diff --git a/assets/images/help/repository/secret-scanning-create-custom-pattern.png b/assets/images/help/repository/secret-scanning-create-custom-pattern.png index cbe9f94960cb..61f30c215878 100644 Binary files a/assets/images/help/repository/secret-scanning-create-custom-pattern.png and b/assets/images/help/repository/secret-scanning-create-custom-pattern.png differ diff --git a/content/actions/managing-workflow-runs/adding-a-workflow-status-badge.md b/content/actions/managing-workflow-runs/adding-a-workflow-status-badge.md index fc26543c3123..c17b2f446c96 100644 --- a/content/actions/managing-workflow-runs/adding-a-workflow-status-badge.md +++ b/content/actions/managing-workflow-runs/adding-a-workflow-status-badge.md @@ -17,8 +17,8 @@ shortTitle: Add a status badge You reference the workflow by the name of your workflow file. -``` -https://github.com///actions/workflows//badge.svg +```markdown +![example workflow](https://github.com///actions/workflows//badge.svg) ``` ## Using the workflow file name diff --git a/content/actions/reference/workflow-syntax-for-github-actions.md b/content/actions/reference/workflow-syntax-for-github-actions.md index ed67a35a8f22..dec5ea298087 100644 --- a/content/actions/reference/workflow-syntax-for-github-actions.md +++ b/content/actions/reference/workflow-syntax-for-github-actions.md @@ -1320,7 +1320,7 @@ You can use special characters in path, branch, and tag filters. - `*`: Matches zero or more characters, but does not match the `/` character. For example, `Octo*` matches `Octocat`. - `**`: Matches zero or more of any character. -- `?`: Matches zero or one single character. For example, `Octoc?t` matches `Octocat`. +- `?`: Matches zero or one of the preceding character. - `+`: Matches one or more of the preceding character. - `[]` Matches one character listed in the brackets or included in ranges. Ranges can only include `a-z`, `A-Z`, and `0-9`. For example, the range`[0-9a-z]` matches any digit or lowercase letter. For example, `[CB]at` matches `Cat` or `Bat` and `[1-2]00` matches `100` and `200`. - `!`: At the start of a pattern makes it negate previous positive patterns. It has no special meaning if not the first character. diff --git a/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md b/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md index 747ece197bd2..ec062aca9a09 100644 --- a/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md +++ b/content/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/troubleshooting-the-codeql-workflow.md @@ -152,6 +152,39 @@ On very large projects, {% data variables.product.prodname_codeql %} may run out {% ifversion fpt %}If you encounter this issue on a hosted {% data variables.product.prodname_actions %} runner, contact {% data variables.contact.contact_support %} so that we can investigate the problem. {% else %}If you encounter this issue, try increasing the memory on the runner.{% endif %} +{% ifversion fpt %} +## Error: 403 "Resource not accessible by integration" when using {% data variables.product.prodname_dependabot %} + +{% data variables.product.prodname_dependabot %} is considered untrusted when it triggers a workflow run, and the workflow will run with read-only scopes. Uploading {% data variables.product.prodname_code_scanning %} results for a branch usually requires the `security_events: write` scope. However, {% data variables.product.prodname_code_scanning %} always allows the uploading of results when the `pull_request` event triggers the action run. This is why, for {% data variables.product.prodname_dependabot %} branches, we recommend you use the `pull_request` event instead of the `push` event. + +A simple approach is to run on pushes to the default branch and any other important long-running branches, as well as pull requests opened against this set of branches: +```yaml +on: + push: + branches: + - main + pull_request: + branches: + - main +``` +An alternative approach is to run on all pushes except for {% data variables.product.prodname_dependabot %} branches: +```yaml +on: + push: + branches-ignore: + - 'dependabot/**' + pull_request: +``` + +### Analysis still failing on the default branch + +If the {% data variables.product.prodname_codeql_workflow %} still fails on a commit made on the default branch, you need to check: +- whether {% data variables.product.prodname_dependabot %} authored the commit +- whether the pull request that includes the commit has been merged using `@dependabot squash and merge` + +This type of merge commit is authored by {% data variables.product.prodname_dependabot %} and therefore, any workflows running on the commit will have read-only permissions. If you enabled {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_dependabot %} security updates or version updates on your repository, we recommend you avoid using the {% data variables.product.prodname_dependabot %} `@dependabot squash and merge` command. Instead, you can enable auto-merge for your repository. This means that pull requests will be automatically merged when all required reviews are met and status checks have passed. For more information about enabling auto-merge, see "[Automatically merging a pull request](/github/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/automatically-merging-a-pull-request#enabling-auto-merge)." +{% endif %} + ## Warning: "git checkout HEAD^2 is no longer necessary" If you're using an old {% data variables.product.prodname_codeql %} workflow you may get the following warning in the output from the "Initialize {% data variables.product.prodname_codeql %}" action: diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-identity-and-access-management-for-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-identity-and-access-management-for-your-enterprise-account.md index c2a5794fe2a3..1ada327f692c 100644 --- a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-identity-and-access-management-for-your-enterprise-account.md +++ b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-identity-and-access-management-for-your-enterprise-account.md @@ -14,9 +14,7 @@ shortTitle: IAM for your enterprise {% data reusables.saml.dotcom-saml-explanation %} {% data reusables.saml.about-saml-enterprise-accounts %} For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)." -After you enable SAML SSO, depending on the IdP you use, you may be able to enable additional identity and access management features. - -{% data reusables.saml.about-user-provisioning-enterprise-account %} For more information, see "[About user provisioning for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/about-user-provisioning-for-organizations-in-your-enterprise-account)." +After you enable SAML SSO, depending on the IdP you use, you may be able to enable additional identity and access management features. {% data reusables.scim.enterprise-account-scim %} If you use Azure AD as your IDP, you can use team synchronization to manage team membership within each organization. {% data reusables.identity-and-permissions.about-team-sync %} For more information, see "[Managing team synchronization for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/managing-team-synchronization-for-organizations-in-your-enterprise-account)." @@ -28,7 +26,6 @@ IdP | SAML | User provisioning | Team synchronization | --- | :--: | :---------------: | :-------: | Active Directory Federation Services (AD FS) | {% octicon "check-circle-fill" aria-label= "The check icon" %} | | | Azure Active Directory (Azure AD) | {% octicon "check-circle-fill" aria-label="The check icon" %} | | {% octicon "check-circle-fill" aria-label="The check icon" %} | -Okta | {% octicon "check-circle-fill" aria-label="The check icon" %} | {% octicon "check-circle-fill" aria-label= "The check icon" %} [Beta](/github/setting-up-and-managing-your-enterprise/about-user-provisioning-for-organizations-in-your-enterprise-account) | | OneLogin | {% octicon "check-circle-fill" aria-label="The check icon" %} | | | PingOne | {% octicon "check-circle-fill" aria-label="The check icon" %} | | | Shibboleth | {% octicon "check-circle-fill" aria-label="The check icon" %} | | | diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-user-provisioning-for-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-user-provisioning-for-organizations-in-your-enterprise-account.md deleted file mode 100644 index e5a24f038992..000000000000 --- a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/about-user-provisioning-for-organizations-in-your-enterprise-account.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -title: About user provisioning for organizations in your enterprise account -intro: You can manage organization membership in an enterprise account directly from an identity provider (IdP). -product: '{% data reusables.gated-features.enterprise-accounts %}' -versions: - fpt: '*' -topics: - - Enterprise -redirect_from: - - /github/setting-up-and-managing-your-enterprise/about-user-provisioning-for-organizations-in-your-enterprise-account -shortTitle: About provisioning ---- -{% data reusables.enterprise-accounts.user-provisioning-release-stage %} - -{% data reusables.saml.about-user-provisioning-enterprise-account %} - -{% data reusables.scim.enterprise-account-scim %} Optionally, you can also enable SAML provisioning and, separately, deprovisioning. - -If you configure SCIM for the {% data variables.product.product_name %} application in your IdP, each time you make changes to group membership in your IdP, your IdP will make a SCIM call to {% data variables.product.prodname_dotcom %} to update the corresponding organization's membership. If you enable SAML provisioning, each time an enterprise member accesses a resource protected by your enterprise account's SAML configuration, that SAML assertion will trigger provisioning. - -For each SCIM call or SAML assertion, {% data variables.product.product_name %} will check the IdP groups the user belongs to and perform the following operations: - -- If the user is a member of an IdP group that corresponds to an organization owned by your enterprise account, and the user is not currently a member of that organization, add the user to the organization (SAML assertion) or send the user an email invitation to join the organization (SCIM call). -- Cancel any existing invitations for the user to join an organization owned by your enterprise account. - -For each SCIM call and, if you enable SAML deprovisioning, each SAML assertion, {% data variables.product.product_name %} will also perform the following operation: - -- If the user is not a member of an IdP group that corresponds to an organization owned by your enterprise account, and the user is currently a member of that organization, remove the user from the organization. - -If deprovisioning removes the last remaining owner from an organization, the organization will become unowned. Enterprise owners can assume ownership of unowned organizations. For more information, see "[Managing unowned organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/managing-unowned-organizations-in-your-enterprise-account)." - -To enable user provisioning for your enterprise account using Okta, see "[Configuring SAML single sign-on and SCIM for your enterprise account using Okta](/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta)." diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md deleted file mode 100644 index 2159464ba92b..000000000000 --- a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta.md +++ /dev/null @@ -1,116 +0,0 @@ ---- -title: Configuring SAML single sign-on and SCIM for your enterprise account using Okta -intro: 'You can use Security Assertion Markup Language (SAML) single sign-on (SSO) and System for Cross-domain Identity Management (SCIM) with Okta to automatically manage access to your enterprise account on {% data variables.product.product_name %}.' -product: '{% data reusables.gated-features.enterprise-accounts %}' -redirect_from: - - /github/setting-up-and-managing-your-enterprise/configuring-single-sign-on-and-scim-for-your-enterprise-account-using-okta - - /github/setting-up-and-managing-your-enterprise-account/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta - - /github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta -versions: - fpt: '*' -topics: - - Enterprise -shortTitle: Configure SAML SSO & SCIM ---- -{% data reusables.enterprise-accounts.user-provisioning-release-stage %} - -## About SAML and SCIM with Okta - -You can control access to your enterprise account in {% data variables.product.product_name %} and other web applications from one central interface by configuring the enterprise account to use SAML SSO and SCIM with Okta, an Identity Provider (IdP). - -SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. SCIM automatically adds, manages, and removes members' access to organizations owned by your enterprise account when you make changes in Okta. For more information, see "[Enforcing security settings in your enterprise account](/github/setting-up-and-managing-your-enterprise/enforcing-security-settings-in-your-enterprise-account)." - -After you enable SCIM, the following provisioning features are available for any users that you assign your {% data variables.product.prodname_ghe_cloud %} application to in Okta. - -| Feature | Description | -| --- | --- | -| Push New Users | New users created in Okta will gain access to enterprise account resources, and can optionally be automatically invited to any of the organizations owned by the enterprise account | -| Push User Deactivation | Deactivating a user in Okta will revoke the user's access to the enterprise account resources and remove the user from all organizations owned by the enterprise account | -| Push Profile Updates | Updates made to the user's profile in Okta will be pushed to the user’s enterprise account metadata | -| Reactivate Users | Reactivating the user in Okta will re-enable the user's access to the enterprise account and will optionally send email invitations for the user to rejoin any of the organizations owned by the enterprise account that the user was previously a member of | - -## Prerequisites - -{% data reusables.saml.use-classic-ui %} - -## Adding the {% data variables.product.prodname_ghe_cloud %} application in Okta - -{% data reusables.saml.okta-admin-button %} -{% data reusables.saml.okta-dashboard-click-applications %} -{% data reusables.saml.add-okta-application %} -{% data reusables.saml.search-ghec-okta %} -1. Click "{% data variables.product.prodname_ghe_cloud %} - Enterprise Accounts". -1. Click **Add**. -1. Optionally, to the right of "Application label", type a descriptive name for the application. - ![Application label field](/assets/images/help/saml/okta-application-label.png) -1. To the right of "{% data variables.product.prodname_dotcom %} Enterprises", type the name of your enterprise account. For example, if your enterprise account's URL is `https://github.com/enterprises/octo-corp`, type `octo-corp`. - ![GitHub Enterprises field](/assets/images/help/saml/okta-github-enterprises.png) -1. Click **Done**. - -## Enabling and testing SAML SSO - -{% data reusables.saml.okta-admin-button %} -{% data reusables.saml.okta-dashboard-click-applications %} -{% data reusables.saml.click-enterprise-account-application %} -{% data reusables.saml.assign-yourself-to-okta %} -{% data reusables.saml.okta-sign-on-tab %} -1. To the right of Settings, click **Edit**. -1. Under "Configured SAML Attributes", to the right of "groups", use the drop-down menu and select **Matches regex**. -1. To the right of the drop-down menu, type `.*.*`. -1. Click **Save**. -{% data reusables.saml.okta-view-setup-instructions %} -1. Enable SAML for your enterprise account using the information in the setup instructions. For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)." - -## Creating groups in Okta - -1. In Okta, create a group to match each organization owned by your enterprise account. The name of each group must match the account name of the organization (not the organization's display name). For example, if the URL of the organization is `https://github.com/octo-org`, name the group `octo-org`. -1. Assign the application you created for your enterprise account to each group. {% data variables.product.prodname_dotcom %} will receive all `groups` data for each user. -1. Add users to groups based on the organizations you'd like users to belong to. - -## Configuring user provisioning with SCIM in Okta - -{% data reusables.scim.enterprise-account-scim %} - -To configure user provisioning with SCIM in Okta, you must authorize an OAuth application to create a token that Okta can use to authenticate to {% data variables.product.product_name %} on your behalf. The okta-oauth application is created by Okta in partnership with {% data variables.product.prodname_dotcom %}. - -{% data reusables.saml.okta-admin-button %} -{% data reusables.saml.okta-dashboard-click-applications %} -{% data reusables.saml.click-enterprise-account-application %} -{% data reusables.saml.okta-provisioning-tab %} -{% data reusables.saml.okta-configure-api-integration %} -{% data reusables.saml.okta-enable-api-integration %} -1. Click **Authenticate with Github Enterprise Cloud - Enterprise Accounts**. - ![Button to authenticate with {% data variables.product.prodname_dotcom %}](/assets/images/help/business-accounts/authenticate-with-github-button.png) -1. To the right of your enterprise account's name, click **Grant**. -1. Click **Authorize okta-oauth**. -{% data reusables.saml.okta-save-provisioning %} -{% data reusables.saml.okta-edit-provisioning %} -1. Under the name of the application, click **Push Groups**. - ![Push Groups tab](/assets/images/help/business-accounts/okta-push-groups-tab.png) -1. Use the **Push Groups** drop-down menu, and select **Find groups by name**. - ![Push Groups drop-down menu](/assets/images/help/business-accounts/okta-push-groups-drop-down.png) -1. Add a push group for each organization in your enterprise account that you want to enable user provisioning for. - - Under "PUSH GROUPS BY NAME", search for a group that corresponds to an organization owned by your enterprise account, then click the group in the search results. - - To the right of the group name, in the "Match results & push action" drop-down menu, verify that **Create Group** is selected. - ![Match result drop-down with Create Group selected](/assets/images/help/saml/create-group-okta.png) - - Click **Save**. - - Repeat for each organization. -1. Under the name of your application, click **Assignments**. - ![Assignments tab](/assets/images/help/business-accounts/okta-assignments-tab.png) -1. If you see **Provision users**, users who were a member of an Okta group before you added a push group for that group have not been provisioned. To send SCIM data to {% data variables.product.product_name %} for these users, click **Provision users**. - -## Enabling SAML user provisioning - -After you enable SCIM provisioning and deprovisioning, you can optionally enable SAML user provisioning and deprovisioning. - -{% data reusables.enterprise-accounts.access-enterprise %} -{% data reusables.enterprise-accounts.settings-tab %} -{% data reusables.enterprise-accounts.security-tab %} -1. Under "SAML User Provisioning", select **Enable SAML user provisioning**. - ![Checkbox to enable user provisioning with SAML](/assets/images/help/business-accounts/user-provisioning.png) -1. Click **Save**. -1. Optionally, enable SAML user deprovisioning. - - Select **Enable SAML user deprovisioning**, then click **Save**. - ![Checkbox to enable user deprovisioning with SAML](/assets/images/help/business-accounts/saml-deprovisioning.png) - - Read the warning, then click **Enable SAML deprovisioning**. - ![Enable SAML deprovisioning button](/assets/images/help/business-accounts/saml-deprovisioning-confirm.png) diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta.md b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta.md new file mode 100644 index 000000000000..fea941af2353 --- /dev/null +++ b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta.md @@ -0,0 +1,74 @@ +--- +title: Configuring SAML single sign-on for your enterprise account using Okta +intro: 'You can use Security Assertion Markup Language (SAML) single sign-on (SSO) with Okta to automatically manage access to your enterprise account on {% data variables.product.product_name %}.' +product: '{% data reusables.gated-features.enterprise-accounts %}' +redirect_from: + - /github/setting-up-and-managing-your-enterprise/configuring-single-sign-on-for-your-enterprise-account-using-okta + - /github/setting-up-and-managing-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta + - /github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta + - /github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta +versions: + fpt: '*' +topics: + - Enterprise +shortTitle: Configure SAML SSO +--- +{% data reusables.enterprise-accounts.user-provisioning-release-stage %} + +## About SAML with Okta + +You can control access to your enterprise account in {% data variables.product.product_name %} and other web applications from one central interface by configuring the enterprise account to use SAML SSO with Okta, an Identity Provider (IdP). + +SAML SSO controls and secures access to enterprise account resources like organizations, repositories, issues, and pull requests. For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)." + +## Prerequisites + +{% data reusables.saml.use-classic-ui %} + +## Adding the {% data variables.product.prodname_ghe_cloud %} application in Okta + +{% data reusables.saml.okta-admin-button %} +{% data reusables.saml.okta-dashboard-click-applications %} +{% data reusables.saml.add-okta-application %} +{% data reusables.saml.search-ghec-okta %} +1. Click "{% data variables.product.prodname_ghe_cloud %} - Enterprise Accounts". +1. Click **Add**. +1. Optionally, to the right of "Application label", type a descriptive name for the application. + ![Application label field](/assets/images/help/saml/okta-application-label.png) +1. To the right of "{% data variables.product.prodname_dotcom %} Enterprises", type the name of your enterprise account. For example, if your enterprise account's URL is `https://github.com/enterprises/octo-corp`, type `octo-corp`. + ![GitHub Enterprises field](/assets/images/help/saml/okta-github-enterprises.png) +1. Click **Done**. + +## Enabling and testing SAML SSO + +{% data reusables.saml.okta-admin-button %} +{% data reusables.saml.okta-dashboard-click-applications %} +{% data reusables.saml.click-enterprise-account-application %} +{% data reusables.saml.assign-yourself-to-okta %} +{% data reusables.saml.okta-sign-on-tab %} +1. To the right of Settings, click **Edit**. +1. Under "Configured SAML Attributes", to the right of "groups", use the drop-down menu and select **Matches regex**. +1. To the right of the drop-down menu, type `.*.*`. +1. Click **Save**. +{% data reusables.saml.okta-view-setup-instructions %} +1. Enable SAML for your enterprise account using the information in the setup instructions. For more information, see "[Enabling SAML single sign-on for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account)." + +## Creating groups in Okta + +1. In Okta, create a group to match each organization owned by your enterprise account. The name of each group must match the account name of the organization (not the organization's display name). For example, if the URL of the organization is `https://github.com/octo-org`, name the group `octo-org`. +1. Assign the application you created for your enterprise account to each group. {% data variables.product.prodname_dotcom %} will receive all `groups` data for each user. +1. Add users to groups based on the organizations you'd like users to belong to. + +## Enabling SAML user provisioning + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.settings-tab %} +{% data reusables.enterprise-accounts.security-tab %} +1. Under "SAML User Provisioning", select **Enable SAML user provisioning**. + ![Checkbox to enable user provisioning with SAML](/assets/images/help/business-accounts/user-provisioning.png) +1. Click **Save**. +1. Optionally, enable SAML user deprovisioning. + - Select **Enable SAML user deprovisioning**, then click **Save**. + ![Checkbox to enable user deprovisioning with SAML](/assets/images/help/business-accounts/saml-deprovisioning.png) + - Read the warning, then click **Enable SAML deprovisioning**. + ![Enable SAML deprovisioning button](/assets/images/help/business-accounts/saml-deprovisioning-confirm.png) diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account.md index e3cecaba968a..147288e09d19 100644 --- a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account.md +++ b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account.md @@ -21,7 +21,7 @@ shortTitle: Enable SSO for organizations {% data reusables.saml.saml-supported-idps %} -{% data reusables.scim.enterprise-account-scim %} If you're not participating in the private beta, SCIM is not supported for enterprise accounts. For more information, see "[About user provisioning for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/about-user-provisioning-for-organizations-in-your-enterprise-account)." +{% data reusables.scim.enterprise-account-scim %} ## Enabling SAML single-sign on for organizations in your enterprise account @@ -31,7 +31,7 @@ shortTitle: Enable SSO for organizations {% endnote %} -For more detailed information about how to enable SAML using Okta, see "[Configuring SAML single sign-on and SCIM for your enterprise account using Okta](/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta)." +For more detailed information about how to enable SAML using Okta, see "[Configuring SAML single sign-on for your enterprise account using Okta](/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta)." {% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} diff --git a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/index.md b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/index.md index 0c77aaea6df8..6819d12ea648 100644 --- a/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/index.md +++ b/content/github/setting-up-and-managing-your-enterprise/configuring-identity-and-access-management-for-your-enterprise-account/index.md @@ -1,6 +1,6 @@ --- title: Configuring identity and access management for your enterprise account -intro: 'You can manage SAML single sign-on, user provisioning, and team synchronization for your enterprise.' +intro: 'You can manage SAML single sign-on and team synchronization for your enterprise.' product: '{% data reusables.gated-features.enterprise-accounts %}' versions: fpt: '*' @@ -9,8 +9,7 @@ topics: children: - /about-identity-and-access-management-for-your-enterprise-account - /enabling-saml-single-sign-on-for-organizations-in-your-enterprise-account - - /about-user-provisioning-for-organizations-in-your-enterprise-account - - /configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta + - /configuring-saml-single-sign-on-for-your-enterprise-account-using-okta - /managing-team-synchronization-for-organizations-in-your-enterprise-account shortTitle: Configure IAM --- diff --git a/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account.md b/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account.md index 33b4c4395a93..9d5ee919e5fe 100644 --- a/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account.md +++ b/content/github/setting-up-and-managing-your-enterprise/managing-organizations-in-your-enterprise-account/managing-unowned-organizations-in-your-enterprise-account.md @@ -12,8 +12,6 @@ topics: - Enterprise shortTitle: Manage unowned organizations --- -If you enable user deprovisioning to manage organization membership in your enterprise account, you could end up with an organization that has no organization owners. For more information, see "[About user provisioning for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/about-user-provisioning-for-organizations-in-your-enterprise-account)." - {% data reusables.enterprise-accounts.access-enterprise %} 2. To the right of the search field, click **X unowned**. ![Button to view unowned organizations](/assets/images/help/business-accounts/unowned-organizations-button.png) diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md index 2d62b007f8cf..4393a5ed6039 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-identity-and-access-management-with-saml-single-sign-on.md @@ -43,7 +43,7 @@ Organization members must also have an active SAML session to authorize an {% da {% data reusables.saml.saml-supported-idps %} -Some IdPs support provisioning access to a {% data variables.product.prodname_dotcom %} organization via SCIM. For more information, see "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)." +Some IdPs support provisioning access to a {% data variables.product.prodname_dotcom %} organization via SCIM. {% data reusables.scim.enterprise-account-scim %} For more information, see "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)." ## Adding members to an organization using SAML SSO diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim.md index 577c1da10e8c..eb3808891d68 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/about-scim.md @@ -21,7 +21,7 @@ These identity providers are compatible with the {% data variables.product.produ - Okta - OneLogin -{% data reusables.scim.enterprise-account-scim %} For more information, see "[About user provisioning for organizations in your enterprise account](/github/setting-up-and-managing-your-enterprise/about-user-provisioning-for-organizations-in-your-enterprise-account)." +{% data reusables.scim.enterprise-account-scim %} ## Further reading diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md index 35ee273298a7..30b67866958d 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/configuring-saml-single-sign-on-and-scim-using-okta.md @@ -81,7 +81,7 @@ After you enable SCIM, the following provisioning features are available for any ## Further reading -- "[Configuring SAML single sign-on and SCIM for your enterprise account using Okta](/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-and-scim-for-your-enterprise-account-using-okta)" +- "[Configuring SAML single sign-on for your enterprise account using Okta](/github/setting-up-and-managing-your-enterprise/configuring-saml-single-sign-on-for-your-enterprise-account-using-okta)" - "[Managing team synchronization for your organization](/organizations/managing-saml-single-sign-on-for-your-organization/managing-team-synchronization-for-your-organization#enabling-team-synchronization-for-okta)" - [Understanding SAML](https://developer.okta.com/docs/concepts/saml/) in the Okta documentation - [Understanding SCIM](https://developer.okta.com/docs/concepts/scim/) in the Okta documentation diff --git a/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md b/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md index 8d5cc1183d8b..d27fe213984d 100644 --- a/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md +++ b/content/organizations/managing-saml-single-sign-on-for-your-organization/connecting-your-identity-provider-to-your-organization.md @@ -25,7 +25,7 @@ You can find the SAML and SCIM implementation details for your IdP in their docu {% note %} -**Note:** {% data variables.product.product_name %} supported identity providers for SCIM are Azure AD, Okta, and OneLogin. For more information about SCIM, see "[About SCIM](/articles/about-scim)." +**Note:** {% data variables.product.product_name %} supported identity providers for SCIM are Azure AD, Okta, and OneLogin. {% data reusables.scim.enterprise-account-scim %} For more information about SCIM, see "[About SCIM](/articles/about-scim)." {% endnote %} diff --git a/content/rest/reference/enterprise-admin.md b/content/rest/reference/enterprise-admin.md index 3a2b13870e5d..856fe98ce8e3 100644 --- a/content/rest/reference/enterprise-admin.md +++ b/content/rest/reference/enterprise-admin.md @@ -94,68 +94,6 @@ You can also read the current version by calling the [meta endpoint](/rest/refer {% endif %} -{% ifversion fpt %} -## SCIM - -### SCIM Provisioning for Enterprises - -SCIM-enabled Identity Providers (IdPs) can use the SCIM API to automate the provisioning of enterprise membership. The {% data variables.product.product_name %} API is based on version 2.0 of the [SCIM standard](http://www.simplecloud.info/). - -The IdP must use `{% data variables.product.api_url_code %}/scim/v2/enterprises/{enterprise}/` as the SCIM endpoint. - -{% note %} - -**Note:** The enterprise SCIM API is only available to enterprises on [{% data variables.product.prodname_ghe_cloud %}](/billing/managing-billing-for-your-github-account/about-billing-for-github-accounts) with [SAML SSO](/rest/overview/other-authentication-methods#authenticating-for-saml-sso) enabled. For more information about SCIM, see "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)." - -{% endnote %} - -### Authenticating calls to the SCIM API - -You must authenticate as an owner of a {% data variables.product.product_name %} enterprise to use its SCIM API. The API expects an [OAuth 2.0 Bearer](/developers/apps/authenticating-with-github-apps) token to be included in the `Authorization` header. You may also use a personal access token, but you must first [authorize it for use with your SAML SSO enterprise](/github/authenticating-to-github/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on). - -### Mapping of SAML and SCIM data - -The SAML IdP and the SCIM client must use matching `NameID` and `userName` values for each user. This allows a user authenticating through SAML to be linked to their provisioned SCIM identity. - -SCIM groups are matched with {% data variables.product.product_name %} organizations that have the exact same name, and are owned by the enterprise account. - -The SAML IdP and SCIM client must be configured to exactly match the `displayName` of the SCIM group with the name of the corresponding {% data variables.product.product_name %} organization. This allows {% data variables.product.product_name %} to link the SCIM group with the {% data variables.product.product_name %} organization membership. - -### Supported SCIM User attributes - -Name | Type | Description ------|------|-------------- -`userName`|`string` | The username for the user. -`name.givenName`|`string` | The first name of the user. -`name.lastName`|`string` | The last name of the user. -`emails` | `array` | List of user emails. -`externalId` | `string` | This identifier is generated by the SAML provider, and is used as a unique ID by the SAML provider to match against a GitHub user. You can find the `externalID` for a user either at the SAML provider, or using the [List SCIM provisioned identities for an enterprise](#list-scim-provisioned-identities-for-an-enterprise) endpoint and filtering on other known attributes, such as a user's GitHub username or email address. -`id` | `string` | Identifier generated by the GitHub SCIM endpoint. -`active` | `boolean` | Used to indicate whether the identity is active (true) or should be deprovisioned (false). -`groups` | `array` | Optional list of SCIM group IDs the user is a member of. - -{% note %} - -**Note:** Endpoint URLs for the SCIM API are case sensitive. For example, the first letter in the `Users` endpoint must be capitalized: - -```shell -GET /scim/v2/enterprises/{enterprise}/Users/{scim_user_id} -``` - -{% endnote %} - -### Supported SCIM Group attributes - -Name | Type | Description ------|------|-------------- -`displayName` | `string` | The name of the SCIM group, which must exactly match the name of the corresponding {% data variables.product.product_name %} organization. For example, if the URL of the organization is `https://github.com/octo-org`, the group name must be `octo-org`. -`members`| `array` | List of SCIM user IDs that are members of the group. - -{% for operation in currentRestOperations %} - {% if operation.subcategory == 'scim' %}{% include rest_operation %}{% endif %} -{% endfor %} - -{% endif %} {% ifversion ghae or ghes %} ## Admin stats diff --git a/content/rest/reference/projects.md b/content/rest/reference/projects.md index 84a097bba7dc..aa8cf5ac714c 100644 --- a/content/rest/reference/projects.md +++ b/content/rest/reference/projects.md @@ -1,5 +1,6 @@ --- title: Projects +intro: 'The Projects API lets you to create, list, update, delete and customize projects in a repository.' redirect_from: - /v3/projects versions: diff --git a/content/rest/reference/pulls.md b/content/rest/reference/pulls.md index 6d210b27c1c4..269a46e146a0 100644 --- a/content/rest/reference/pulls.md +++ b/content/rest/reference/pulls.md @@ -1,5 +1,6 @@ --- title: Pulls +intro: 'The Pulls API allows you to list, view, edit, create, and even merge pull requests.' redirect_from: - /v3/pulls versions: diff --git a/content/rest/reference/rate-limit.md b/content/rest/reference/rate-limit.md index 20242dcaa730..f61160937df6 100644 --- a/content/rest/reference/rate-limit.md +++ b/content/rest/reference/rate-limit.md @@ -1,5 +1,6 @@ --- title: Rate limit +intro: 'With the Rate Limit API, you can check the current rate limit status of various REST APIs.' redirect_from: - /v3/rate_limit - /v3/rate-limit diff --git a/content/rest/reference/reactions.md b/content/rest/reference/reactions.md index 0e2edfc42945..adbbad7ca9b8 100644 --- a/content/rest/reference/reactions.md +++ b/content/rest/reference/reactions.md @@ -1,5 +1,6 @@ --- title: Reactions +intro: 'The Reactions API enables you to create, list and delete the reactions on comments.' redirect_from: - /v3/reactions versions: diff --git a/content/rest/reference/repos.md b/content/rest/reference/repos.md index 8bfb558295de..a4f37be74a29 100644 --- a/content/rest/reference/repos.md +++ b/content/rest/reference/repos.md @@ -1,5 +1,6 @@ --- title: Repositories +intro: 'The Repos API allows to create, manage and control the workflow of public and private {% data variables.product.product_name %} respositories.' allowTitleToDifferFromFilename: true redirect_from: - /v3/repos diff --git a/content/rest/reference/scim.md b/content/rest/reference/scim.md index af5cd6a9fb2f..a37ae0a08401 100644 --- a/content/rest/reference/scim.md +++ b/content/rest/reference/scim.md @@ -16,7 +16,7 @@ The SCIM API is used by SCIM-enabled Identity Providers (IdPs) to automate provi {% note %} -**Note:** The SCIM API is available only to organizations on [{% data variables.product.prodname_ghe_cloud %}](/billing/managing-billing-for-your-github-account/about-billing-for-github-accounts) with [SAML SSO](/rest/overview/other-authentication-methods#authenticating-for-saml-sso) enabled. For more information about SCIM, see "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)." +**Note:** The SCIM API is available only to organizations on [{% data variables.product.prodname_ghe_cloud %}](/billing/managing-billing-for-your-github-account/about-billing-for-github-accounts) with [SAML SSO](/rest/overview/other-authentication-methods#authenticating-for-saml-sso) enabled. {% data reusables.scim.enterprise-account-scim %} For more information about SCIM, see "[About SCIM](/organizations/managing-saml-single-sign-on-for-your-organization/about-scim)." {% endnote %} diff --git a/data/reusables/repositories/secret-scanning-add-custom-pattern.md b/data/reusables/repositories/secret-scanning-add-custom-pattern.md index 988d7ddefd86..ab41c24318ff 100644 --- a/data/reusables/repositories/secret-scanning-add-custom-pattern.md +++ b/data/reusables/repositories/secret-scanning-add-custom-pattern.md @@ -4,7 +4,7 @@ 1. Enter the details for your new custom pattern: 1. You must at least provide the name for your pattern, and a regular expression for the format of your secret pattern. 1. You can click **More options {% octicon "chevron-down" aria-label="down" %}** to provide other surrounding content or additional match requirements for the secret format. - 1. You can provide a sample test string and click the **Test** button to make sure your configuration is matching the patterns you expect. + 1. You can provide a sample test string to make sure your configuration is matching the patterns you expect. ![Create a custom {% data variables.product.prodname_secret_scanning %} pattern form](/assets/images/help/repository/secret-scanning-create-custom-pattern.png) 1. When you are satisfied with your new custom pattern, click **Create custom pattern**. diff --git a/data/reusables/scim/enterprise-account-scim.md b/data/reusables/scim/enterprise-account-scim.md index 1797863354c2..99b9942bc15b 100644 --- a/data/reusables/scim/enterprise-account-scim.md +++ b/data/reusables/scim/enterprise-account-scim.md @@ -1 +1 @@ -If you're participating in the private beta for user provisioning for enterprise accounts, when you enable SAML for your enterprise account, SCIM provisioning and deprovisioning is enabled by default in {% data variables.product.product_name %}. You can use provisioning to manage organization membership by configuring SCIM in your IdP. +Provisioning and deprovisioning user access with SCIM is not available for enterprise accounts. diff --git a/data/reusables/secret-scanning/partner-secret-list-private-repo.md b/data/reusables/secret-scanning/partner-secret-list-private-repo.md index 0ccf07dd6947..bc92afddd85d 100644 --- a/data/reusables/secret-scanning/partner-secret-list-private-repo.md +++ b/data/reusables/secret-scanning/partner-secret-list-private-repo.md @@ -101,6 +101,14 @@ Hubspot | Hubspot API Key | hubspot_api_key{% endif %} {%- ifversion fpt or ghes > 3.1 or ghae-next %} Intercom | Intercom Access Token | intercom_access_token{% endif %} {%- ifversion fpt or ghes > 3.1 or ghae-next %} +Ionic | Ionic Personal Access Token | ionic_personal_access_token{% endif %} +{%- ifversion fpt or ghes > 3.1 or ghae-next %} +Ionic | Ionic Refresh Token | ionic_refresh_token{% endif %} +{%- ifversion fpt or ghes > 3.1 or ghae-next %} +Linear | Linear API Key | linear_api_key{% endif %} +{%- ifversion fpt or ghes > 3.1 or ghae-next %} +Linear | Linear OAuth Access Token | linear_oauth_access_token{% endif %} +{%- ifversion fpt or ghes > 3.1 or ghae-next %} Lob | Lob Live API Key | lob_live_api_key{% endif %} {%- ifversion fpt or ghes > 3.1 or ghae-next %} Lob | Lob Test API Key | lob_test_api_key{% endif %} diff --git a/data/reusables/secret-scanning/partner-secret-list-public-repo.md b/data/reusables/secret-scanning/partner-secret-list-public-repo.md index 7a61669c95e6..23c3a8c0a7fb 100644 --- a/data/reusables/secret-scanning/partner-secret-list-public-repo.md +++ b/data/reusables/secret-scanning/partner-secret-list-public-repo.md @@ -42,6 +42,10 @@ Google Cloud | Google API Key Google Cloud | Google Cloud Private Key ID Hashicorp Terraform | Terraform Cloud / Enterprise API Token Hubspot | Hubspot API Key +Ionic | Ionic Personal Access Token +Ionic | Ionic Refresh Token +Linear | Linear API Key +Linear | Linear OAuth Access Token Mailchimp | Mailchimp API Key Mailchimp | Mandrill API Key Mailgun | Mailgun API Key diff --git a/javascripts/events.ts b/javascripts/events.ts index db0abac290c1..f29321d3696c 100644 --- a/javascripts/events.ts +++ b/javascripts/events.ts @@ -103,8 +103,13 @@ export function sendEvent({ type, version = '1.0.0', ...props }: SendEventProps) ...props, } - const blob = new Blob([JSON.stringify(body)], { type: 'application/json' }) - navigator.sendBeacon('/events', blob) + + // Only send the beacon if the feature is not disabled in the user's browser + if (navigator?.sendBeacon) { + const blob = new Blob([JSON.stringify(body)], { type: 'application/json' }) + navigator.sendBeacon('/events', blob) + } + return body } diff --git a/lib/warm-server.js b/lib/warm-server.js index 218b1528106c..6c942dacf975 100644 --- a/lib/warm-server.js +++ b/lib/warm-server.js @@ -14,24 +14,8 @@ const dog = { loadSiteData: statsd.timer(loadSiteData, 'load_site_data') } -// For local caching -let pageList, pageMap, site, redirects, unversionedTree, siteTree - -function isFullyWarmed () { - // NOTE: Yes, `pageList` is specifically excluded here as it is transient data - const fullyWarmed = !!(pageMap && site && redirects && unversionedTree && siteTree) - return fullyWarmed -} - -function getWarmedCache () { - return { - pages: pageMap, - site, - redirects, - unversionedTree, - siteTree - } -} +// For multiple-triggered Promise sharing +let promisedWarmServer async function warmServer () { const startTime = Date.now() @@ -40,35 +24,24 @@ async function warmServer () { console.log('Priming context information...') } - if (!unversionedTree) { - unversionedTree = await dog.loadUnversionedTree() - } - - if (!site) { - site = dog.loadSiteData() - } - - if (!siteTree) { - siteTree = await dog.loadSiteTree(unversionedTree, site) - } - - if (!pageList) { - pageList = await dog.loadPages(unversionedTree) - } - - if (!pageMap) { - pageMap = await dog.loadPageMap(pageList) - } - - if (!redirects) { - redirects = await dog.loadRedirects(pageList) - } + const unversionedTree = await dog.loadUnversionedTree() + const site = dog.loadSiteData() + const siteTree = await dog.loadSiteTree(unversionedTree, site) + const pageList = await dog.loadPages(unversionedTree) + const pageMap = await dog.loadPageMap(pageList) + const redirects = await dog.loadRedirects(pageList) if (process.env.NODE_ENV !== 'test') { console.log(`Context primed in ${Date.now() - startTime} ms`) } - return getWarmedCache() + return { + pages: pageMap, + site, + redirects, + unversionedTree, + siteTree + } } // Instrument the `warmServer` function so that @@ -78,10 +51,11 @@ dog.warmServer = statsd.asyncTimer(warmServer, 'warm_server') // We only want statistics if the priming needs to occur, so let's wrap the // real method and return early [without statistics] whenever possible module.exports = async function warmServerWrapper () { - // Bail out early if everything is properly ready to use - if (isFullyWarmed()) { - return getWarmedCache() + // Handle receiving multiple calls to this method from multiple page requests + // by holding the in-progress Promise and returning it instead of allowing + // the server to actually load all of the files multiple times. + if (!promisedWarmServer) { + promisedWarmServer = dog.warmServer() } - - return dog.warmServer() + return promisedWarmServer } diff --git a/script/graphql/utils/process-schemas.js b/script/graphql/utils/process-schemas.js index ad55211c6acf..c47c4a9aedef 100755 --- a/script/graphql/utils/process-schemas.js +++ b/script/graphql/utils/process-schemas.js @@ -3,7 +3,7 @@ const { parse, buildASTSchema } = require('graphql') const helpers = require('./schema-helpers') const fs = require('fs') -const externalScalars = JSON.parse(fs.readFileSync('../../../lib/graphql/non-schema-scalars.json')) +const externalScalars = JSON.parse(fs.readFileSync('./lib/graphql/non-schema-scalars.json')) .map(scalar => { scalar.id = helpers.getId(scalar.name) scalar.href = helpers.getFullLink('scalars', scalar.id) diff --git a/script/graphql/utils/schema-helpers.js b/script/graphql/utils/schema-helpers.js index 21958e36014f..a19e77443021 100644 --- a/script/graphql/utils/schema-helpers.js +++ b/script/graphql/utils/schema-helpers.js @@ -1,6 +1,6 @@ const renderContent = require('../../../lib/render-content') const fs = require('fs') -const graphqlTypes = JSON.parse(fs.readFileSync('../../../lib/graphql/types.json')) +const graphqlTypes = JSON.parse(fs.readFileSync('./lib/graphql/types.json')) const { isScalarType, isObjectType,