feat: new action runner groups endpoints, new code scanning alerts autofix endpoints, new sub-issues endpoints, new private registries enpoints, new code security endpoints, various description updates (#777)

- Description updates
- New `/enterprises/{enterprise}/copilot/billing/seats`
- New `/enterprises/{enterprise}/settings/billing/cost-centers`
- New `/enterprises/{enterprise}/settings/billing/usage`
- New `/enterprises/{enterprise}/code-security/configurations/defaults`
- New `/enterprises/{enterprise}/code-security/configurations/{configuration_id}`
- New `/enterprises/{enterprise}/code-security/configurations/{configuration_id}/attach`
- New `/orgs/{org}/actions/runner-groups`
- New `/orgs/{org}/actions/runner-groups/{runner_group_id}`
- New `/orgs/{org}/actions/runner-groups/{runner_group_id}/repositories`
- New `/orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}`
- New `/orgs/{org}/actions/runner-groups/{runner_group_id}/runners`
- New `/orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}`
- New `/orgs/{org}/copilot/metrics`
- New `/orgs/{org}/insights/api/route-stats/{actor_type}/{actor_id}`
- New `/orgs/{org}/insights/api/subject-stats`
- New `/orgs/{org}/insights/api/summary-stats`
- New `/orgs/{org}/insights/api/summary-stats/users/{user_id}`
- New `/orgs/{org}/insights/api/summary-stats/{actor_type}/{actor_id}`
- New `/orgs/{org}/insights/api/time-stats`
- New `/orgs/{org}/insights/api/time-stats/users/{user_id}`
- New `/orgs/{org}/insights/api/time-stats/{actor_type}/{actor_id}`
- New `/orgs/{org}/insights/api/user-stats/{user_id}`
- New `/orgs/{org}/private-registries`
- New `/orgs/{org}/private-registries/public-key`
- New `/orgs/{org}/private-registries/{secret_name}`
- New `/orgs/{org}/team/{team_slug}/copilot/metrics`
- New `/orgs/{org}/team/{team_slug}/copilot/usage`
- **Deprecate `/orgs/{org}/{security_product}/{enablement}`**
- New `/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix`
- New `/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix/commits`
- New `/repos/{owner}/{repo}/code-security-configuration`
- Add discriminators for various properties
- New `/repos/{owner}/{repo}/issues/{issue_number}/sub_issues`
- New `/repos/{owner}/{repo}/issues/{issue_number}/sub_issues/priority`
- New `/repos/{owner}/{repo}/secret-scanning/push-protection-bypasses`
- New `/repos/{owner}/{repo}/secret-scanning/scan-history`

Author: octokitbot

docs/actions/addRepoAccessToSelfHostedRunnerGroupInOrg.md

@@ -0,0 +1,52 @@
+---
+name: Add repository access to a self-hosted runner group in an organization
+example: octokit.rest.actions.addRepoAccessToSelfHostedRunnerGroupInOrg({ org, runner_group_id, repository_id })
+route: PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}
+scope: actions
+type: API method
+---
+
+# Add repository access to a self-hosted runner group in an organization
+
+Adds a repository to the list of repositories that can access a self-hosted runner group. The runner group must have `visibility` set to `selected`. For more information, see "[Create a self-hosted runner group for an organization](#create-a-self-hosted-runner-group-for-an-organization)."
+
+OAuth tokens and personal access tokens (classic) need the `admin:org` scope to use this endpoint.
+
+```js
+octokit.rest.actions.addRepoAccessToSelfHostedRunnerGroupInOrg({
+  org,
+  runner_group_id,
+  repository_id,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>org</td><td>yes</td><td>
+
+The organization name. The name is not case sensitive.
+
+</td></tr>
+<tr><td>runner_group_id</td><td>yes</td><td>
+
+Unique identifier of the self-hosted runner group.
+
+</td></tr>
+<tr><td>repository_id</td><td>yes</td><td>
+
+The unique identifier of the repository.
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/actions/self-hosted-runner-groups#add-repository-access-to-a-self-hosted-runner-group-in-an-organization).

docs/actions/listWorkflowRuns.md

@@ -14,6 +14,8 @@ Anyone with read access to the repository can use this endpoint
 
 OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
 
+This endpoint will return up to 1,000 results for each search when using the following parameters: `actor`, `branch`, `check_suite_id`, `created`, `event`, `head_sha`, `status`.
+
 ```js
 octokit.rest.actions.listWorkflowRuns({
   owner,

docs/actions/listWorkflowRunsForRepo.md

@@ -14,7 +14,7 @@ Anyone with read access to the repository can use this endpoint.
 
 OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
 
-This API will return up to 1,000 results for each search when using the following parameters: `actor`, `branch`, `check_suite_id`, `created`, `event`, `head_sha`, `status`.
+This endpoint will return up to 1,000 results for each search when using the following parameters: `actor`, `branch`, `check_suite_id`, `created`, `event`, `head_sha`, `status`.
 
 ```js
 octokit.rest.actions.listWorkflowRunsForRepo({

docs/actions/reviewCustomGatesForRun.md

@@ -10,8 +10,8 @@ type: API method
 
 Approve or reject custom deployment protection rules provided by a GitHub App for a workflow run. For more information, see "[Using environments for deployment](https://docs.github.com/actions/deployment/targeting-different-environments/using-environments-for-deployment)."
 
-**Note:** GitHub Apps can only review their own custom deployment protection rules.
-To approve or reject pending deployments that are waiting for review from a specific person or team, see [`POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments`](/rest/actions/workflow-runs#review-pending-deployments-for-a-workflow-run).
+> [!NOTE]
+> GitHub Apps can only review their own custom deployment protection rules. To approve or reject pending deployments that are waiting for review from a specific person or team, see [`POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments`](/rest/actions/workflow-runs#review-pending-deployments-for-a-workflow-run).
 
 OAuth app tokens and personal access tokens (classic) need the `repo` scope to use this endpoint with a private repository.
 

docs/actions/setAllowedActionsOrganization.md

@@ -48,7 +48,8 @@ Whether actions from GitHub Marketplace verified creators are allowed. Set to `t
 
 Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, `monalisa/octocat@*`, `monalisa/octocat@v2`, `monalisa/*`.
 
-**Note**: The `patterns_allowed` setting only applies to public repositories.
+> [!NOTE]
+> The `patterns_allowed` setting only applies to public repositories.
 
 </td></tr>
   </tbody>

docs/actions/setAllowedActionsRepository.md

@@ -54,7 +54,8 @@ Whether actions from GitHub Marketplace verified creators are allowed. Set to `t
 
 Specifies a list of string-matching patterns to allow specific action(s) and reusable workflow(s). Wildcards, tags, and SHAs are allowed. For example, `monalisa/octocat@*`, `monalisa/octocat@v2`, `monalisa/*`.
 
-**Note**: The `patterns_allowed` setting only applies to public repositories.
+> [!NOTE]
+> The `patterns_allowed` setting only applies to public repositories.
 
 </td></tr>
   </tbody>

docs/activity/getFeeds.md

@@ -20,7 +20,8 @@ Lists the feeds available to the authenticated user. The response provides a URL
 
 By default, timeline resources are returned in JSON. You can specify the `application/atom+xml` type in the `Accept` header to return timeline resources in Atom format. For more information, see "[Media types](https://docs.github.com/rest/using-the-rest-api/getting-started-with-the-rest-api#media-types)."
 
-**Note**: Private feeds are only returned when [authenticating via Basic Auth](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) since current feed URIs use the older, non revocable auth tokens.
+> [!NOTE]
+> Private feeds are only returned when [authenticating via Basic Auth](https://docs.github.com/rest/authentication/authenticating-to-the-rest-api#using-basic-authentication) since current feed URIs use the older, non revocable auth tokens.
 
 ```js
 octokit.rest.activity.getFeeds();

docs/activity/listEventsForAuthenticatedUser.md

@@ -8,7 +8,10 @@ type: API method
 
 # List events for the authenticated user
 
-If you are authenticated as the given user, you will see your private events. Otherwise, you'll only see public events.
+If you are authenticated as the given user, you will see your private events. Otherwise, you'll only see public events. _Optional_: use the fine-grained token with following permission set to view private events: "Events" user permissions (read).
+
+> [!NOTE]
+> This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
 
 ```js
 octokit.rest.activity.listEventsForAuthenticatedUser({

docs/activity/listOrgEventsForAuthenticatedUser.md

@@ -10,6 +10,9 @@ type: API method
 
 This is the user's organization dashboard. You must be authenticated as the user to view this.
 
+> [!NOTE]
+> This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
+
 ```js
 octokit.rest.activity.listOrgEventsForAuthenticatedUser({
   username,

docs/activity/listPublicEvents.md

@@ -8,7 +8,8 @@ type: API method
 
 # List public events
 
-We delay the public events feed by five minutes, which means the most recent event returned by the public events API actually occurred at least five minutes ago.
+> [!NOTE]
+> This API is not built to serve real-time use cases. Depending on the time of day, event latency can be anywhere from 30s to 6h.
 
 ```js
 octokit.rest.activity.listPublicEvents();