Removed SSLv3 support from webhooks and services
- October 16, 2014
-
kdaigle
This morning, we removed support for the ssl_version webhook configuration
option and made TLS 1.X the default cryptographic protocol to address the POODLE exploit.
You should no longer set or rely on the ssl_version configuration option.
If you have any questions or feedback, please drop us a line.
New Attributes for Issue Events API
- October 6, 2014
-
jdpace
We've made it easier to track changes to issues. The Issue Events API now provides more context for several event types:
-
assignedandunassignedevents now include anassigneeobject so you can see just who was assigned or unassigned. -
labeledandunlabeledevents include alabelobject. -
milestonedanddemilesonedevents include amilestoneobject. -
renamedevents include arenameobject with the title before and after the rename.
Check out the Issue Events API documentation for a full list of supported events. If you have any questions or feedback, please drop us a line.
One more week before the "Add team member" API breaking change
- September 23, 2014
-
jakeboxer
UPDATE (2014-09-30): In response to feedback from developers, we're delaying the breaking change to the "Add team member" API until Monday, October 6, 2014. The change will go into effect for all requests on that date.
Starting October 6, if you use the "Add team member" API to add a user to a team and that user isn't already on another team in your organization, the request will fail. To avoid this, be sure to use the "Add team membership" API.
The Organization and Team Membership APIs are now official
As promised in our blog post earlier this month, the Organization Membership and Team Membership APIs are now an official part of the GitHub API! The preview media type is no longer required to access them.
If you have any questions or feedback, please get in touch with us!
Finalizing the Organization and Team Membership APIs
- September 16, 2014
-
jakeboxer
For the past few weeks, the new Organization Membership and Team Membership APIs have been available for early access via a preview media type. As of today, these APIs are stable and suitable for production use.
Preview period ends on September 23
On September 23, 2014, these APIs will become official parts of the GitHub API v3. At that time, the preview media type will no longer be required to access these APIs.
Reminder: Breaking change to legacy endpoint
The breaking change to the "Add team member" endpoint will also go into effect for all requests on September 23, 2014. At that time, if you use the add team member endpoint to add a user to a team and that user isn't already on another team in your organization, the request will fail. To avoid this, be sure to use the add team membership endpoint.
Addition to the Organization Membership API
Thanks to your feedback, we've updated the Organization Membership API to provide direct access to basic information about the organization whenever you fetch a [list of memberships][list-org-memberships] or a [single membership][get-org-membership].
If you have any questions or feedback, please get in touch with us!
[list-org-memberships]: /v3/orgs/members/#list-organization-memberships-for-the-authenticated-user[get-org-membership]: /v3/orgs/members/#get-an-organization-membership-for-the-authenticated-user
Changing organization feeds in the Feeds API
- September 12, 2014
-
mastahyeti
We have deprecated the current_user_organization_url attribute and the
current_user_organization.href attribute in the Feeds API. If you make
use of these attributes, you'll want to update your code to use the new
current_user_organization_urls attribute instead.
Changes to the deprecated attributes
Previously, the deprecated attributes returned URI template. For example:
"current_user_organization_url":
"https://github.com/organizations/{org}/mastahyeti.private.atom?token=abc123"
The template included a deprecated authentication token. Our new tokens are valid only for a concrete feed URL (not for a URI template). Because the deprecated attributes were templates and did not specify a concrete URL, the API could not provide a token that could be used for organization feeds.
Starting today, the API returns empty values for the deprecated attributes.
New attribute for organization feeds
In order to preserve the functionality of this API, we have added a new attribute that lists specific Atom feed urls for each of the user's organizations.
"current_user_organization_urls": [
"https://github.com/organizations/github/mastahyeti.private.atom?token=abc123"
"https://github.com/organizations/requests/mastahyeti.private.atom?token=token=def456"
]
Check out the updated Feeds API documentation for the new fields. If you have any questions or feedback, please get drop us a line.
Removing Gravatar ID from user payloads
- September 5, 2014
-
mastahyeti
We have deprecated the gravatar_id attribute in the user
representation. Starting September 19,
the API will always provide an empty string as the value for this attribute.
Users have been able to upload avatars directly to GitHub for a while
now. If users
haven't uploaded an avatar, we still try to fetch one from Gravatar, but that
happens behind the scenes on GitHub's servers. As a result, the gravatar_id
attribute no longer identifies a GitHub user's canonical avatar. Instead, API
consumers should use the avatar_url to fetch a user's avatar. The avatar_url
attribute has always been present in the v3 user representation
and is the only reliable way to find a GitHub user's avatar.
If you have any questions or feedback, please get drop us a line.
Accepting organization invitations from the API
- August 28, 2014
-
jakeboxer
The upcoming Team Memberships API gives you the power to invite new GitHub users to your organization via the API. We're expanding the API to also allow users to view their organization membership statuses and accept any invitations they've received.
The new Organization Memberships API
When someone invites you to an organization, your membership with that organization begins in the "pending" state. The new [list organization memberships][list-org-memberships] endpoint allows you to find your pending memberships. You can then change them to "active" (accepting the invitation in the process) by using the [edit organization membership][edit-org-membership] endpoint.
New Team Membership API response attribute
Previously, responses from the [add team membership][add-team-membership] and get team membership endpoints included a "status" attribute, which could either be "active" or "pending". We've renamed this attribute from "status" to "state" for better consistency with our other API calls.
To give you time to update your apps, we'll keep the legacy "status" attribute around alongside the new "state" attribute until September 4th, 2014.
Preview period
The new Organization Memberships API is available for developers to preview alongside the Team Memberships API. During this period, we may change aspects of these endpoints. If we do, we will announce the changes on the developer blog, but we will not provide any advance notice.
While these new APIs are in their preview period, you'll need to provide the following custom media type in the Accept header:
application/vnd.github.the-wasp-preview+json
We expect the preview period to last 30-60 days. At the end of the preview period, the Team and Organization Memberships APIs will become official components of GitHub API v3.
If you have any questions or feedback, please get in touch with us!
[list-org-memberships]: /v3/orgs/members/#list-organization-memberships-for-the-authenticated-user[edit-org-membership]: /v3/orgs/members/#update-an-organization-membership-for-the-authenticated-user[add-team-membership]: /v3/teams/members/#add-or-update-team-membership-for-a-user
New features for the Deployments API preview
- August 15, 2014
-
atmos
We've added two new features to the Deployments API preview: the ability to query deployments and a new task attribute for different types of deployment tasks.
API changes
You can now search for deployments via query parameters to the listing endpoint. You can filter on sha, ref, task, and environment. This makes it easier to answer questions like "when was the last time someone deployed to staging?"
curl -H "Authorization: token [yours]" \
https://api.github.com/repos/octocat/my-repo/deployments?environment=staging
New attribute
We've also added a task attribute to the deployment resource. The task attribute allows you to specify tasks other than just pushing code. Popular deployment tools like capistrano and fabric support named tasks to do things like running schema migrations. We hope this attribute will give integrators the flexibility they need to provide custom functionality.
If you have any questions or feedback, please get in touch.
We're changing the way you add new members to your organization
- August 5, 2014
-
jakeboxer
Today, we're announcing a change to the way organization owners add new members to their organization.
Previously, if you were an organization owner, you could use the add team member endpoint to add any GitHub user to any team on your organization without any sort of approval from them. Now, we're increasing user security by sending invitations to users when they're added to teams on organizations that they aren't yet a part of.
With this change, if you use the add team member endpoint to add a user to a team and that user isn't already on another team in your organization, the request will fail.
The new Team Memberships API
You should change all your add team member requests to use the new add team membership endpoint. This new endpoint works exactly the same as the old one, with one important change: if the membership being added is for a user who is unaffiliated with the team's organization, that user will be sent an invitation via email.
Unlike the add team member endpoint, a successful request to the add team membership endpoint does not guarantee that the user is now a member of the team. If you're trying to migrate to the new endpoint and need to know when a user has been successfully added (not just invited) to a team, please check out TeamAddEvent.
Preview period
We're making the new Team Memberships API (and the breaking changes to the add team member API) available today for developers to preview. During this period, we may change aspects of these endpoints. If we do, we will announce the changes on the developer blog, but we will not provide any advance notice.
While these new APIs are in their preview period, you'll need to provide the following custom media type in the Accept header:
application/vnd.github.the-wasp-preview+json
We expect the preview period to last 30-60 days. At the end of the preview period, the Team Memberships API will become an official component of GitHub API v3, as will the add team member API's breaking changes.
If you have any questions or feedback, please get in touch with us!
New assigned/labeled actions for issue and pull request events
- July 28, 2014
-
jdpace
As part of the new GitHub Issues, we've added new actions to the issues and pull requests webhook events: "labeled", "unlabeled", "assigned", and "unassigned". The payload will also include the respective assignee or label for these new actions.
If you already have a webhook subscribed to the issues or pull_request events, you'll start seeing these new actions immediately. The new events can also be fetched from the issue events API.
For more information, be sure to check out our documentation for the IssuesEvent or PullRequestEvent. If you have any questions or feedback, please drop us a line.