feat: new CodeQL variants analysis, [GET] user by accountId, projects v2 status update endpoints, new code scanning repository rule, BREAKING CHANGE: removed release-released webhook, description updates

[octokitbot]

BREAKING CHANGE: Removed release-released webhook

[wolfy1339]

Was the /orgs/{org}/team/{team_slug}/copilot/usage endpoint intentionally removed?

[wolfy1339]

I can't get the update_dry_run workflow to trigger. This will need to be merged manually @gr2m @kfcampbell @nickfloyd

[kfcampbell]

The update_dry_run check hasn't worked in some time; we've been merging without it.

I don't have any knowledge on the Copilot API changes, though I suppose I would trust the process unless I had a reason to doubt it.

@wolfy1339 are you comfortable with me merging as-is (with a breaking change in the commit message body)?

[gr2m]

I would suggest to add a deprecation like https://github.com/octokit/openapi/blob/main/changes/2021-04-30-operation-code-scanning-list-alert-instances.json, if the endpoint is infact being deprecated. If we remove an endpoint without a breaking change then people will run into cryptic TypeScript errors when using https://github.com/octokit/plugin-rest-endpoint-methods.js (used by octokit, @octokit/rest, probot, ...), when the plugin version and the types version get out of sync. Adding the endpoint back with a note should prevent these problems and provide a better DX

[wolfy1339]

The copilot endpoints are in beta, and are subject to change. I don't see this endpoint anywhere in the docs

[gr2m]

@kfcampbell can you find out what the status is with the endpoint? If we can expect it to be re-released soon again, I'd vote for not removing it temporarily

[kfcampbell]

I'm sorry, this slipped through the cracks for me. I've asked and will report back when I hear anything.

[kfcampbell]

It was intended to be a temporary decision to unship the endpoint; it will be added back in the near future. We should probably not remove it across all our repos at this point.

[wolfy1339]

@kfcampbell Do you have any update for the /orgs/{org}/team/{team_slug}/copilot/usage endpoint

[wolfy1339]

@kfcampbell @nickfloyd Hi, is there any update for the issue blocking this PR

[kfcampbell]

@wolfy1339 sorry for the delay! The endpoint is back in our specification but marked as "public beta". It's visible in github/rest-api-description if you search for the operationId copilot/usage-metrics-for-team. Here's the YAML:

  "/orgs/{org}/team/{team_slug}/copilot/usage":
    get:
      summary: Get a summary of Copilot usage for a team
      description: |-
        > [!NOTE]
        > This endpoint is in public preview and is subject to change.

        You can use this endpoint to see a daily breakdown of aggregated usage metrics for Copilot completions and Copilot Chat in the IDE
        for users within a team, with a further breakdown of suggestions, acceptances, and number of active users by editor and language for each day.
        See the response schema tab for detailed metrics definitions.

        The response contains metrics for up to 28 days prior. Usage metrics are processed once per day for the previous day,
        and the response will only include data up until yesterday. In order for an end user to be counted towards these metrics,
        they must have telemetry enabled in their IDE.

        > [!NOTE]
        > This endpoint will only return results for a given day if the team had five or more members with active Copilot licenses, as evaluated at the end of that day.

        Organization owners for the organization that contains this team, and owners and billing managers of the parent enterprise can view Copilot usage metrics for a team.

        OAuth app tokens and personal access tokens (classic) need either the `manage_billing:copilot`, `read:org`, or `read:enterprise` scopes to use this endpoint.
      tags:
      - copilot
      operationId: copilot/usage-metrics-for-team
      externalDocs:
        description: API method documentation
        url: https://docs.github.com/rest/copilot/copilot-usage#get-a-summary-of-copilot-usage-for-a-team
      parameters:
      - "$ref": "#/components/parameters/org"
      - "$ref": "#/components/parameters/team-slug"
      - name: since
        description: Show usage metrics since this date. This is a timestamp in [ISO
          8601](https://en.wikipedia.org/wiki/ISO_8601) format (`YYYY-MM-DDTHH:MM:SSZ`).
          Maximum value is 28 days ago.
        in: query
        required: false
        schema:
          type: string
      - name: until
        description: Show usage metrics until this date. This is a timestamp in [ISO
          8601](https://en.wikipedia.org/wiki/ISO_8601) format (`YYYY-MM-DDTHH:MM:SSZ`)
          and should not preceed the `since` date if it is passed.
        in: query
        required: false
        schema:
          type: string
      - "$ref": "#/components/parameters/page"
      - name: per_page
        description: The number of days of metrics to display per page (max 28). For
          more information, see "[Using pagination in the REST API](https://docs.github.com/rest/using-the-rest-api/using-pagination-in-the-rest-api)."
        in: query
        schema:
          type: integer
          default: 28
      responses:
        '200':
          description: Response
          content:
            application/json:
              schema:
                type: array
                items:
                  "$ref": "#/components/schemas/copilot-usage-metrics"
              examples:
                default:
                  "$ref": "#/components/examples/copilot-usage-metrics-org"
        '500':
          "$ref": "#/components/responses/internal_error"
        '401':
          "$ref": "#/components/responses/requires_authentication"
        '403':
          "$ref": "#/components/responses/forbidden"
        '404':
          "$ref": "#/components/responses/not_found"
      x-github:
        githubCloudOnly: false
        enabledForGitHubApps: true
        category: copilot
        subcategory: copilot-usage

[wolfy1339]

That is great to hear

[nickfloyd]

Just to make sure I didn't miss any outstanding concerns - is everyone good with this being merged given the endpoint evidence above?

[wolfy1339]

I'm all for merging this. The diff needs to be double checked to ensure no breaking changes are introduced and to get a better idea of new features that were added

[nickfloyd]

The diff needs to be double checked to ensure no breaking changes are introduced and to get a better idea of new features that were added

Doing that now locally. I'll update the description based on what I find. Thanks, as always, for your help on this one @wolfy1339 & @gr2m ❤️

[wolfy1339]

We aren't concerned with webhooks in this repository

[nickfloyd]

We aren't concerned with webhooks in this repository I completely forgot about that. Hopefully the version bump won't create too much noise. Let me know if you think it's a concern.

[wolfy1339]

It will be fine

[octokitbot]

:tada: This issue has been resolved in version 17.0.0 :tada:

The release is available on:

• GitHub release
• npm package (@latest dist-tag)

Your semantic-release bot :package::rocket:

[gr2m]

I'd say it's valid to release a breaking change if the spec itself removed something. The breaking change should not cause more noise than a feature release to all the auto-generated code updates that only care about REST APIs