🚧 GitHub OpenAPI specifications changed

docs/billing/getGithubBillingUsageReportUser.md

@@ -0,0 +1,60 @@
+---
+name: Get billing usage report for a user
+example: octokit.rest.billing.getGithubBillingUsageReportUser({ username })
+route: GET /users/{username}/settings/billing/usage
+scope: billing
+type: API method
+---
+
+# Get billing usage report for a user
+
+Gets a report of the total usage for a user.
+
+**Note:** This endpoint is only available to users with access to the enhanced billing platform.
+
+```js
+octokit.rest.billing.getGithubBillingUsageReportUser({
+  username,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>username</td><td>yes</td><td>
+
+The handle for the GitHub user account.
+
+</td></tr>
+<tr><td>year</td><td>no</td><td>
+
+If specified, only return results for a single year. The value of `year` is an integer with four digits representing a year. For example, `2025`. Default value is the current year.
+
+</td></tr>
+<tr><td>month</td><td>no</td><td>
+
+If specified, only return results for a single month. The value of `month` is an integer between `1` and `12`. If no year is specified the default `year` is used.
+
+</td></tr>
+<tr><td>day</td><td>no</td><td>
+
+If specified, only return results for a single day. The value of `day` is an integer between `1` and `31`. If no `year` or `month` is specified, the default `year` and `month` are used.
+
+</td></tr>
+<tr><td>hour</td><td>no</td><td>
+
+If specified, only return results for a single hour. The value of `hour` is an integer between `0` and `23`. If no `year`, `month`, or `day` is specified, the default `year`, `month`, and `day` are used.
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/billing/enhanced-billing#get-billing-usage-report-for-a-user).

docs/checks/rerequestRun.md

@@ -8,12 +8,10 @@ type: API method
 
 # Rerequest a check run
 
-Triggers GitHub to rerequest an existing check run, without pushing new code to a repository. This endpoint will trigger the [`check_run` webhook](https://docs.github.com/webhooks/event-payloads/#check_run) event with the action `rerequested`. When a check run is `rerequested`, its `status` is reset to `queued` and the `conclusion` is cleared.
+Triggers GitHub to rerequest an existing check run, without pushing new code to a repository. This endpoint will trigger the [`check_run` webhook](https://docs.github.com/webhooks/event-payloads/#check_run) event with the action `rerequested`. When a check run is `rerequested`, the `status` of the check suite it belongs to is reset to `queued` and the `conclusion` is cleared. The check run itself is not updated. GitHub apps recieving the [`check_run` webhook](https://docs.github.com/webhooks/event-payloads/#check_run) with the `rerequested` action should then decide if the check run should be reset or updated and call the [update `check_run` endpoint](https://docs.github.com/rest/checks/runs#update-a-check-run) to update the check_run if desired.
 
 For more information about how to re-run GitHub Actions jobs, see "[Re-run a job from a workflow run](https://docs.github.com/rest/actions/workflow-runs#re-run-a-job-from-a-workflow-run)".
 
-OAuth apps and personal access tokens (classic) cannot use this endpoint.
-
 ```js
 octokit.rest.checks.rerequestRun({
   owner,

docs/checks/rerequestSuite.md

@@ -10,8 +10,6 @@ type: API method
 
 Triggers GitHub to rerequest an existing check suite, without pushing new code to a repository. This endpoint will trigger the [`check_suite` webhook](https://docs.github.com/webhooks/event-payloads/#check_suite) event with the action `rerequested`. When a check suite is `rerequested`, its `status` is reset to `queued` and the `conclusion` is cleared.
 
-OAuth apps and personal access tokens (classic) cannot use this endpoint.
-
 ```js
 octokit.rest.checks.rerequestSuite({
   owner,

docs/codeSecurity/createConfiguration.md

@@ -52,7 +52,7 @@ A description of the code security configuration
 </td></tr>
 <tr><td>advanced_security</td><td>no</td><td>
 
-The enablement status of GitHub Advanced Security
+The enablement status of GitHub Advanced Security features. `enabled` will enable both Code Security and Secret Protection features.
 
 </td></tr>
 <tr><td>dependency_graph</td><td>no</td><td>

docs/codeSecurity/createConfigurationForEnterprise.md

@@ -50,7 +50,7 @@ A description of the code security configuration
 </td></tr>
 <tr><td>advanced_security</td><td>no</td><td>
 
-The enablement status of GitHub Advanced Security
+The enablement status of GitHub Advanced Security features. `enabled` will enable both Code Security and Secret Protection features.
 
 </td></tr>
 <tr><td>dependency_graph</td><td>no</td><td>

docs/codeSecurity/updateConfiguration.md

@@ -56,7 +56,7 @@ A description of the code security configuration
 </td></tr>
 <tr><td>advanced_security</td><td>no</td><td>
 
-The enablement status of GitHub Advanced Security
+The enablement status of GitHub Advanced Security features. `enabled` will enable both Code Security and Secret Protection features.
 
 </td></tr>
 <tr><td>dependency_graph</td><td>no</td><td>

docs/codeSecurity/updateEnterpriseConfiguration.md

@@ -54,7 +54,7 @@ A description of the code security configuration
 </td></tr>
 <tr><td>advanced_security</td><td>no</td><td>
 
-The enablement status of GitHub Advanced Security. Must be set to enabled if you want to enable any GHAS settings.
+The enablement status of GitHub Advanced Security features. `enabled` will enable both Code Security and Secret Protection features.
 
 </td></tr>
 <tr><td>dependency_graph</td><td>no</td><td>

docs/credentials/revoke.md

@@ -0,0 +1,51 @@
+---
+name: Revoke a list of credentials
+example: octokit.rest.credentials.revoke({ credentials })
+route: POST /credentials/revoke
+scope: credentials
+type: API method
+---
+
+# Revoke a list of credentials
+
+Submit a list of credentials to be revoked. This endpoint is intended to revoke credentials the caller does not own and may have found exposed on GitHub.com or elsewhere. It can also be used for credentials associated with an old user account that you no longer have access to. Credential owners will be notified of the revocation.
+
+This endpoint currently accepts the following credential types:
+
+- Personal access tokens (classic)
+- Fine-grained personal access tokens
+
+Revoked credentials may impact users on GitHub Free, Pro, & Team and GitHub Enterprise Cloud, and GitHub Enterprise Cloud with Enterprise Managed Users.
+GitHub cannot reactivate any credentials that have been revoked; new credentials will need to be generated.
+
+To prevent abuse, this API is limited to only 60 unauthenticated requests per hour and a max of 1000 tokens per API request.
+
+> [!NOTE]
+> Any authenticated requests will return a 403.
+
+```js
+octokit.rest.credentials.revoke({
+  credentials,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>credentials</td><td>yes</td><td>
+
+A list of credentials to be revoked, up to 1000 per request.
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/credentials/revoke#revoke-a-list-of-credentials).

docs/dependabot/listAlertsForEnterprise.md

@@ -74,6 +74,12 @@ CVE Exploit Prediction Scoring System (EPSS) percentage. Can be specified as:
 
 Filters the list of alerts based on EPSS percentages. If specified, only alerts with the provided EPSS percentages will be returned.
 
+</td></tr>
+<tr><td>has</td><td>no</td><td>
+
+Filters the list of alerts based on whether the alert has the given value. If specified, only alerts meeting this criterion will be returned.
+Multiple `has` filters can be passed to filter for alerts that have all of the values. Currently, only `patch` is supported.
+
 </td></tr>
 <tr><td>scope</td><td>no</td><td>
 

docs/dependabot/listAlertsForOrg.md

@@ -72,6 +72,12 @@ CVE Exploit Prediction Scoring System (EPSS) percentage. Can be specified as:
 
 Filters the list of alerts based on EPSS percentages. If specified, only alerts with the provided EPSS percentages will be returned.
 
+</td></tr>
+<tr><td>has</td><td>no</td><td>
+
+Filters the list of alerts based on whether the alert has the given value. If specified, only alerts meeting this criterion will be returned.
+Multiple `has` filters can be passed to filter for alerts that have all of the values. Currently, only `patch` is supported.
+
 </td></tr>
 <tr><td>scope</td><td>no</td><td>
 

docs/dependabot/listAlertsForRepo.md

@@ -79,6 +79,12 @@ CVE Exploit Prediction Scoring System (EPSS) percentage. Can be specified as:
 
 Filters the list of alerts based on EPSS percentages. If specified, only alerts with the provided EPSS percentages will be returned.
 
+</td></tr>
+<tr><td>has</td><td>no</td><td>
+
+Filters the list of alerts based on whether the alert has the given value. If specified, only alerts meeting this criterion will be returned.
+Multiple `has` filters can be passed to filter for alerts that have all of the values. Currently, only `patch` is supported.
+
 </td></tr>
 <tr><td>scope</td><td>no</td><td>
 

docs/orgs/listMembers.md

@@ -34,7 +34,7 @@ The organization name. The name is not case sensitive.
 </td></tr>
 <tr><td>filter</td><td>no</td><td>
 
-Filter members returned in the list. `2fa_disabled` means that only members without [two-factor authentication](https://github.com/blog/1614-two-factor-authentication) enabled will be returned. This options is only available for organization owners.
+Filter members returned in the list. `2fa_disabled` means that only members without [two-factor authentication](https://github.com/blog/1614-two-factor-authentication) enabled will be returned. `2fa_insecure` means that only members with [insecure 2FA methods](https://docs.github.com/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization#requiring-secure-methods-of-two-factor-authentication-in-your-organization) will be returned. These options are only available for organization owners.
 
 </td></tr>
 <tr><td>role</td><td>no</td><td>

docs/orgs/listOutsideCollaborators.md

@@ -34,7 +34,7 @@ The organization name. The name is not case sensitive.
 </td></tr>
 <tr><td>filter</td><td>no</td><td>
 
-Filter the list of outside collaborators. `2fa_disabled` means that only outside collaborators without [two-factor authentication](https://github.com/blog/1614-two-factor-authentication) enabled will be returned.
+Filter the list of outside collaborators. `2fa_disabled` means that only outside collaborators without [two-factor authentication](https://github.com/blog/1614-two-factor-authentication) enabled will be returned. `2fa_insecure` means that only outside collaborators with [insecure 2FA methods](https://docs.github.com/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization#requiring-secure-methods-of-two-factor-authentication-in-your-organization) will be returned.
 
 </td></tr>
 <tr><td>per_page</td><td>no</td><td>

docs/privateRegistries/createOrgPrivateRegistry.md

@@ -8,9 +8,6 @@ type: API method
 
 # Create a private registry for an organization
 
-> [!NOTE]
-> This endpoint is in public preview and is subject to change.
-
 Creates a private registry configuration with an encrypted value for an organization. Encrypt your secret using [LibSodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages). For more information, see "[Encrypting secrets for the REST API](https://docs.github.com/rest/guides/encrypting-secrets-for-the-rest-api)."
 
 OAuth app tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.