Added

• Add Documentation for Otterdog Web App deployment
• Add support for marking organizations as archived and to ignore them. (#463)
• Add new check-status CLI command. This outputs a json file of with sync, validation, and archival status of organizations. (#457)
• Added support for setting gh_pages_visibility in repositories. (#474)
• Added support for setting members_can_create_private_pages in organization settings. (#474)

Changed

• Make the sync-check always succeed to not prevent PRs from being merged due to unrelated changes in the live settings.
• Contributing documentation to include instructions for Otterdog Web App

Fixed

• Fixed GitHub Page updates due missing required fields (#450)
• Properly escape string values when passing them to a rich Console. (#440)
• Fixed regression of live settings and expected code scanning default setup (#458)

• Fixed filter invalid codeql lang values returned by gh api (#435)
• Documentation improvement
• Dependencies updates for otterdog

Fixed

• Dependencies updates for otterdog
• Minor development docs and build updates

Fixed

• Fixed support for using common DNS in MongoDB URL configuration (#417)

Fixed

• Fixed support for actions as code scanning language (#411)
• Fixed coercion of has_discussion property in case the repository is the source of organization discussions.
• Fixed importing an organization that has multiple custom properties defined.
• Fixed updating organization teams with local-apply operation.

Changed

• Changed severity of validation messages wrt to missing 'github-pages' environments from WARNING to INFO.

Added

• Added policy dependency_track_upload to upload SBOM data from workflows to a dependency track instance.
• Added operations list-blueprints and approve-blueprints to list and approve remediation PRs created for specific organizations.
• Added support for teams.
• Use asyncer to speed up retrieval of live settings. (#209)

Changed

• Updated development environment to use poetry version 2.0.0 and changed license classifier to EPL-2.0. (#328)
• Changes the exclude_team filter to not consider teams defined in the default config.
• Converted workflow related settings into an embedded model object.
• Included option repo-filter of diff related operations already when getting live data from GitHub to speed up execution.

Fixed

• Fixed display of forced updates in plan operations.

Added

• Added support for organization roles.
• Added operation check-token-permissions to list all granted and missing scopes for the cli token.
• Added option to specify reviewers for blueprint type append_configuration.
• Added view for currently active remediation PRs for configured blueprints.

Changed

• Adapted default template for GitHub organizations to take an additional parameter: project_name.
• Changed accessing security managers of an organization using the organization roles api. (#365)
• Disabled adding automatic help comments for bot users creating a pull request in the config repo.
• Disabled checking of team membership for bot users creating a pull request in the config repo.

Fixed

• Fixed displaying changes when settings squash_merge_commit_title and squash_merge_commit_message were changed at the same time.
• Prevented setting private_vulnerability_reporting_enabled for private repositories.
• Prevented wrapping of long texts when importing the configuration.

Added

• Added validation rules for squash and merge commit title and message settings of a repository.
• Added new blueprint scorecard_integration to integrate OSSF Scorecard evaluations. (#345)
• Added new blueprint append_configuration to append configuration snippets depending on certain conditions.
• Added support for organization rulesets. (#158)
• Added support for templates in required-file blueprints. (#322)
• Added support for a post-add-objects hook in the default configuration that gets executed after resources have been added. (#318)
• Added new blueprint pin_workflow to pin used GitHub actions in workflows.
• Added new blueprint required_file to create files in repositories.
• Added a new operation list-advisories to list GitHub Security Advisories for organizations.

Changed

• Added raising an InsufficientPermissionsException if the token lacks required OAuth scopes for a specific endpoint. (#126)
• Improved the check mechanism for blueprints by only checking a certain number each run and by taking the last check time into account.
• Improved the update mechanism when installing a new GitHub organization to only update the newly added organization. (#349)
• Integrated existing logging with standard python logging facility.
• Utilized rich console formatting instead of low-level colorama styles.
• Improved processing when archiving repositories to process all other requested changes before archiving them. (#134)
• Split up policies into policies and blueprint and added support for them in the UI
• Improved processing of organization settings web_commit_signoff_required and actions_can_approve_pull_request_reviews to force update the same settings on repo level as changes will be implicitly performed by GitHub.

Fixed

• Fixed retrieval of setting two_factor_requirement which has been renamed to two_factor_required in the Web UI. (#339)
• Fixed exclusion of settings that can only be accessed via the Web UI in the local-apply operation. (#330)
• Fixed updating or deleting webhooks with wildcard patterns via the local-apply operation. (#325)
• Fixed importing of rulesets due to missing handling of embedded model object required_status_checks.
• Changing setting squash_merge_commit_message also requires that setting squash_merge_commit_title is present in the payload sent to GitHub.