot/metrics/reports/user-teams-1-day for Copilot enterprise user-teams reporting, three new repository rule schemas (max_file_path_length, file_extension_restriction, max_file_size), and a new type field in issue responses. All changes are purely additive and backward compatible.

  • Additive

    Add code_quality permission scope and new actor types

    The GitHub REST API now includes a new code_quality permission scope for access tokens to view and manage code quality data. Additionally, the ruleset bypass actor types now support User type, and code scanning alert status descriptions expanded to include "failed" and "unknown" states. String field length constraints (maxLength) were added to artifact-related properties, and descriptions clarified that autofix endpoints operate on the default branch.