Add support for the repository_advisory event

Signed-off-by: Adam Warner <[email protected]>

Author: PromoFaux

src/Octokit.Webhooks/Events/RepositoryAdvisory/RepositoryAdvisoryAction.cs

@@ -0,0 +1,14 @@
+namespace Octokit.Webhooks.Events.RepositoryAdvisory;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryAction : WebhookEventAction
+{
+    public static readonly RepositoryAdvisoryAction Reported = new(RepositoryAdvisoryActionValue.Reported);
+
+    public static readonly RepositoryAdvisoryAction Published = new(RepositoryAdvisoryActionValue.Published);
+
+    private RepositoryAdvisoryAction(string value)
+        : base(value)
+    {
+    }
+}

src/Octokit.Webhooks/Events/RepositoryAdvisory/RepositoryAdvisoryActionValue.cs

@@ -0,0 +1,8 @@
+namespace Octokit.Webhooks.Events.RepositoryAdvisory;
+
+public static class RepositoryAdvisoryActionValue
+{
+    public const string Reported = "reported";
+
+    public const string Published = "published";
+}

src/Octokit.Webhooks/Events/RepositoryAdvisory/RepositoryAdvisoryPublishedEvent.cs

@@ -0,0 +1,9 @@
+namespace Octokit.Webhooks.Events.RepositoryAdvisory;
+
+[PublicAPI]
+[WebhookActionType(RepositoryAdvisoryActionValue.Published)]
+public sealed record RepositoryAdvisoryPublishedEvent : RepositoryAdvisoryEvent
+{
+    [JsonPropertyName("action")]
+    public override string Action => RepositoryAdvisoryAction.Published;
+}

src/Octokit.Webhooks/Events/RepositoryAdvisory/RepositoryAdvisoryReportedEvent.cs

@@ -0,0 +1,9 @@
+namespace Octokit.Webhooks.Events.RepositoryAdvisory;
+
+[PublicAPI]
+[WebhookActionType(RepositoryAdvisoryActionValue.Reported)]
+public sealed record RepositoryAdvisoryReportedEvent : RepositoryAdvisoryEvent
+{
+    [JsonPropertyName("action")]
+    public override string Action => RepositoryAdvisoryAction.Reported;
+}

src/Octokit.Webhooks/Events/RepositoryAdvisoryEvent.cs

@@ -0,0 +1,10 @@
+namespace Octokit.Webhooks.Events;
+
+[PublicAPI]
+[WebhookEventType(WebhookEventType.RepositoryAdvisory)]
+[JsonConverter(typeof(WebhookConverter<RepositoryAdvisoryEvent>))]
+public abstract record RepositoryAdvisoryEvent : WebhookEvent
+{
+    [JsonPropertyName("repository_advisory")]
+    public Models.RepositoryAdvisoryEvent.RepositoryAdvisory RepositoryAdvisory { get; init; } = null!;
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisory.cs

@@ -0,0 +1,93 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisory
+{
+    [JsonPropertyName("ghsa_id")]
+    public string GhsaId { get; init; } = null!;
+
+    [JsonPropertyName("cve_id")]
+    public string? CveId { get; init; }
+
+    [JsonPropertyName("url")]
+    public string Url { get; init; } = null!;
+
+    [JsonPropertyName("html_url")]
+    public string HtmlUrl { get; init; } = null!;
+
+    [JsonPropertyName("summary")]
+    public string Summary { get; init; } = null!;
+
+    [JsonPropertyName("description")]
+    public string Description { get; init; } = null!;
+
+    [JsonPropertyName("severity")]
+    [JsonConverter(typeof(StringEnumConverter<RepositoryAdvisorySeverity>))]
+    public StringEnum<RepositoryAdvisorySeverity>? Severity { get; init; }
+
+    [JsonPropertyName("author")]
+    public User? Author { get; init; }
+
+    [JsonPropertyName("publisher")]
+    public User? Publisher { get; init; }
+
+    [JsonPropertyName("identifiers")]
+    public IEnumerable<RepositoryAdvisoryIdentifier> Identifiers { get; init; } = null!;
+
+    [JsonPropertyName("state")]
+    [JsonConverter(typeof(StringEnumConverter<RepositoryAdvisoryState>))]
+    public StringEnum<RepositoryAdvisoryState> State { get; init; } = null!;
+
+    [JsonPropertyName("created_at")]
+    [JsonConverter(typeof(DateTimeOffsetConverter))]
+    public DateTimeOffset? CreatedAt { get; init; }
+
+    [JsonPropertyName("updated_at")]
+    [JsonConverter(typeof(DateTimeOffsetConverter))]
+    public DateTimeOffset? UpdatedAt { get; init; }
+
+    [JsonPropertyName("published_at")]
+    [JsonConverter(typeof(DateTimeOffsetConverter))]
+    public DateTimeOffset? PublishedAt { get; init; }
+
+    [JsonPropertyName("closed_at")]
+    [JsonConverter(typeof(NullableDateTimeOffsetConverter))]
+    public DateTimeOffset? ClosedAt { get; init; }
+
+    [JsonPropertyName("withdrawn_at")]
+    [JsonConverter(typeof(NullableDateTimeOffsetConverter))]
+    public DateTimeOffset? WithdrawnAt { get; init; }
+
+    [JsonPropertyName("submission")]
+    public RepositoryAdvisorySubmission? Submission { get; init; }
+
+    [JsonPropertyName("vulnerabilities")]
+    public IEnumerable<RepositoryAdvisoryVulnerability>? Vulnerabilities { get; init; }
+
+    [JsonPropertyName("cvss")]
+    public RepositoryAdvisoryCvss? Cvss { get; init; }
+
+    [JsonPropertyName("cvss_severities")]
+    public RepositoryAdvisoryCvssSeverities? CvssSeverities { get; init; }
+
+    [JsonPropertyName("cwes")]
+    public IEnumerable<RepositoryAdvisoryCwe>? Cwes { get; init; }
+
+    [JsonPropertyName("cwe_ids")]
+    public IEnumerable<string>? CweIds { get; init; }
+
+    [JsonPropertyName("credits")]
+    public IEnumerable<RepositoryAdvisoryCredit>? Credits { get; init; }
+
+    [JsonPropertyName("credits_detailed")]
+    public IEnumerable<RepositoryAdvisoryCreditDetailed>? CreditsDetailed { get; init; }
+
+    [JsonPropertyName("collaborating_users")]
+    public IEnumerable<User>? CollaboratingUsers { get; init; }
+
+    [JsonPropertyName("collaborating_teams")]
+    public IEnumerable<Team>? CollaboratingTeams { get; init; }
+
+    [JsonPropertyName("private_fork")]
+    public Repository? PrivateFork { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCredit.cs

@@ -0,0 +1,12 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryCredit
+{
+    [JsonPropertyName("login")]
+    public string Login { get; init; } = null!;
+
+    [JsonPropertyName("type")]
+    [JsonConverter(typeof(StringEnumConverter<RepositoryAdvisoryCreditType>))]
+    public StringEnum<RepositoryAdvisoryCreditType> Type { get; init; } = null!;
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCreditDetailed.cs

@@ -0,0 +1,16 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryCreditDetailed
+{
+    [JsonPropertyName("user")]
+    public User User { get; init; } = null!;
+
+    [JsonPropertyName("type")]
+    [JsonConverter(typeof(StringEnumConverter<RepositoryAdvisoryCreditType>))]
+    public StringEnum<RepositoryAdvisoryCreditType> Type { get; init; } = null!;
+
+    [JsonPropertyName("state")]
+    [JsonConverter(typeof(StringEnumConverter<RepositoryAdvisoryCreditState>))]
+    public StringEnum<RepositoryAdvisoryCreditState>? State { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCreditState.cs

@@ -0,0 +1,12 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public enum RepositoryAdvisoryCreditState
+{
+    [EnumMember(Value = "accepted")]
+    Accepted,
+    [EnumMember(Value = "declined")]
+    Declined,
+    [EnumMember(Value = "pending")]
+    Pending,
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCreditType.cs

@@ -0,0 +1,26 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public enum RepositoryAdvisoryCreditType
+{
+    [EnumMember(Value = "analyst")]
+    Analyst,
+    [EnumMember(Value = "finder")]
+    Finder,
+    [EnumMember(Value = "reporter")]
+    Reporter,
+    [EnumMember(Value = "coordinator")]
+    Coordinator,
+    [EnumMember(Value = "remediation_developer")]
+    RemediationDeveloper,
+    [EnumMember(Value = "remediation_reviewer")]
+    RemediationReviewer,
+    [EnumMember(Value = "remediation_verifier")]
+    RemediationVerifier,
+    [EnumMember(Value = "tool")]
+    Tool,
+    [EnumMember(Value = "sponsor")]
+    Sponsor,
+    [EnumMember(Value = "other")]
+    Other,
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCvss.cs

@@ -0,0 +1,11 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryCvss
+{
+    [JsonPropertyName("vector_string")]
+    public string? VectorString { get; init; }
+
+    [JsonPropertyName("score")]
+    public float? Score { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCvssSeverities.cs

@@ -0,0 +1,11 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryCvssSeverities
+{
+    [JsonPropertyName("cvss_v3")]
+    public RepositoryAdvisoryCvss? CvssV3 { get; init; }
+
+    [JsonPropertyName("cvss_v4")]
+    public RepositoryAdvisoryCvss? CvssV4 { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryCwe.cs

@@ -0,0 +1,11 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryCwe
+{
+    [JsonPropertyName("cwe_id")]
+    public string CweId { get; init; } = null!;
+
+    [JsonPropertyName("name")]
+    public string Name { get; init; } = null!;
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryIdentifier.cs

@@ -0,0 +1,11 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryIdentifier
+{
+    [JsonPropertyName("value")]
+    public string Value { get; init; } = null!;
+
+    [JsonPropertyName("type")]
+    public string Type { get; init; } = null!;
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisorySeverity.cs

@@ -0,0 +1,14 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public enum RepositoryAdvisorySeverity
+{
+    [EnumMember(Value = "critical")]
+    Critical,
+    [EnumMember(Value = "high")]
+    High,
+    [EnumMember(Value = "medium")]
+    Medium,
+    [EnumMember(Value = "low")]
+    Low,
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryState.cs

@@ -0,0 +1,16 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public enum RepositoryAdvisoryState
+{
+    [EnumMember(Value = "published")]
+    Published,
+    [EnumMember(Value = "closed")]
+    Closed,
+    [EnumMember(Value = "withdrawn")]
+    Withdrawn,
+    [EnumMember(Value = "draft")]
+    Draft,
+    [EnumMember(Value = "triage")]
+    Triage,
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisorySubmission.cs

@@ -0,0 +1,8 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisorySubmission
+{
+    [JsonPropertyName("accepted")]
+    public bool Accepted { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryVulnerability.cs

@@ -0,0 +1,17 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryVulnerability
+{
+    [JsonPropertyName("package")]
+    public RepositoryAdvisoryVulnerabilityPackage? Package { get; init; }
+
+    [JsonPropertyName("vulnerable_version_range")]
+    public string? VulnerableVersionRange { get; init; }
+
+    [JsonPropertyName("patched_versions")]
+    public string? PatchedVersions { get; init; }
+
+    [JsonPropertyName("vulnerable_functions")]
+    public IEnumerable<string>? VulnerableFunctions { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryVulnerabilityPackage.cs

@@ -0,0 +1,12 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public sealed record RepositoryAdvisoryVulnerabilityPackage
+{
+    [JsonPropertyName("ecosystem")]
+    [JsonConverter(typeof(StringEnumConverter<RepositoryAdvisoryVulnerabilityPackageEcosystem>))]
+    public StringEnum<RepositoryAdvisoryVulnerabilityPackageEcosystem> Ecosystem { get; init; } = null!;
+
+    [JsonPropertyName("name")]
+    public string? Name { get; init; }
+}

src/Octokit.Webhooks/Models/RepositoryAdvisoryEvent/RepositoryAdvisoryVulnerabilityPackageEcosystem.cs

@@ -0,0 +1,32 @@
+namespace Octokit.Webhooks.Models.RepositoryAdvisoryEvent;
+
+[PublicAPI]
+public enum RepositoryAdvisoryVulnerabilityPackageEcosystem
+{
+    [EnumMember(Value = "rubygems")]
+    Rubygems,
+    [EnumMember(Value = "npm")]
+    Npm,
+    [EnumMember(Value = "pip")]
+    Pip,
+    [EnumMember(Value = "maven")]
+    Maven,
+    [EnumMember(Value = "nuget")]
+    Nuget,
+    [EnumMember(Value = "composer")]
+    Composer,
+    [EnumMember(Value = "go")]
+    Go,
+    [EnumMember(Value = "rust")]
+    Rust,
+    [EnumMember(Value = "erlang")]
+    Erlang,
+    [EnumMember(Value = "actions")]
+    Actions,
+    [EnumMember(Value = "pub")]
+    Pub,
+    [EnumMember(Value = "other")]
+    Other,
+    [EnumMember(Value = "swift")]
+    Swift,
+}

src/Octokit.Webhooks/WebHookEventType.cs

@@ -54,6 +54,7 @@ public static class WebhookEventType
     public const string RegistryPackage = "registry_package";
     public const string Release = "release";
     public const string Repository = "repository";
+    public const string RepositoryAdvisory = "repository_advisory";
     public const string RepositoryDispatch = "repository_dispatch";
     public const string RepositoryImport = "repository_import";
     public const string RepositoryRuleset = "repository_ruleset";