Support setting & checking AutomatedSecurityFixes

src/main/java/org/kohsuke/github/GHRepository.java

@@ -125,6 +125,33 @@ public class GHRepository extends GHObject {
     private Boolean isTemplate;
     private boolean compareUsePaginatedCommits;
 
+    /**
+     * Extra API call to /automated-security-fixes to get the status of automated security fixes.
+     *
+     * @return GHAutomatedSecurityFixes
+     * @throws IOException
+     */
+    public GHAutomatedSecurityFixes getAutomatedSecurityFixes() throws IOException {
+        return root().createRequest()
+                .method("GET")
+                .with("name", name)
+                .withUrlPath(getApiTailUrl("/automated-security-fixes"))
+                .fetch(GHAutomatedSecurityFixes.class);
+    }
+
+    public static class GHAutomatedSecurityFixes {
+        private boolean enabled;
+        private boolean paused;
+
+        public boolean isEnabled() {
+            return enabled;
+        }
+
+        public boolean isPaused() {
+            return paused;
+        }
+    }
+
     /**
      * Read.
      *
@@ -621,7 +648,8 @@ public Map<String, Long> listLanguages() throws IOException {
      */
     public String getOwnerName() {
         // consistency of the GitHub API is super... some serialized forms of GHRepository populate
-        // a full GHUser while others populate only the owner and email. This later form is super helpful
+        // a full GHUser while others populate only the owner and email. This later form is super
+        // helpful
         // in putting the login in owner.name not owner.login... thankfully we can easily identify this
         // second set because owner.login will be null
         return owner.login != null ? owner.login : owner.name;
@@ -726,6 +754,26 @@ public boolean isDeleteBranchOnMerge() {
         return delete_branch_on_merge;
     }
 
+    /**
+     * Shows whether automated security fixes are enabled or disabled. <a href=
+     * "https://docs.github.com/en/rest/repos/repos#check-if-automated-security-fixes-are-enabled-for-a-repository">...</a>
+     *
+     * @return the boolean
+     */
+    public boolean isAutomatedSecurityFixesEnabled() throws IOException {
+        return this.getAutomatedSecurityFixes().isEnabled();
+    }
+
+    /**
+     * Shows whether automated security fixes are paused or not. <a href=
+     * "https://docs.github.com/en/rest/repos/repos#check-if-automated-security-fixes-are-enabled-for-a-repository">...</a>
+     *
+     * @return the boolean
+     */
+    public boolean isAutomatedSecurityFixesPaused() throws IOException {
+        return this.getAutomatedSecurityFixes().isPaused();
+    }
+
     /**
      * Returns the number of all forks of this repository. This not only counts direct forks, but also forks of forks,
      * and so on.
@@ -766,9 +814,7 @@ public boolean isPrivate() {
         return _private;
     }
 
-    /**
-     * Visibility of a repository.
-     */
+    /** Visibility of a repository. */
     public enum Visibility {
 
         /** The public. */
@@ -783,9 +829,11 @@ public enum Visibility {
         /**
          * Placeholder for unexpected data values.
          *
+         * <p>
          * This avoids throwing exceptions during data binding or reading when the list of allowed values returned from
          * GitHub is expanded.
          *
+         * <p>
          * Do not pass this value to any methods. If this value is returned during a request, check the log output and
          * report an issue for the missing value.
          */
@@ -927,6 +975,7 @@ public String getDefaultBranch() {
     /**
      * Gets default branch.
      *
+     * <p>
      * Name is an artifact of when "master" was the most common default.
      *
      * @return the default branch
@@ -956,9 +1005,7 @@ public int getSize() {
         return size;
     }
 
-    /**
-     * Affiliation of a repository collaborator.
-     */
+    /** Affiliation of a repository collaborator. */
     public enum CollaboratorAffiliation {
 
         /** The all. */
@@ -1187,7 +1234,6 @@ public void addCollaborators(GHOrganization.Permission permission, GHUser... use
      *            the permission level
      * @param users
      *            the users
-     *
      * @throws IOException
      *             the io exception
      */
@@ -1493,6 +1539,22 @@ public void deleteBranchOnMerge(boolean value) throws IOException {
         set().deleteBranchOnMerge(value);
     }
 
+    public void enableAutomatedSecurityFixes(boolean value) throws IOException {
+        if (value) {
+            root().createRequest()
+                    .method("PUT")
+                    .with("name", name)
+                    .withUrlPath(getApiTailUrl("/automated-security-fixes"))
+                    .send();
+        } else {
+            root().createRequest()
+                    .method("DELETE")
+                    .with("name", name)
+                    .withUrlPath(getApiTailUrl("/automated-security-fixes"))
+                    .send();
+        }
+    }
+
     /**
      * Deletes this repository.
      *
@@ -1551,9 +1613,7 @@ public Setter set() {
         return new Setter(this);
     }
 
-    /**
-     * Sort orders for listing forks.
-     */
+    /** Sort orders for listing forks. */
     public enum ForkSort {
 
         /** The newest. */
@@ -1849,6 +1909,7 @@ public void deleteHook(int id) throws IOException {
      * Sets {@link #getCompare(String, String)} to return a {@link GHCompare} that uses a paginated commit list instead
      * of limiting to 250 results.
      *
+     * <p>
      * By default, {@link GHCompare} returns all commits in the comparison as part of the request, limited to 250
      * results. More recently GitHub added the ability to return the commits as a paginated query allowing for more than
      * 250 results.
@@ -1861,8 +1922,8 @@ public void setCompareUsePaginatedCommits(boolean value) {
     }
 
     /**
-     * Gets a comparison between 2 points in the repository. This would be similar to calling
-     * <code>git log id1...id2</code> against a local repository.
+     * Gets a comparison between 2 points in the repository. This would be similar to calling <code>
+     * git log id1...id2</code> against a local repository.
      *
      * @param id1
      *            an identifier for the first point to compare from, this can be a sha1 ID (for a commit, tag etc) or a
@@ -2160,7 +2221,6 @@ public PagedIterable<GHCommitComment> listCommitComments() {
      *
      * @param commitSha
      *            the hash of the commit
-     *
      * @return the paged iterable
      */
     public PagedIterable<GHCommitComment> listCommitComments(String commitSha) {
@@ -2364,6 +2424,7 @@ public PagedIterable<GHEventInfo> listEvents() throws IOException {
 
     /**
      * Lists labels in this repository.
+     *
      * <p>
      * https://developer.github.com/v3/issues/labels/#list-all-labels-for-this-repository
      *
@@ -2433,6 +2494,7 @@ public PagedIterable<GHInvitation> listInvitations() {
 
     /**
      * Lists all the subscribers (aka watchers.)
+     *
      * <p>
      * https://developer.github.com/v3/activity/watching/
      *
@@ -2541,9 +2603,7 @@ public Set<URL> getPostCommitHooks() {
         }
     }
 
-    /**
-     * Live set view of the post-commit hook.
-     */
+    /** Live set view of the post-commit hook. */
     @SuppressFBWarnings(value = "DMI_COLLECTION_OF_URLS",
             justification = "It causes a performance degradation, but we have already exposed it to the API")
     @SkipFromToString
@@ -3080,9 +3140,7 @@ public PagedIterable<Contributor> listContributors() throws IOException {
         return root().createRequest().withUrlPath(getApiTailUrl("contributors")).toIterable(Contributor[].class, null);
     }
 
-    /**
-     * The type Contributor.
-     */
+    /** The type Contributor. */
     public static class Contributor extends GHUser {
         private int contributions;
 
@@ -3181,6 +3239,7 @@ public PagedIterable<GHProject> listProjects() throws IOException {
 
     /**
      * Render a Markdown document.
+     *
      * <p>
      * In {@linkplain MarkdownMode#GFM GFM mode}, issue numbers and user mentions are linked accordingly.
      *
@@ -3597,6 +3656,7 @@ void populate() throws IOException {
     /**
      * A {@link GHRepositoryBuilder} that allows multiple properties to be updated per request.
      *
+     * <p>
      * Consumer must call {@link #done()} to commit changes.
      */
     @BetaApi
@@ -3703,6 +3763,7 @@ public boolean isVulnerabilityAlertsEnabled() throws IOException {
     /**
      * A {@link GHRepositoryBuilder} that allows multiple properties to be updated per request.
      *
+     * <p>
      * Consumer must call {@link #done()} to commit changes.
      */
     @BetaApi

src/test/java/org/kohsuke/github/GHRepositoryTest.java

@@ -20,7 +20,7 @@
 
 import static org.hamcrest.Matchers.*;
 import static org.hamcrest.core.IsInstanceOf.instanceOf;
-import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.*;
 import static org.kohsuke.github.GHVerification.Reason.GPGVERIFY_ERROR;
 import static org.kohsuke.github.GHVerification.Reason.UNKNOWN_SIGNATURE_TYPE;
 
@@ -1949,4 +1949,24 @@ private void verifyPluralResult(PagedSearchIterable<GHPullRequest> searchResult,
         assertThat(searchResult.toList().get(0).getNumber(), is(expectedPR1.getNumber()));
         assertThat(searchResult.toList().get(1).getNumber(), is(expectedPR2.getNumber()));
     }
+
+    /**
+     * Test repository automated security fix settings.
+     */
+    @Test
+    public void testAutomatedSecurityFixSettings() throws IOException {
+        GHRepository repo = getTempRepository();
+        Object initialEnabled = repo.isAutomatedSecurityFixesEnabled();
+        assertThat(initialEnabled, is(instanceOf(Boolean.class)));
+        Object initialPaused = repo.isAutomatedSecurityFixesPaused();
+        assertThat(initialPaused, is(instanceOf(Boolean.class)));
+
+        repo.enableAutomatedSecurityFixes(true);
+        assertThat(repo.isAutomatedSecurityFixesEnabled(), is(true));
+        assertThat(repo.isAutomatedSecurityFixesPaused(), is(false));
+
+        repo.enableAutomatedSecurityFixes(false);
+        assertThat(repo.isAutomatedSecurityFixesEnabled(), is(false));
+        assertThat(repo.isAutomatedSecurityFixesPaused(), is(false));
+    }
 }

src/test/resources/org/kohsuke/github/GHRepositoryTest/wiremock/testAutomatedSecurityFixSettings/__files/1-get_user.json

@@ -0,0 +1,35 @@
+{
+  "login": "hub4j-test-org",
+  "id": 4295880,
+  "node_id": "MDQ6VXNlcjQyOTU4ODA=",
+  "avatar_url": "https://avatars.githubusercontent.com/u/4295880?v=4",
+  "gravatar_id": "",
+  "url": "https://api.github.com/users/hub4j-test-org",
+  "html_url": "https://github.com/hub4j-test-org",
+  "followers_url": "https://api.github.com/users/hub4j-test-org/followers",
+  "following_url": "https://api.github.com/users/hub4j-test-org/following{/other_user}",
+  "gists_url": "https://api.github.com/users/hub4j-test-org/gists{/gist_id}",
+  "starred_url": "https://api.github.com/users/hub4j-test-org/starred{/owner}{/repo}",
+  "subscriptions_url": "https://api.github.com/users/hub4j-test-org/subscriptions",
+  "organizations_url": "https://api.github.com/users/hub4j-test-org/orgs",
+  "repos_url": "https://api.github.com/users/hub4j-test-org/repos",
+  "events_url": "https://api.github.com/users/hub4j-test-org/events{/privacy}",
+  "received_events_url": "https://api.github.com/users/hub4j-test-org/received_events",
+  "type": "User",
+  "site_admin": false,
+  "name": "Joel Sticha",
+  "company": "Optum Technology",
+  "blog": "",
+  "location": "MN, USA",
+  "email": null,
+  "hireable": null,
+  "bio": null,
+  "twitter_username": null,
+  "notification_email": null,
+  "public_repos": 51,
+  "public_gists": 2,
+  "followers": 4,
+  "following": 5,
+  "created_at": "2013-04-29T20:05:40Z",
+  "updated_at": "2024-08-28T16:13:33Z"
+}