Update rule configuration (#179)

* Remove branch name requirement in rules

The branch protection rules have a sensible default of the remote HEAD
branch. As a result, they no longer _require_ the branch name. Right
now, callers must specify the branch name as an empty string (since it's
required), but we should instead just remove the requirement entirely.

* Remove filename requirement in rules

The security insights rules have a sensible default of
`SECURITY-INSIGHTS.yml`, thus, we should not require the filename.

* Remove schedule_interval from dependabot rule

The dependabot rule does not use the schedule_interval option; it should
not be required any longer.

* Remove filename requirement in security rules

The security policy rule has a sensible default of `SECURITY.md`,
thus, we should not require the filename.

rule-types/github/branch_protection_allow_deletions.yaml

@@ -28,9 +28,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     type: object

rule-types/github/branch_protection_allow_force_pushes.yaml

@@ -29,9 +29,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     type: object

rule-types/github/branch_protection_allow_fork_syncing.yaml

@@ -29,9 +29,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_enabled.yaml

@@ -30,9 +30,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   rule_schema: {}
   # Defines the configuration for ingesting data relevant for the rule
   ingest:

rule-types/github/branch_protection_enforce_admins.yaml

@@ -26,9 +26,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_lock_branch.yaml

@@ -28,9 +28,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_conversation_resolution.yaml

@@ -30,9 +30,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_linear_history.yaml

@@ -28,9 +28,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_pull_request_approving_review_count.yaml

@@ -29,9 +29,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_pull_request_code_owners_review.yaml

@@ -30,9 +30,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_pull_request_dismiss_stale_reviews.yaml

@@ -29,9 +29,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_pull_request_last_push_approval.yaml

@@ -29,9 +29,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_pull_requests.yaml

@@ -29,9 +29,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     properties:

rule-types/github/branch_protection_require_signatures.yaml

@@ -28,9 +28,7 @@ def:
     properties:
       branch:
         type: string
-        description: "The name of the branch to check. If left empty, the default branch will be used."
-    required:
-      - branch
+        description: "The name of the branch to check. If not specified, the repository's default branch will be used."
   # Defines the schema for writing a rule with this rule being checked
   rule_schema:
     type: object

rule-types/github/dependabot_configured.yaml

@@ -35,19 +35,13 @@ def:
         description: |
           The package ecosystem that the rule applies to.
           For example pip, gomod, npm, docker, github-actions, etc.
-      schedule_interval:
-        type: string
-        description: |
-          This option is no longer used. It's, however marked as required, so we can't remove
-          it for backwards compatibility.
       apply_if_file:
         type: string
         description: |
           Optional. If specified, the rule will only be evaluated if the given file exists.
           This is useful for rules that are only applicable to certain types of repositories.
     required:
       - package_ecosystem
-      - schedule_interval
   # Defines the configuration for ingesting data relevant for the rule
   ingest:
     type: git

rule-types/github/security_insights.yaml

@@ -40,8 +40,6 @@ def:
         description: |
           The path to the Security Insights file
         default: SECURITY-INSIGHTS.yml
-    required:
-      - filename
   # Defines the configuration for ingesting data relevant for the rule
   ingest:
     type: git

rule-types/github/security_insights_dep_policy.yaml

@@ -44,8 +44,6 @@ def:
         description: |
           The path to the Security Insights file
         default: SECURITY-INSIGHTS.yml
-    required:
-      - filename
   # Defines the configuration for ingesting data relevant for the rule
   ingest:
     type: git

rule-types/github/security_policy.yaml

@@ -24,8 +24,6 @@ def:
         description: |
           Path to the security policy file
         default: SECURITY.md
-    required:
-      - filename
   # Defines the configuration for ingesting data relevant for the rule
   ingest:
     type: git