feat: octokit.apps.scopeToken() (#316)

Author: octokitbot

docs/actions/setAllowedActionsOrganization.md

@@ -1,6 +1,6 @@
 ---
 name: Set allowed actions for an organization
-example: octokit.actions.setAllowedActionsOrganization({ org })
+example: octokit.actions.setAllowedActionsOrganization({ org, github_owned_allowed, verified_allowed, patterns_allowed })
 route: PUT /orgs/{org}/actions/permissions/selected-actions
 scope: actions
 type: API method
@@ -19,6 +19,9 @@ You must authenticate using an access token with the `admin:org` scope to use th
 ```js
 octokit.actions.setAllowedActionsOrganization({
   org,
+  github_owned_allowed,
+  verified_allowed,
+  patterns_allowed,
 });
 ```
 
@@ -36,17 +39,17 @@ octokit.actions.setAllowedActionsOrganization({
     <tr><td>org</td><td>yes</td><td>
 
 </td></tr>
-<tr><td>github_owned_allowed</td><td>no</td><td>
+<tr><td>github_owned_allowed</td><td>yes</td><td>
 
 Whether GitHub-owned actions are allowed. For example, this includes the actions in the `actions` organization.
 
 </td></tr>
-<tr><td>verified_allowed</td><td>no</td><td>
+<tr><td>verified_allowed</td><td>yes</td><td>
 
 Whether actions in GitHub Marketplace from verified creators are allowed. Set to `true` to allow all GitHub Marketplace actions by verified creators.
 
 </td></tr>
-<tr><td>patterns_allowed</td><td>no</td><td>
+<tr><td>patterns_allowed</td><td>yes</td><td>
 
 Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, `monalisa/octocat@*`, `monalisa/octocat@v2`, `monalisa/*`."
 

docs/actions/setAllowedActionsRepository.md

@@ -1,6 +1,6 @@
 ---
 name: Set allowed actions for a repository
-example: octokit.actions.setAllowedActionsRepository({ owner, repo })
+example: octokit.actions.setAllowedActionsRepository({ owner, repo, github_owned_allowed, verified_allowed, patterns_allowed })
 route: PUT /repos/{owner}/{repo}/actions/permissions/selected-actions
 scope: actions
 type: API method
@@ -20,6 +20,9 @@ You must authenticate using an access token with the `repo` scope to use this en
 octokit.actions.setAllowedActionsRepository({
   owner,
   repo,
+  github_owned_allowed,
+  verified_allowed,
+  patterns_allowed,
 });
 ```
 
@@ -40,17 +43,17 @@ octokit.actions.setAllowedActionsRepository({
 <tr><td>repo</td><td>yes</td><td>
 
 </td></tr>
-<tr><td>github_owned_allowed</td><td>no</td><td>
+<tr><td>github_owned_allowed</td><td>yes</td><td>
 
 Whether GitHub-owned actions are allowed. For example, this includes the actions in the `actions` organization.
 
 </td></tr>
-<tr><td>verified_allowed</td><td>no</td><td>
+<tr><td>verified_allowed</td><td>yes</td><td>
 
 Whether actions in GitHub Marketplace from verified creators are allowed. Set to `true` to allow all GitHub Marketplace actions by verified creators.
 
 </td></tr>
-<tr><td>patterns_allowed</td><td>no</td><td>
+<tr><td>patterns_allowed</td><td>yes</td><td>
 
 Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, `monalisa/octocat@*`, `monalisa/octocat@v2`, `monalisa/*`."
 

docs/apps/addRepoToInstallation.md

@@ -10,7 +10,7 @@ type: API method
 
 Add a single repository to an installation. The authenticated user must have admin access to the repository.
 
-You must use a personal access token (which you can create via the [command line](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/) or the [OAuth Authorizations API](https://docs.github.com/rest/reference/oauth-authorizations#create-a-new-authorization) or [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) to access this endpoint.
+You must use a personal access token (which you can create via the [command line](https://docs.github.com/github/authenticating-to-github/creating-a-personal-access-token) or [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication)) to access this endpoint.
 
 ```js
 octokit.apps.addRepoToInstallation({

docs/apps/checkToken.md

@@ -30,6 +30,8 @@ octokit.apps.checkToken({
   <tbody>
     <tr><td>client_id</td><td>yes</td><td>
 
+The client ID of your GitHub app.
+
 </td></tr>
 <tr><td>access_token</td><td>yes</td><td>
 

docs/apps/deleteAuthorization.md

@@ -30,6 +30,8 @@ octokit.apps.deleteAuthorization({
   <tbody>
     <tr><td>client_id</td><td>yes</td><td>
 
+The client ID of your GitHub app.
+
 </td></tr>
 <tr><td>access_token</td><td>no</td><td>
 

docs/apps/deleteToken.md

@@ -29,6 +29,8 @@ octokit.apps.deleteToken({
   <tbody>
     <tr><td>client_id</td><td>yes</td><td>
 
+The client ID of your GitHub app.
+
 </td></tr>
 <tr><td>access_token</td><td>no</td><td>
 

docs/apps/removeRepoFromInstallation.md

@@ -10,7 +10,7 @@ type: API method
 
 Remove a single repository from an installation. The authenticated user must have admin access to the repository.
 
-You must use a personal access token (which you can create via the [command line](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/) or the [OAuth Authorizations API](https://docs.github.com/rest/reference/oauth-authorizations#create-a-new-authorization) or [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) to access this endpoint.
+You must use a personal access token (which you can create via the [command line](https://docs.github.com/github/authenticating-to-github/creating-a-personal-access-token) or [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication)) to access this endpoint.
 
 ```js
 octokit.apps.removeRepoFromInstallation({

docs/apps/resetToken.md

@@ -30,6 +30,8 @@ octokit.apps.resetToken({
   <tbody>
     <tr><td>client_id</td><td>yes</td><td>
 
+The client ID of your GitHub app.
+
 </td></tr>
 <tr><td>access_token</td><td>yes</td><td>
 

docs/apps/scopeToken.md

@@ -0,0 +1,218 @@
+---
+name: Create a scoped access token
+example: octokit.apps.scopeToken({ client_id })
+route: POST /applications/{client_id}/token/scoped
+scope: apps
+type: API method
+---
+
+# Create a scoped access token
+
+Exchanges a non-repository scoped user-to-server OAuth access token for a repository scoped user-to-server OAuth access token. You can specify which repositories the token can access and which permissions are granted to the token. You must use [Basic Authentication](https://docs.github.com/rest/overview/other-authentication-methods#basic-authentication) when accessing this endpoint, using the OAuth application's `client_id` and `client_secret` as the username and password. Invalid tokens will return `404 NOT FOUND`.
+
+```js
+octokit.apps.scopeToken({
+  client_id,
+});
+```
+
+## Parameters
+
+<table>
+  <thead>
+    <tr>
+      <th>name</th>
+      <th>required</th>
+      <th>description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr><td>client_id</td><td>yes</td><td>
+
+The client ID of your GitHub app.
+
+</td></tr>
+<tr><td>access_token</td><td>no</td><td>
+
+**Required.** The OAuth access token used to authenticate to the GitHub API.
+
+</td></tr>
+<tr><td>target</td><td>no</td><td>
+
+The name of the user or organization to scope the user-to-server access token to. **Required** unless `target_id` is specified.
+
+</td></tr>
+<tr><td>target_id</td><td>no</td><td>
+
+The ID of the user or organization to scope the user-to-server access token to. **Required** unless `target` is specified.
+
+</td></tr>
+<tr><td>repositories</td><td>no</td><td>
+
+The list of repository IDs to scope the user-to-server access token to. `repositories` may not be specified if `repository_ids` is specified.
+
+</td></tr>
+<tr><td>repository_ids</td><td>no</td><td>
+
+The list of repository names to scope the user-to-server access token to. `repository_ids` may not be specified if `repositories` is specified.
+
+</td></tr>
+<tr><td>permissions</td><td>no</td><td>
+
+The permissions granted to the user-to-server access token.
+
+</td></tr>
+<tr><td>permissions.actions</td><td>no</td><td>
+
+The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.administration</td><td>no</td><td>
+
+The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.checks</td><td>no</td><td>
+
+The level of permission to grant the access token for checks on code. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.content_references</td><td>no</td><td>
+
+The level of permission to grant the access token for notification of content references and creation content attachments. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.contents</td><td>no</td><td>
+
+The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.deployments</td><td>no</td><td>
+
+The level of permission to grant the access token for deployments and deployment statuses. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.environments</td><td>no</td><td>
+
+The level of permission to grant the access token for managing repository environments. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.issues</td><td>no</td><td>
+
+The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.metadata</td><td>no</td><td>
+
+The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.packages</td><td>no</td><td>
+
+The level of permission to grant the access token for packages published to GitHub Packages. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.pages</td><td>no</td><td>
+
+The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.pull_requests</td><td>no</td><td>
+
+The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.repository_hooks</td><td>no</td><td>
+
+The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.repository_projects</td><td>no</td><td>
+
+The level of permission to grant the access token to manage repository projects, columns, and cards. Can be one of: `read`, `write`, or `admin`.
+
+</td></tr>
+<tr><td>permissions.secret_scanning_alerts</td><td>no</td><td>
+
+The level of permission to grant the access token to view and manage secret scanning alerts. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.secrets</td><td>no</td><td>
+
+The level of permission to grant the access token to manage repository secrets. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.security_events</td><td>no</td><td>
+
+The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.single_file</td><td>no</td><td>
+
+The level of permission to grant the access token to manage just a single file. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.statuses</td><td>no</td><td>
+
+The level of permission to grant the access token for commit statuses. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.vulnerability_alerts</td><td>no</td><td>
+
+The level of permission to grant the access token to retrieve Dependabot alerts. Can be one of: `read`.
+
+</td></tr>
+<tr><td>permissions.workflows</td><td>no</td><td>
+
+The level of permission to grant the access token to update GitHub Actions workflow files. Can be one of: `write`.
+
+</td></tr>
+<tr><td>permissions.members</td><td>no</td><td>
+
+The level of permission to grant the access token for organization teams and members. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.organization_administration</td><td>no</td><td>
+
+The level of permission to grant the access token to manage access to an organization. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.organization_hooks</td><td>no</td><td>
+
+The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.organization_plan</td><td>no</td><td>
+
+The level of permission to grant the access token for viewing an organization's plan. Can be one of: `read`.
+
+</td></tr>
+<tr><td>permissions.organization_projects</td><td>no</td><td>
+
+The level of permission to grant the access token to manage organization projects, columns, and cards. Can be one of: `read`, `write`, or `admin`.
+
+</td></tr>
+<tr><td>permissions.organization_secrets</td><td>no</td><td>
+
+The level of permission to grant the access token to manage organization secrets. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.organization_self_hosted_runners</td><td>no</td><td>
+
+The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.organization_user_blocking</td><td>no</td><td>
+
+The level of permission to grant the access token to view and manage users blocked by the organization. Can be one of: `read` or `write`.
+
+</td></tr>
+<tr><td>permissions.team_discussions</td><td>no</td><td>
+
+The level of permission to grant the access token to manage team discussions and related comments. Can be one of: `read` or `write`.
+
+</td></tr>
+  </tbody>
+</table>
+
+See also: [GitHub Developer Guide documentation](https://docs.github.com/rest/reference/apps#create-a-scoped-access-token).

docs/enterpriseAdmin/setAllowedActionsEnterprise.md

@@ -1,6 +1,6 @@
 ---
 name: Set allowed actions for an enterprise
-example: octokit.enterpriseAdmin.setAllowedActionsEnterprise({ enterprise })
+example: octokit.enterpriseAdmin.setAllowedActionsEnterprise({ enterprise, github_owned_allowed, verified_allowed, patterns_allowed })
 route: PUT /enterprises/{enterprise}/actions/permissions/selected-actions
 scope: enterpriseAdmin
 type: API method
@@ -15,6 +15,9 @@ You must authenticate using an access token with the `admin:enterprise` scope to
 ```js
 octokit.enterpriseAdmin.setAllowedActionsEnterprise({
   enterprise,
+  github_owned_allowed,
+  verified_allowed,
+  patterns_allowed,
 });
 ```
 
@@ -34,17 +37,17 @@ octokit.enterpriseAdmin.setAllowedActionsEnterprise({
 The slug version of the enterprise name. You can also substitute this value with the enterprise id.
 
 </td></tr>
-<tr><td>github_owned_allowed</td><td>no</td><td>
+<tr><td>github_owned_allowed</td><td>yes</td><td>
 
 Whether GitHub-owned actions are allowed. For example, this includes the actions in the `actions` organization.
 
 </td></tr>
-<tr><td>verified_allowed</td><td>no</td><td>
+<tr><td>verified_allowed</td><td>yes</td><td>
 
 Whether actions in GitHub Marketplace from verified creators are allowed. Set to `true` to allow all GitHub Marketplace actions by verified creators.
 
 </td></tr>
-<tr><td>patterns_allowed</td><td>no</td><td>
+<tr><td>patterns_allowed</td><td>yes</td><td>
 
 Specifies a list of string-matching patterns to allow specific action(s). Wildcards, tags, and SHAs are allowed. For example, `monalisa/octocat@*`, `monalisa/octocat@v2`, `monalisa/*`."