developer.github.com/changes.atom at gh-pages · JavaLeaks/developer.github.com

History

1218 lines (956 loc) · 97.2 KB

Raw

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

657

658

659

660

661

662

663

664

665

666

667

668

669

670

671

672

673

674

675

676

677

678

679

680

681

682

683

684

685

686

687

688

689

690

691

692

693

694

695

696

697

698

699

700

701

702

703

704

705

706

707

708

709

710

711

712

713

714

715

716

717

718

719

720

721

722

723

724

725

726

727

728

729

730

731

732

733

734

735

736

737

738

739

740

741

742

743

744

745

746

747

748

749

750

751

752

753

754

755

756

757

758

759

760

761

762

763

764

765

766

767

768

769

770

771

772

773

774

775

776

777

778

779

780

781

782

783

784

785

786

787

788

789

790

791

792

793

794

795

796

797

798

799

800

801

802

803

804

805

806

807

808

809

810

811

812

813

814

815

816

817

818

819

820

821

822

823

824

825

826

827

828

829

830

831

832

833

834

835

836

837

838

839

840

841

842

843

844

845

846

847

848

849

850

851

852

853

854

855

856

857

858

859

860

861

862

863

864

865

866

867

868

869

870

871

872

873

874

875

876

877

878

879

880

881

882

883

884

885

886

887

888

889

890

891

892

893

894

895

896

897

898

899

900

901

902

903

904

905

906

907

908

909

910

911

912

913

914

915

916

917

918

919

920

921

922

923

924

925

926

927

928

929

930

931

932

933

934

935

936

937

938

939

940

941

942

943

944

945

946

947

948

949

950

951

952

953

954

955

956

957

958

959

960

961

962

963

964

965

966

967

968

969

970

971

972

973

974

975

976

977

978

979

980

981

982

983

984

985

986

987

988

989

990

991

992

993

994

995

996

997

998

999

1000

<?xml version="1.0" encoding="UTF-8"?>

<id>http://developer.github.com/</id>

<title>GitHub API Changes</title>

<name>technoweenie</name>

<uri>https://github.com/technoweenie</uri>

</author>

<entry>

<id>tag:developer.github.com,2015-03-09:/changes/2015-03-09-licenses-api/</id>

<title type="html">Licenses API</title>

<name>benbalter</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">We’re introducing a new <a href="/v3/licenses">license API</a> preview to support <a href="https://github.com/blog/1964-license-usage-on-github-com">open source license usage on GitHub.com</a>.

To access the API during the preview period, you must provide a custom <a href="/v3/media">media type</a> in the <code>Accept</code> header:

<pre><code>application/vnd.github.drax-preview+json

</code></pre>

This will then expose two new API endpoints. You can get a list of all known licenses:

<pre><code>GET /licenses

</code></pre>

Or get information about a particular license:

<pre><code>GET /licenses/mit

</code></pre>

When the preview media type is passed, the repository api will also return information about a repository’s license file when you get an individual repository:

<pre><code>GET /repos/github/hubot

</code></pre>

For more information, see the <a href="/v3/licenses/">licenses API documentation</a>, and if you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Licenses+API">let us know</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-02-24:/changes/2015-02-24-more-time-to-prepare-for-the-breaking-changes-to-organization-permissions/</id>

<title type="html">More time to prepare for the breaking changes to organization permissions</title>

<name>jakeboxer</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">After listening to your feedback on the upcoming <a href="/changes/2014-12-08-organization-permissions-api-preview/">breaking changes to organization permissions</a>, we’re giving developers more time to update their applications. We’ll announce an updated timeline for these changes in the coming weeks.

In the meantime, if your application relies on any of the affected functionality described in our <a href="/changes/2014-12-08-organization-permissions-api-preview/">previous blog post</a>, please update your code to account for these changes. If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Organization+Permissions+API">get in touch with us</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-02-19:/changes/2015-02-20-migration-period-removing-authorizations-token/</id>

<title type="html">Breaking changes to Authorizations API responses on April 20</title>

<name>ptoomey3</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">A couple weeks ago we <a href="/changes/2015-02-03-removing-authorizations-token-update/">extended the preview period</a> of several API changes related to managing OAuth application authorizations. Today, we’re finalizing these changes. This new functionality is now stable and suitable for production use. If your application relies on any of the affected functionality (described below), be sure to update your code before April 20 to account for these changes.

<h3 id="breaking-changes-coming-on-april-20">Breaking changes coming on April 20</h3>

If your application uses any of the following APIs, then you may be affected by this change:

<ul>

<li>The <a href="/v3/oauth_authorizations/#list-your-authorizations">List your authorizations</a> API</li>

<li>The <a href="/v3/oauth_authorizations/#get-a-single-authorization">Get a single authorization</a> API</li>

<li>The <a href="/v3/oauth_authorizations/#get-or-create-an-authorization-for-a-specific-app">Get-or-create an authorization for a specific app</a> API (<code>token</code> is still returned for “create”)</li>

<li>The <a href="/v3/oauth_authorizations/#get-or-create-an-authorization-for-a-specific-app-and-fingerprint">Get-or-create an authorization for a specific app and fingerprint</a> API (<code>token</code> is still returned for “create”)</li>

<li>The <a href="/v3/oauth_authorizations/#update-an-existing-authorization">Update an existing authorization</a> API</li>

</ul>

If your application uses these APIs, we urge you to update your application as soon as possible. (Read <a href="/changes/2014-12-08-removing-authorizations-token/">the December announcement</a> for more details on the changes.)

Starting today, we’re offering a migration period allowing applications to opt in to these changes (as described below). On April 20, these changes will become official parts of the GitHub API v3. At that time, these changes will apply to all API consumers.

<h3 id="migration-period">Migration period</h3>

During the migration period, you can opt-in to these changes using the following custom media type in the <code>Accept</code> header:

<pre><code>application/vnd.github.mirage-preview+json

</code></pre>

We want to make these updates as smooth as possible for everyone, and we hope that the migration period gives you flexibility to adopt these changes on your own schedule. If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Removing+authorizations+token">get in touch with us</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-02-18:/changes/2015-02-18-new-releases-api-methods/</id>

<title type="html">New Releases API methods</title>

<name>pengwynn</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">We’ve added two new methods to the <a href="/v3/repos/releases/">Releases API</a>. You can now get the <a href="/v3/repos/releases/#get-the-latest-release">latest published release</a> for a repository.

<pre><code>GET /repos/:owner/:repo/releases/latest

</code></pre>

You can also get a <a href="/v3/repos/releases/#get-a-release-by-tag-name">release by tag name</a>.

<pre><code>GET /repos/:owner/:repo/releases/tags/:tag

</code></pre>

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=New+Releases+API+methods">get in touch</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-02-03:/changes/2015-02-03-removing-authorizations-token-update/</id>

<title type="html">Removing token attribute from Authorizations API responses (Update)</title>

<name>ptoomey3</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">In December, we <a href="/changes/2014-12-08-removing-authorizations-token/">released a preview</a> of several API changes related to managing OAuth application authorizations. As part of those changes we introduced several new response attributes (<code>token_last_eight</code>, <code>hashed_token</code>, and <code>fingerprint</code>) to the Authorizations API. We have decided to modify <code>hashed_token</code> to return the SHA-256 hex digest of the associated token instead of Base64. Given that Base64 has several common variants (original, URL safe, etc) we decided that returning the value as hex is less ambiguous and will be more useful for developers.

<h3 id="extended-preview-period">Extended preview period</h3>

Because of the change to <code>hashed_token</code>, we are extending the preview period by two weeks. If no additional changes are made during this extended preview period we will announce the end of the preview and beginning of the eight week migration period on February 17. The migration period will allow applications to opt in to these changes before they become an official part of the GitHub API v3.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Removing+authorizations+token">drop us a line</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-01-19:/changes/2015-01-19-an-integrators-guide-to-organization-application-policies/</id>

<title type="html">An integrator's guide to organization application policies</title>

<name>pengwynn</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">As we <a href="https://github.com/blog/1941-organization-approved-applications">announced over on the GitHub blog</a>, organization admins can now

control how third-party applications access their organization data. Allowing

admins to approve or deny applications will ultimately result in deeper trust

and increase overall adoption of integrations within organizations on GitHub.

As an integrator, here’s what you need to know about organization application

policies and how this feature could impact your application.

<h3 id="guiding-principles">Guiding principles</h3>

We’ve tried to strike the right balance between organization privacy and the

user experience for integrators and end users. Organizations should be able to

prevent applications they do not trust from accessing their organization data

without creating a multitude of new edge cases for integrators.

With that goal in mind, the feature works like this: if an organization’s

application policy prevents an application from accessing its resources, the

API behaves as if the authenticating user is not a member of the

organization. Specifically, this means an application authenticating on

behalf of a user using OAuth will have:

<ul>

<li>

Read-only access to public resources. Organization-owned public

repositories, issues, and other resources will be visible via the API and

show up in resource listings, but mutating methods (<code>POST</code>, <code>PATCH</code>, <code>PUT</code>,

and <code>DELETE</code>) will return status <code>403</code>.</li>

<li>

No access to private resources. Organization-owned private repositories,

issues, and other resources will not be visible via the API and will not

show up in resource <a href="/v3/issues/#list-issues">listings</a> that co-mingle public and private

resources. Hooks for these private repositories are muted and will not be

delivered as long as the application is restricted by the organization.</li>

</ul>

Since applications should already handle the scenario where a user loses access

to organization resources, this reduces the work integrators need to do.

<h3 id="checking-organization-access">Checking organization access</h3>

As organization admins adopt application whitelists and restrict third-party

application access to organization resources, your application may lose access

to those resources. If an organization member is not aware of the new access

policy, they may wonder why their private repositories or other resources no

longer work or show up in your application.

There are a couple ways to help troubleshoot access for your end users.

<ul>

<li>

Via the GitHub UI. The simplest way to help end users understand how

organization access policies affect their access to your application is to

provide a link to <a href="https://help.github.com/articles/requesting-organization-approval-for-your-authorized-applications/">their authorization details</a>

under their GitHub account settings as <a href="/v3/oauth/#directing-users-to-review-their-access-for-an-application">described in the OAuth

documentation</a>.

</li>

<li>

Via the API. For an even better user experience, <a href="/guides/discovering-resources-for-a-user/">use the

API</a> to list which user organizations your application

can access, and provide users with the link mentioned above to request

access from their organization admins.

</li>

</ul>

<h3 id="listing-accessible-organization-resources">Listing accessible organization resources</h3>

In addition to checking access to a user’s organizations, you’ll want to ensure

you’re discovering their accessible resources in the most efficient way. Recent

changes to the <a href="/v3/repos/#list-your-repositories">Respositories API</a> might reduce the API calls

your application needs to make to find a user’s repositories across all of

their organization mememberships.

<h3 id="ensuring-uninterrupted-ssh-access">Ensuring uninterrupted SSH access</h3>

Since applications should already handle the scenario where a user loses access

to organization resources (e.g., when a user leaves an organization), this

reduces the work integrators need to do. Keys created by OAuth applications (or

those created before GitHub started tracking that information) will not have

access to repositories owned by organizations that restrict third-party

applications. If your application uses keys created before February 24,

2014, you <a href="/changes/2014-12-12-replace-older-ssh-keys-created-by-your-application/">should replace those older keys</a> to ensure things keep

running smoothly for your application.

This is a big feature, and we’re sure it will impact many of our integrators as

organizations adopt third-party application restrictions. We also think it

provides a huge net benefit for integrators as organizations choose to use

OAuth integrations with more confidence.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Organization+Access+Policies+help+for+integrators">get in touch</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-01-08:/changes/2015-01-08-discovering-resources-for-a-user/</id>

<title type="html">New guide: Discovering resources for a user</title>

<name>jasonrudolph</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">Is your application taking advantage of the recommended workflow for discovering a user’s repositories and organizations? With the <a href="/changes/2014-12-08-organization-permissions-api-preview/">recent improvements to the API</a>, the process is simpler than ever. In our newest guide, we show you how to <a href="/guides/discovering-resources-for-a-user/">reliably identify the resources that your app can access for a given user</a>.

If you have any questions or feedback, we’d love to <a href="https://github.com/contact?form%5Bsubject%5D=API+v3:+Discovering+resources+for+a+user">hear from you</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2015-01-07:/changes/2015-01-07-prepare-for-organization-permissions-changes/</id>

<title type="html">Prepare for upcoming organization permissions changes</title>

<name>jakeboxer</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">Last month, we <a href="/changes/2014-12-08-organization-permissions-api-preview/">released a preview</a> of several API changes related to managing organization members and repositories. Today, we’re finalizing these changes. This new functionality is now stable and suitable for production use. If your application relies on any of the affected functionality (described below), be sure to update your code before February 24 to account for these changes.

<h3 id="breaking-changes-coming-on-february-24">Breaking changes coming on February 24</h3>

If your application uses any of the following APIs, then you are affected by this change:

<ul>

<li>APIs for managing your organization’s admins through the Owners team</li>

<li>The <a href="/v3/repos/#list-your-repositories">List your repositories</a> API</li>

<li>The <a href="/v3/orgs/#list-your-organizations">List your organizations</a> API</li>

<li>The <a href="/v3/orgs/#list-user-organizations">List user organizations</a> API</li>

</ul>

If your application uses these APIs, we urge you to update your application as soon as possible. (Read <a href="/changes/2014-12-08-organization-permissions-api-preview/">last month’s announcement</a> for more details on the changes.)

Starting today, we’re offering a migration period allowing applications to opt in to these changes (as described below). On February 24, these changes will become official parts of the GitHub API v3. At that time, these changes will apply to all API consumers.

<h3 id="migration-period">Migration period</h3>

During the migration period, you can opt-in to these changes using the following custom media type in the <code>Accept</code> header:

<pre><code>application/vnd.github.moondragon+json

</code></pre>

We want to make these updates as smooth as possible for everyone, and we hope that the migration period gives you flexibility to adopt these changes on your own schedule. If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Organization+Permissions+API">get in touch with us</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-12-12:/changes/2014-12-12-replace-older-ssh-keys-created-by-your-application/</id>

<title type="html">Replace older SSH keys created by your application</title>

<name>jasonrudolph</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">Back in February, we <a href="/changes/2014-02-24-finer-grained-scopes-for-ssh-keys/#keys-are-now-immutable">improved the security audit trail for SSH keys</a>. Soon, organizations will be able to block access for SSH keys that were created prior to those improvements. If your application relies on <a href="/guides/managing-deploy-keys/#deploy-keys">deploy keys</a> or <a href="/v3/users/keys/">user keys</a> for repository access, we recommend replacing any keys created before February 24, 2014.

To ensure that your application is not affected by organizations blocking access to these keys, you should replace the affected keys by January 15, 2015.

<h2 id="how-should-you-replace-these-keys">How should you replace these keys?</h2>

We recommend the following steps for identifying and replacing the affected keys.

<h3 id="identify-the-affected-keys">1. Identify the affected keys</h3>

You only need to replace keys that your application created prior to February 24, 2014. If you don’t know when your app created a given key, you can get the creation timestamp from the API. The <code>created_at</code> property is available for <a href="/v3/repos/keys/">deploy keys</a> and for <a href="/v3/users/keys/#list-your-public-keys">user keys</a>.

<h3 id="inform-the-affected-users">2. Inform the affected users</h3>

Once you know which keys you need to replace, we recommend that you inform the affected users.

For security, GitHub automatically sends an email to a user whenever a new SSH key is added to their account. Similarly, when a new deploy key is added to a repository, GitHub sends an email to the repository’s administrators. When you replace your application’s old keys with new ones, GitHub will email the affected users. To avoid surprising those users, you should alert them that you’ll be replacing your keys. You may want to include a link to this post in your message.

Use the API to add the new <a href="/v3/repos/keys/#create">deploy key</a> or <a href="/v3/users/keys/#create-a-public-key">user key</a>.

<h3 id="delete-the-old-key">4. Delete the old key</h3>

Once your application is using the new key, use the API to delete the old one. There’s an <a href="/v3/repos/keys/#delete">API for deleting deploy keys</a> and an <a href="/v3/users/keys/#delete-a-public-key">API for deleting user keys</a>.

As always, if you have any questions or concerns, please <a href="https://github.com/contact?form%5Bsubject%5D=Replace+SSH+keys+created+by+application">get in touch</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-12-09:/changes/2014-12-09-new-attributes-for-stars-api/</id>

<title type="html">New Attributes for Starring API</title>

<name>arfon</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">You can now see when a user starred a repository. To receive the new response format containing the <code>starred_at</code> field, request the new media type:

<pre><code>curl -H "Accept: application/vnd.github.v3.star+json" https://api.github.com/users/andrew/starred

</code></pre>

Note the starred repository is now available in the repo field.

<h3 id="feedback">Feedback</h3>

If you have any questions or feedback about these changes, please <a href="https://github.com/contact?form%5Bsubject%5D=New+Attributes+for+Starring+API">drop us a line</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-12-08:/changes/2014-12-08-organization-permissions-api-preview/</id>

<title type="html">Preview the upcoming organization permission changes</title>

<name>jakeboxer</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">UPDATE (2014-12-12): The <a href="/v3/orgs/#list-your-organizations">List your organizations</a> API is now included in this preview as well.

We have some upcoming changes that will affect the way organization members and repositories are managed. The most important changes are:

<ul>

<li>The Owners team will no longer be special.</li>

<li>The <a href="/v3/repos/#list-your-repositories">List your repositories</a> API will include organization-owned repositories.</li>

<li>The <a href="/v3/orgs/#list-user-organizations">List user organizations</a> API will only include public organization memberships.</li>

<li>The <a href="/v3/orgs/#list-your-organizations">List your organizations</a> API will require <code>user</code> scope or <code>read:org</code> scope.</li>

</ul>

<h2 id="whats-happening-to-the-owners-team">What’s happening to the Owners team?</h2>

Currently, members of your Owners team are administrators of your organization. Soon, your Owners team will become a totally normal team. Adding and removing Owners team members won’t change their administrator status anymore. Instead, you’ll be able to directly grant admin permissions to your organization’s members without adding them to any special teams.

We won’t delete your Owners team, but you’ll be able to delete or rename it yourself if you want. Organizations created after the change won’t have an Owners team.

<h3 id="what-should-you-do">What should you do?</h3>

In preparation for this change to the Owners team, we’re releasing a few new APIs. You’ll be able to use these APIs to manage organization admins without relying on the Owners team.

<h4 id="adding-an-organization-admin">Adding an organization admin</h4>

To add a new organization admin, use the new <a href="/v3/orgs/members/#add-or-update-organization-membership">Add or update organization membership</a> endpoint, specifying a role of <code>"admin"</code> in the request body. This replaces adding or inviting people to the Owners team.

<h4 id="removing-an-organization-admin">Removing an organization admin</h4>

To remove someone from the organization role but keep them as a member of their teams, use the new <a href="/v3/orgs/members/#add-or-update-organization-membership">Add or update organization membership</a> endpoint, specifying a role of <code>"member"</code> in the request body. This replaces removing people from the Owners team.

<h4 id="listing-organization-admins">Listing organization admins</h4>

To get a list of all your organization’s admins, use the <a href="/v3/orgs/members/#members-list">Organization members list</a> endpoint, specifying a role of <code>"admin"</code> in the query string. This replaces listing the members of the Owners team.

<h4 id="checking-if-someone-is-an-organization-admin">Checking if someone is an organization admin</h4>

To check if a given user is an organization admin, use the new <a href="/v3/orgs/members/#get-organization-membership">Get organization membership</a> endpoint. If the returned <code>"role"</code> attribute is set to <code>"admin"</code> and the returned <code>"state"</code> attribute is set to <code>"active"</code>, the user is an organization admin. This replaces checking if a user is on the Owners team.

<h2 id="whats-happening-to-the-list-your-repositories-api">What’s happening to the “List your repositories” API?</h2>

Currently, the <a href="/v3/repos/#list-your-repositories">List your repositories</a> API only returns repositories that are owned by users, not by organizations. If you want a list of all the repositories that the authenticated user has access to, you need to use multiple API methods.

Soon, this API will include all repositories that the authenticated user has access to (whether they’re owned by a user or by an organization).

<h3 id="what-should-you-do-1">What should you do?</h3>

Many apps use the <a href="/v3/repos/#list-your-repositories">List your repositories</a> API in conjunction with the <a href="/v3/orgs/#list-your-organizations">List your organizations</a> and <a href="/v3/repos/#list-organization-repositories">List organization repositories</a> APIs to build up a list of all the repositories the authenticated user has access to. If your app is doing this, you’ll be able to get rid of all the organization-related API calls and just use the <a href="/v3/repos/#list-your-repositories">List your repositories</a> API.

If your app uses the <a href="/v3/repos/#list-your-repositories">List your repositories</a> API for another purpose, you’ll need to update your app to handle the new organization-owned repositories we’ll be returning.

<h2 id="whats-happening-to-the-list-user-organizations-api">What’s happening to the “List user organizations” API?</h2>

The <a href="/v3/orgs/#list-user-organizations">List user organizations</a> API is intended provide <a href="https://help.github.com/articles/publicizing-or-concealing-organization-membership">public organization memberships</a> for any user. When you use this API to fetch your own organizations, this API currently returns your public and private organization memberships.

Soon, this API will only return public organization memberships.

<h3 id="what-should-you-do-2">What should you do?</h3>

If your app uses the <a href="/v3/orgs/#list-user-organizations">List user organizations</a> API to fetch all of the organization memberships (public and private) for the authenticated user, you’ll need to update your app to use the <a href="/v3/orgs/#list-your-organizations">List your organizations</a> API instead. The <a href="/v3/orgs/#list-your-organizations">List your organizations</a> API returns all organizations (public and private) that your app is authorized to access.

<h2 id="whats-happening-to-the-list-your-organizations-api">What’s happening to the “List your organizations” API?</h2>

OAuth requests will soon require minimum <a href="/v3/oauth/#scopes">scopes</a> in order to access the <a href="/v3/orgs/#list-your-organizations">List your organizations</a> API.

Currently, the API response always includes your <a href="https://help.github.com/articles/publicizing-or-concealing-organization-membership">public organization memberships</a>, regardless of the OAuth scopes associated with your request. If you have <code>user</code>, <code>read:org</code>, <code>write:org</code>, or <code>admin:org</code> scope, the response also includes your private organization memberships.

Soon, this API will only return organizations that your authorization allows you to operate on in some way (e.g., you can list teams with <code>read:org</code> scope, you can publicize your organization membership with <code>user</code> scope, etc.). Therefore, this API will require at least <code>user</code> or <code>read:org</code> scope. (<code>write:org</code> and <code>admin:org</code> scope implicitly include <code>read:org</code> scope.) OAuth requests with insufficient scope will receive a <code>403 Forbidden</code> response.

<h3 id="what-should-you-do-3">What should you do?</h3>

If you <a href="/v3/auth/#via-username-and-password">authenticate via username and password</a>, you are not affected by this change.

If your app only needs to fetch the user’s public organization memberships, you should use the <a href="/v3/orgs/#list-user-organizations">List user organizations</a> API instead. Since that API only returns public information, it does not require any scopes.

<h2 id="preview-period">Preview period</h2>

Starting today, these new APIs are available for developers to preview. We expect the preview period to last for four weeks. (Stay tuned to the developer blog for updates.) At the end of the preview period, these additions will become official components of the GitHub API.

While these additions are in their preview period, you’ll need to provide the following custom media type in the <code>Accept</code> header:

<pre><code>application/vnd.github.moondragon-preview+json

</code></pre>

During the preview period, we may change aspects of these endpoints. If we do, we will announce the changes on the developer blog, but we will not provide any advance notice.

<h2 id="migration-period">Migration period</h2>

At the end of the preview period, we will announce the start of a migration period. At that time, developers should update their applications to use the new APIs for managing organization admins. During this period, you will still be able to use the Owners team to manage your organization’s admins, so that you have time to update your applications to use the new APIs without breakage. We expect the migration period to last for four weeks.

At the end of the migration period, the Owners team will no longer be special, and you’ll no longer be able to rely on it for managing organization admins.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Organization+Admin+Pre-release+Preview">get in touch with us</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-12-08:/changes/2014-12-08-removing-authorizations-token/</id>

<title type="html">Removing token attribute from Authorizations API responses</title>

<name>ptoomey3</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">Since OAuth access tokens function like passwords, they should be treated with

care. Today we are making it easier to more securely work with authorizations

via the Authorizations API. We are deprecating the use use of the <code>token</code>

attribute in the majority of the <a href="/v3/oauth_authorizations/">Authorizations API</a>

responses. For the <a href="/v3/oauth_authorizations/#deprecation-notice">affected APIs</a>, the

<code>token</code> attribute will soon return an empty string. To get ready for that

change, we are giving developers a chance to

<a href="#preview-period">preview the updated API</a> starting today.

<h2 id="whats-changing">What’s changing?</h2>

The current <a href="/v3/oauth_authorizations/">OAuth Authorizations API</a> requires GitHub to store the full value for

each OAuth token on our servers. In order to increase the security for our

users, we are changing our architecture to store the SHA-256 digest of OAuth

tokens instead. GitHub securely hashes user passwords using bcrypt and we want

to provide comparable security for OAuth tokens as well.

Rest assured that this change is an entirely proactive measure from GitHub and is not associated with any security incident.

<h2 id="who-is-affected">Who is affected?</h2>

This change affects any code that relies on accessing the <code>token</code> attribute from

<a href="/v3/oauth_authorizations/#deprecation-notice">these OAuth Authorizations API responses</a>.

For example, our own <a href="https://mac.github.com/">GitHub for Mac</a> and

<a href="https://windows.github.com/">GitHub for Windows</a> applications relied on reading the <code>token</code>

from the <a href="/v3/oauth_authorizations/#get-or-create-an-authorization-for-a-specific-app">Get-or-create an authorization for a specific app</a> API, in order to support multiple installations of our desktop application for a single user.

<h2 id="what-should-you-do">What should you do?</h2>

In order to reduce the impact of removing the <code>token</code> attribute, the OAuth

Authorizations API has added a new request attribute (<code>fingerprint</code>), added

three new response attributes (<code>token_last_eight</code>, <code>hashed_token</code>, and

<code>fingerprint</code>), and added <a href="/v3/oauth_authorizations/#get-or-create-an-authorization-for-a-specific-app-and-fingerprint">one new API</a>.

While these new APIs and attributes do not replace the full functionality that

previously existed, they can be used in place of <code>token</code> for most common use cases.

<ul>

<li>

<code>token_last_eight</code> returns the last eight characters of the associated OAuth

token. As an example, <code>token_last_eight</code> could be used to display a list of

partial token values to help a user manage their OAuth tokens.

</li>

<li>

<code>hashed_token</code> is the base64 of the SHA-256 digest of the token.

<code>hashed_token</code> could be used to programmatically validate that a given token

matches an authorization returned by the API.

</li>

<li>

<code>fingerprint</code> is a new optional request parameter that allows an OAuth

application to create multiple authorizations for a single user. <code>fingerprint</code>

should be a string that distinguishes the new authorization from others

for the same client ID and user.

For example, to differentiate installations of a desktop application across

multiple devices you might set <code>fingerprint</code> to

<code>SHA256_HEXDIGEST("GitHub for Mac - MAC_ADDRESS_OF_MACHINE")</code>. Since

<code>fingerprint</code> is not meant to be a user-facing value, you should still set

the <code>note</code> attribute to help a user differentiate between authorizations on their

<a href="https://github.com/settings/applications">OAuth applications listing on GitHub</a>.

</li>

<li>

<a href="/v3/oauth_authorizations/#get-or-create-an-authorization-for-a-specific-app-and-fingerprint">Get-or-create an authorization for a specific app and fingerprint</a>

is a new API that is analagous to the

<a href="/v3/oauth_authorizations/#get-or-create-an-authorization-for-a-specific-app">Get-or-create an authorization for a specific app</a>

API, but adds support for the new <code>fingerprint</code> request parameter.

</li>

</ul>

<h2 id="preview-period">Preview period</h2>

We are making the new Authorizations API available today for developers to

preview. During this period, we may change aspects of these endpoints. If we do,

we will announce the changes on the developer blog, but we will not provide any

advance notice.

While these new APIs are in their preview period, you’ll need to provide the

following custom media type in the Accept header:

<pre><code>application/vnd.github.mirage-preview+json

</code></pre>

We expect the preview period to last 4-6 weeks. (Stay tuned to the developer blog for updates.) At the end of the preview period, these changes will become an official and stable part of GitHub API.

<h2 id="migration-period">Migration period</h2>

At the end of the preview period, we will announce the start of a migration period. Developers will have 8 weeks to update existing code to use the new APIs.

<h2 id="why-sha-256-over-bcrypt">Why SHA-256 over bcrypt?</h2>

Some users may be curious why we are not using bcrypt to hash our OAuth tokens

like we do for user passwords. Bcrypt is purposefully computationally expensive

in order to mitigate brute force attacks against low entropy passwords. However,

OAuth tokens are highly random and are not susceptible to brute force attacks.

Given that OAuth token validation occurs for each request to the API we chose

SHA-256 for performance reasons.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Removing+authorizations+token">drop us a line</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-12-03:/changes/2014-12-03-preview-the-new-organization-webhooks-api/</id>

<title type="html">Preview the New Organization Webhooks API</title>

<name>jdpace</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">Today we’re very excited <a href="https://github.com/blog/1933-introducing-organization-webhooks">to announce Organization Webhooks</a>.

Organization Webhooks allow you to subscribe to events that happen across an

entire organization.

In addition to being able to subscribe to the existing repository oriented

events across an organization, we’re also adding some new events which are

exclusive to organization webhooks. The new <a href="/v3/activity/events/types/#repositoryevent"><code>repository</code>

event</a> allows you to receive webhook payloads when a new

repository is created. By subscribing to the <a href="/v3/activity/events/types/#membershipevent"><code>membership</code>

event</a>, you’ll be notified whenever a user is added or

removed from a team.

We’re making this new API for Organization Webhooks available today <a href="/v3/orgs/hooks/#preview-period">for

developers to preview</a>. The preview period will allow us to <a href="https://github.com/contact?form%5Bsubject%5D=Organization+Webhooks">get

your feedback</a> before declaring the Organization Webhooks API final.

We expect the preview

period to last for roughly 30-60 days.

As we discover opportunities to improve the API during the preview period, we

may ship changes that break clients using the preview version of the API. We

want to iterate quickly. To do so, we will announce any changes here (on the

developer blog), but we will not provide any advance notice.

At the end of preview period, the Organization Webhooks API will become an

official component of GitHub API v3. At that point, the new Organization

Webhooks API will be stable and suitable for production use.

We hope you’ll take it for a spin and <a href="https://github.com/contact?form%5Bsubject%5D=Organization+Webhooks">send us your feedback</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-11-25:/changes/2014-11-25-the-deployments-api-is-official/</id>

<title type="html">The Deployments API is official</title>

<name>atmos</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">We’re happy to announce that the <a href="/v3/repos/deployments">Deployments API</a> is officially part

of GitHub API v3. We now consider it stable for production use.

Thanks to everyone who provided feedback during the preview period. We got

some great feedback, and hope this feature helps you build the tools you

need to make GitHub the best place to ship exactly the way you want.

<h3 id="preview-media-type-no-longer-needed">Preview media type no longer needed</h3>

If you used the Deployments API during the preview period, you needed to

provide a custom media type in the <code>Accept</code> header:

<pre><code>application/vnd.github.cannonball-preview+json

</code></pre>

Now that the preview period has ended, you no longer need to pass this custom

media type.

Instead, we <a href="/v3/media">recommend</a> that you specify <code>v3</code> as the version in the

<code>Accept</code> header:

<pre><code>application/vnd.github.v3+json

</code></pre>

<h3 id="feedback">Feedback</h3>

We’ll never be done listening to you! As always, please don’t hesitate to

<a href="https://github.com/contact?form%5Bsubject%5D=Deployments+API">share your feedback</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-10-29:/changes/2014-10-24-status-api-limits/</id>

<title type="html">Status API Limits</title>

<name>rsanheim</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">To ensure a high level of service for all API consumers, we will soon limit the number of <a href="/v3/repos/statuses/">statuses</a>

to 1000 per commit SHA, repository, and context.

Beginning Monday, November 3rd, we will trim existing data sets that exceed this limit, deleting the oldest

records first. Attempts to create statuses beyond that limit will result in a <a href="https://developer.github.com/v3/#client-errors">validation error</a>.

If you have any feedback or questions, please don’t hesistate to <a href="https://github.com/contact?form%5Bsubject%5D=Combined+Status+API">contact</a> us.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-10-21:/changes/2014-10-21-deployment-webhook-payload-changes/</id>

<title type="html">Deployment webhook payload changes</title>

<name>atmos</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">On November 4th, 2014, we will begin sending a new format for <a href="https://developer.github.com/v3/activity/events/types/#deploymentevent">deployment</a> and <a href="https://developer.github.com/v3/activity/events/types/#deploymentstatusevent">deployment status</a> payloads for webhooks. In the meantime we’ll be running in a compatability mode that will give integrators the time needed to start taking advantage of the new format. Integrators who are working with webhooks and deployments are advised to upgrade to the new payload format to avoid service interruption.

This change brings the payloads for these events more inline with the responses you’d receive from the API. Instead of having deployment and deployment status attributes as top-level keys, we will now nest them under <code>deployment</code> and <code>deployment_status</code> keys. Since we’re still in the <a href="https://developer.github.com/changes/2014-01-09-preview-the-new-deployments-api/">preview period</a> for the deployments API we felt it was best to correct this inconsistency now.

<h2 id="deploymentevent-changes">DeploymentEvent Changes</h2>

<h4 id="old-format">Old Format</h4>

<pre><code class="language-javascript highlight">{

"id": 42,

"sha": "deadbeef",

"ref": "master",

"task": "deploy",

"name": "my-org/our-app",

"environment": "production",

"payload": {…},

"description": "Deploying master",

"repository": {…},

"sender": {…}

}</code></pre>

<h4 id="current-format---20141022">Current Format - 2014/10/22</h4>

<pre><code class="language-javascript highlight">{

"id": 42,

"sha": "deadbeef",

"ref": "master",

"task": "deploy",

"name": "my-org/our-app",

"environment": "production",

"payload": {…},

"description": "Deploying master",

"repository": {…},

"deployment": {

"url": "https://api.github.com/repos/my-org/our-app/deployments/42",

"id": 42,

"sha": "deadbeef",

"ref": "master",

"task": "deploy",

"environment": "production",

"payload": {…},

"description": "Deploying master",

"creator": {…},

"created_at": "2014-09-23T16:37:49Z",

"updated_at": "2014-09-23T16:37:49Z",

"statuses_url": "https://api.github.com/repos/my-org/our-app/deployments/42/statuses"

},

"sender": {…}

}</code></pre>

<h4 id="new-format---20141105">New Format - 2014/11/05</h4>

<pre><code class="language-javascript highlight">{

"deployment": {

"url": "https://api.github.com/repos/my-org/our-app/deployments/42",

"id": 42,

"sha": "deadbeef",

"ref": "master",

"task": "deploy",

"environment": "production",

"payload": {…},

"description": "Deploying master",

"creator": {…},

"created_at": "2014-09-23T16:37:49Z",

"updated_at": "2014-09-23T16:37:49Z",

"statuses_url": "https://api.github.com/repos/my-org/our-app/deployments/42/statuses"

},

"repository": {…},

"sender": {…}

}</code></pre>

<h2 id="deploymentstatusevent-changes">DeploymentStatusEvent Changes</h2>

<h4 id="old-format-1">Old Format</h4>

<pre><code class="language-javascript highlight">{

"id": 2600,

"state": "success",

"deployment": {…},

"target_url": "https://gist.github.com/deadbeef",

"description": "Deployment was successful",

"repository": {…},

"sender": {…}

}</code></pre>

<h4 id="current-format---20141022-1">Current Format - 2014/10/22</h4>

<pre><code class="language-javascript highlight">{

"id": 2600,

"state": "success",

"target_url": "https://gist.github.com/deadbeef",

"description": "Deployment was successful",

"repository": {…},

"deployment_status": {

"url": "https://api.github.com/repos/my-org/our-app/deployments/42/statuses2600",

"id": 2600,

"state": "success",

"creator": {…},

"target_url": "https://gist.github.com/deadbeef",

"description": "Deployment was successful",

"created_at": "2014-09-23T16:45:49Z",

"updated_at": "2014-09-23T16:45:49Z",

"deployment_url": "https://api.github.com/repos/my-org/our-app/deployments/42",

"repository_url": "https://api.github.com/repos/my-org/our-app"

},

"deployment": {…},

"sender": {…}

}</code></pre>

<h4 id="new-format---20141105-1">New Format - 2014/11/05</h4>

<pre><code class="language-javascript highlight">{

"deployment_status": {

"url": "https://api.github.com/repos/my-org/our-app/deployments/42/statuses2600",

"id": 2600,

"state": "success",

"creator": {…},

"target_url": "https://gist.github.com/deadbeef",

"description": "Deployment was successful",

"created_at": "2014-09-23T16:45:49Z",

"updated_at": "2014-09-23T16:45:49Z",

"deployment_url": "https://api.github.com/repos/my-org/our-app/deployments/42",

"repository_url": "https://api.github.com/repos/my-org/our-app"

},

"deployment": {…},

"repository": {…},

"sender": {…}

}</code></pre>

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Deployments+API">get in touch</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-10-16:/changes/2014-10-16-removed-ssl-version-3-support-from-webhooks-and-services/</id>

<title type="html">Removed SSLv3 support from webhooks and services</title>

<name>kdaigle</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">This morning, we <a href="https://github.com/github/github-services/pull/949">removed support</a> for the <code>ssl_version</code> webhook configuration

option and made <code>TLS 1.X</code> the default cryptographic protocol to address the <a href="https://www.openssl.org/~bodo/ssl-poodle.pdf">POODLE exploit</a>.

You should no longer set or rely on the <code>ssl_version</code> configuration option.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Removed+SSLv3+support+from+webhooks+and+services">drop us a line</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-10-06:/changes/2014-10-06-new-attributes-for-issue-events-api/</id>

<title type="html">New Attributes for Issue Events API</title>

<name>jdpace</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">We’ve made it easier to track changes to issues. The Issue Events API now provides more context for several event types:

<ul>

<li>

<code>assigned</code> and <code>unassigned</code> events now include an <code>assignee</code> object so you can see just who was assigned or unassigned.</li>

<li>

<code>labeled</code> and <code>unlabeled</code> events include a <code>label</code> object.</li>

<li>

<code>milestoned</code> and <code>demilesoned</code> events include a <code>milestone</code> object.</li>

<li>

<code>renamed</code> events include a <code>rename</code> object with the title before and after the rename.</li>

</ul>

Check out the <a href="/v3/issues/events/">Issue Events API documentation</a> for a full list of supported events. If you have

any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=New+Attrs+for+Issue+Events+API">drop us a line</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-09-23:/changes/2014-09-23-one-more-week-before-the-add-team-member-api-breaking-change/</id>

<title type="html">One more week before the "Add team member" API breaking change</title>

<name>jakeboxer</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">UPDATE (2014-09-30): In response to feedback from developers, we’re delaying the breaking change to the <a href="/v3/orgs/teams/#add-team-member">“Add team member” API</a> until Monday, October 6, 2014. The change will go into effect for all requests on that date.

Starting October 6, if you use <a href="/v3/orgs/teams/#add-team-member">the “Add team member” API</a> to add a user to a team and that user isn’t already on another team in your organization, the request will fail. To avoid this, be sure to use the <a href="/v3/orgs/teams/#add-team-membership">“Add team membership” API</a>.

<h3 id="the-organization-and-team-membership-apis-are-now-official">The Organization and Team Membership APIs are now official</h3>

As promised in <a href="/changes/2014-09-16-finalizing-the-organization-and-team-membership-apis/">our blog post earlier this month</a>, the <a href="/changes/2014-08-28-accepting-organization-invitations-from-the-api/">Organization Membership</a> and <a href="/changes/2014-08-05-team-memberships-api/">Team Membership</a> APIs are now an official part of the GitHub API! The preview media type is no longer required to access them.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Organization+and+Team+Membership+APIs">get in touch with us</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-09-16:/changes/2014-09-16-finalizing-the-organization-and-team-membership-apis/</id>

<title type="html">Finalizing the Organization and Team Membership APIs</title>

<name>jakeboxer</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">For the past few weeks, the new <a href="/changes/2014-08-28-accepting-organization-invitations-from-the-api/">Organization Membership</a> and <a href="/changes/2014-08-05-team-memberships-api/">Team Membership</a> APIs have been available for early access via a preview media type. As of today, these APIs are stable and suitable for production use.

<h3 id="preview-period-ends-on-september-23">Preview period ends on September 23</h3>

On September 23, 2014, these APIs will become official parts of the GitHub API v3. At that time, the preview media type will no longer be required to access these APIs.

<h3 id="reminder-breaking-change-to-legacy-endpoint">Reminder: Breaking change to legacy endpoint</h3>

The <a href="/v3/orgs/teams/#add-team-member">breaking change to the “Add team member” endpoint</a> will also go into effect for all requests on September 23, 2014. At that time, if you use the <a href="/v3/orgs/teams/#add-team-member">add team member</a> endpoint to add a user to a team and that user isn’t already on another team in your organization, the request will fail. To avoid this, be sure to use the <a href="/v3/orgs/teams/#add-team-membership">add team membership</a> endpoint.

<h3 id="addition-to-the-organization-membership-api">Addition to the Organization Membership API</h3>

Thanks to your feedback, we’ve updated the Organization Membership API to provide direct access to basic information about the organization whenever you fetch a <a href="/v3/orgs/members/#list-your-organization-memberships">list of memberships</a> or a <a href="/v3/orgs/members/#get-your-organization-membership">single membership</a>.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Organization+and+Team+Membership+APIs">get in touch with us</a>!

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-09-12:/changes/2014-09-12-changing-organization-feeds/</id>

<title type="html">Changing organization feeds in the Feeds API</title>

<name>mastahyeti</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">We have deprecated the <code>current_user_organization_url</code> attribute and the

<code>current_user_organization.href</code> attribute in the <a href="/v3/activity/feeds/">Feeds API</a>. If you make

use of these attributes, you’ll want to update your code to use the new

<code>current_user_organization_urls</code> attribute instead.

<h3 id="changes-to-the-deprecated-attributes">Changes to the deprecated attributes</h3>

Previously, the deprecated attributes returned URI template. For example:

<pre><code class="language-javascript highlight">"current_user_organization_url":

"https://github.com/organizations/{org}/mastahyeti.private.atom?token=abc123"</code></pre>

The template included a deprecated authentication token. Our new tokens are

valid only for a concrete feed URL (not for a URI template). Because the

deprecated attributes were templates and did not specify a concrete URL, the API

could not provide a token that could be used for organization feeds.

Starting today, the API returns empty values for the deprecated attributes.

<h3 id="new-attribute-for-organization-feeds">New attribute for organization feeds</h3>

In order to preserve the functionality of this API, we have added a new

attribute that lists specific Atom feed urls for each of the user’s

organizations.

<pre><code class="language-javascript highlight">"current_user_organization_urls": [

"https://github.com/organizations/github/mastahyeti.private.atom?token=abc123"

"https://github.com/organizations/requests/mastahyeti.private.atom?token=token=def456"

]</code></pre>

Check out the updated <a href="/v3/activity/feeds/">Feeds API documentation</a> for the new fields. If you

have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Changing+organization+feeds+in+the+Feeds+API">get drop us a line</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-09-05:/changes/2014-09-05-removing-gravatar-id/</id>

<title type="html">Removing Gravatar ID from user payloads</title>

<name>mastahyeti</name>

<uri>https://github.com/technoweenie</uri>

</author>

<content type="html">We have deprecated the <code>gravatar_id</code> attribute in the <a href="https://developer.github.com/v3/users/">user

representation</a>. Starting September 19,

the API will always provide an empty string as the value for this attribute.

Users have been able to upload avatars directly to GitHub for <a href="https://github.com/blog/1803-switch-your-picture-with-ease">a while

now</a>. If users

haven’t uploaded an avatar, we still try to fetch one from Gravatar, but that

happens behind the scenes on GitHub’s servers. As a result, the <code>gravatar_id</code>

attribute no longer identifies a GitHub user’s canonical avatar. Instead, API

consumers should use the <code>avatar_url</code> to fetch a user’s avatar. The <code>avatar_url</code>

attribute has always been present in the <a href="/v3/users/">v3 user representation</a>

and is the only reliable way to find a GitHub user’s avatar.

If you have any questions or feedback, please <a href="https://github.com/contact?form%5Bsubject%5D=Removing+Gravatar+ID">get drop us a line</a>.

</content>

</entry>

<entry>

<id>tag:developer.github.com,2014-08-28:/changes/2014-08-28-accepting-organization-invitations-from-the-api/</id>

<title type="html">Accepting organization invitations from the API</title>

View remainder of file in raw view

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FilesExpand file tree

changes.atom

Latest commit

History

changes.atom

File metadata and controls