From 076e9480ca6e9633bff412d05eff0fc2f1e7d2be Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 10 Apr 2026 17:35:53 -0700
Subject: [PATCH] feat: update permission inputs (#358)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [@octokit/openapi](https://github.com/octokit/openapi) from 21.0.0
to 22.0.0.
Release notes
Sourced from @​octokit/openapi's
releases.
v22.0.0
22.0.0
(2025-12-09)
Features
- drop projects-classic endpoints, add GitHub API endpoints: cache
limits (retention & storage) for repos/orgs/enterprises, billing
budgets & usage, artifacts deployment metadata, and projectsV2
drafts & fields (#518)
(b0c44a4)
BREAKING CHANGES
- Removed
/orgs/{org}/projects
- Removed
/orgs/{org}/settings/billing/actions
- Removed
/orgs/{org}/settings/billing/packages
- Removed
/orgs/{org}/settings/billing/shared-storage
- Removed
/orgs/{org}/teams/{team_slug}/projects
- Removed
/orgs/{org}/teams/{team_slug}/projects/{project_id}
- Removed
/projects/columns/{column_id}
- Removed
/projects/columns/{column_id}/moves
- Removed
/projects/{project_id}
- Removed
/projects/{project_id}/collaborators
- Removed
/projects/{project_id}/collaborators/{username}
- Removed
/projects/{project_id}/collaborators/{username}/permission
- Removed
/repos/{owner}/{repo}/projects
- Removed
/teams/{team_id}/projects
- Removed
/teams/{team_id}/projects/{project_id}
- Removed
/user/projects
- Removed
/users/{username}/projects
- Removed
/users/{username}/settings/billing/actions
- Removed
/users/{username}/settings/billing/packages
- Removed
/users/{username}/settings/billing/shared-storage
Commits
6f63b86
build(deps): lock file maintenance (#520)b0c44a4
feat: drop projects-classic endpoints, add GitHub API endpoints: cache
limits...a8043eb
ci(action): update actions/checkout action to v6 (#519)af315cd
build(deps): lock file maintenance (#514)170f396
build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#516)077a1b9
build(deps): lock file maintenance (#508)cfca956
ci(action): update github/codeql-action action to v4 (#510)f15da93
ci(action): update peter-evans/create-or-update-comment action to v5 (#509)64bef33
chore(deps): update dependency map-obj to v6 (#507)4e8e223
chore(deps): update dependency github-enterprise-server-versions to v3
(#511)- Additional commits viewable in compare
view
Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub
Actions), a new releaser for @​octokit/openapi since your
current version.
Resolves https://github.com/github/gh-aw/issues/18921.
---------
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
action.yml | 8 +++++++
package-lock.json | 8 +++----
package.json | 2 +-
scripts/generated/app-permissions.json | 32 ++++++++++++++++++++++++++
4 files changed, 45 insertions(+), 5 deletions(-)
diff --git a/action.yml b/action.yml
index ba4e915..41cd4b0 100644
--- a/action.yml
+++ b/action.yml
@@ -31,6 +31,10 @@ inputs:
description: "The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be set to 'read' or 'write'."
permission-administration:
description: "The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be set to 'read' or 'write'."
+ permission-artifact-metadata:
+ description: "The level of permission to grant the access token to create and retrieve build artifact metadata records. Can be set to 'read' or 'write'."
+ permission-attestations:
+ description: "The level of permission to create and retrieve the access token for repository attestations. Can be set to 'read' or 'write'."
permission-checks:
description: "The level of permission to grant the access token for checks on code. Can be set to 'read' or 'write'."
permission-codespaces:
@@ -43,6 +47,8 @@ inputs:
description: "The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."
permission-deployments:
description: "The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'."
+ permission-discussions:
+ description: "The level of permission to grant the access token for discussions and related comments and labels. Can be set to 'read' or 'write'."
permission-email-addresses:
description: "The level of permission to grant the access token to manage the email addresses belonging to a user. Can be set to 'read' or 'write'."
permission-enterprise-custom-properties-for-organizations:
@@ -61,6 +67,8 @@ inputs:
description: "The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be set to 'read' or 'write'."
permission-members:
description: "The level of permission to grant the access token for organization teams and members. Can be set to 'read' or 'write'."
+ permission-merge-queues:
+ description: "The level of permission to grant the access token to manage the merge queues for a repository. Can be set to 'read' or 'write'."
permission-metadata:
description: "The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be set to 'read' or 'write'."
permission-organization-administration:
diff --git a/package-lock.json b/package-lock.json
index 0a8013d..984c34d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -15,7 +15,7 @@
"p-retry": "^8.0.0"
},
"devDependencies": {
- "@octokit/openapi": "^21.0.0",
+ "@octokit/openapi": "^22.0.0",
"c8": "^11.0.0",
"esbuild": "^0.27.4",
"open-cli": "^9.0.0",
@@ -671,9 +671,9 @@
}
},
"node_modules/@octokit/openapi": {
- "version": "21.0.0",
- "resolved": "https://registry.npmjs.org/@octokit/openapi/-/openapi-21.0.0.tgz",
- "integrity": "sha512-NybZQUNsa6yErKW1EEniJs0c/KFEFkXOrWlHk9IVFkY2OC5SQJMsjJnfCfVFyIuBjt8qBHGTopri7y/cKafxPQ==",
+ "version": "22.0.0",
+ "resolved": "https://registry.npmjs.org/@octokit/openapi/-/openapi-22.0.0.tgz",
+ "integrity": "sha512-Rpif7FjTjFEBSU+amIRHUAIAHwgg+tVJdTiQuU2GEWDniZxmWjxZCgJ4V9GEp2GXnq/Bl+TrjEvwAl9PB29NAQ==",
"dev": true,
"license": "MIT",
"engines": {
diff --git a/package.json b/package.json
index 67391e0..383aa20 100644
--- a/package.json
+++ b/package.json
@@ -22,7 +22,7 @@
"p-retry": "^8.0.0"
},
"devDependencies": {
- "@octokit/openapi": "^21.0.0",
+ "@octokit/openapi": "^22.0.0",
"c8": "^11.0.0",
"esbuild": "^0.27.4",
"open-cli": "^9.0.0",
diff --git a/scripts/generated/app-permissions.json b/scripts/generated/app-permissions.json
index aae22e8..d66d70c 100644
--- a/scripts/generated/app-permissions.json
+++ b/scripts/generated/app-permissions.json
@@ -19,6 +19,22 @@
"write"
]
},
+ "artifact_metadata": {
+ "type": "string",
+ "description": "The level of permission to grant the access token to create and retrieve build artifact metadata records.",
+ "enum": [
+ "read",
+ "write"
+ ]
+ },
+ "attestations": {
+ "type": "string",
+ "description": "The level of permission to create and retrieve the access token for repository attestations.",
+ "enum": [
+ "read",
+ "write"
+ ]
+ },
"checks": {
"type": "string",
"description": "The level of permission to grant the access token for checks on code.",
@@ -59,6 +75,14 @@
"write"
]
},
+ "discussions": {
+ "type": "string",
+ "description": "The level of permission to grant the access token for discussions and related comments and labels.",
+ "enum": [
+ "read",
+ "write"
+ ]
+ },
"environments": {
"type": "string",
"description": "The level of permission to grant the access token for managing repository environments.",
@@ -75,6 +99,14 @@
"write"
]
},
+ "merge_queues": {
+ "type": "string",
+ "description": "The level of permission to grant the access token to manage the merge queues for a repository.",
+ "enum": [
+ "read",
+ "write"
+ ]
+ },
"metadata": {
"type": "string",
"description": "The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.",