Update go-github and garm-provider-common

We need to abstract away the tools struct and not have garm-provider-common
depend on go-github just for that one struct. It makes it hard to update
go-github without updating garm-provider-common first and then all the rest
of the providers.

Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>

vendor/github.com/google/go-github/v55/github/actions_secrets.go

@@ -23,7 +23,7 @@ type PublicKey struct {
 // do not error out when unmarshaling.
 func (p *PublicKey) UnmarshalJSON(data []byte) error {
 	var pk struct {
-		KeyID interface{} `json:"key_id,string"`
+		KeyID interface{} `json:"key_id"`
 		Key   *string     `json:"key"`
 	}
 

vendor/github.com/google/go-github/v55/github/code-scanning.go

@@ -48,11 +48,13 @@ type Message struct {
 type MostRecentInstance struct {
 	Ref             *string   `json:"ref,omitempty"`
 	AnalysisKey     *string   `json:"analysis_key,omitempty"`
+	Category        *string   `json:"category,omitempty"`
 	Environment     *string   `json:"environment,omitempty"`
 	State           *string   `json:"state,omitempty"`
 	CommitSHA       *string   `json:"commit_sha,omitempty"`
 	Message         *Message  `json:"message,omitempty"`
 	Location        *Location `json:"location,omitempty"`
+	HTMLURL         *string   `json:"html_url,omitempty"`
 	Classifications []string  `json:"classifications,omitempty"`
 }
 
@@ -113,13 +115,22 @@ func (a *Alert) ID() int64 {
 	return id
 }
 
-// AlertListOptions specifies optional parameters to the CodeScanningService.ListAlerts
-// method.
+// AlertInstancesListOptions specifies optional parameters to the CodeScanningService.ListAlertInstances method.
+type AlertInstancesListOptions struct {
+	// Return code scanning alert instances for a specific branch reference.
+	// The ref can be formatted as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge
+	Ref string `url:"ref,omitempty"`
+
+	ListOptions
+}
+
+// AlertListOptions specifies optional parameters to the CodeScanningService.ListAlerts method.
 type AlertListOptions struct {
 	// State of the code scanning alerts to list. Set to closed to list only closed code scanning alerts. Default: open
 	State string `url:"state,omitempty"`
 
-	// Return code scanning alerts for a specific branch reference. The ref must be formatted as heads/<branch name>.
+	// Return code scanning alerts for a specific branch reference.
+	// The ref can be formatted as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge
 	Ref string `url:"ref,omitempty"`
 
 	// If specified, only code scanning alerts with this severity will be returned. Possible values are: critical, high, medium, low, warning, note, error.
@@ -140,12 +151,28 @@ type AnalysesListOptions struct {
 	// Return code scanning analyses belonging to the same SARIF upload.
 	SarifID *string `url:"sarif_id,omitempty"`
 
-	// Return code scanning analyses for a specific branch reference. The ref can be formatted as refs/heads/<branch name> or simply <branch name>.
+	// Return code scanning analyses for a specific branch reference.
+	// The ref can be formatted as refs/heads/<branch name> or simply <branch name>. To reference a pull request use refs/pull/<number>/merge
 	Ref *string `url:"ref,omitempty"`
 
 	ListOptions
 }
 
+// CodeQLDatabase represents a metadata about the CodeQL database.
+//
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+type CodeQLDatabase struct {
+	ID          *int64     `json:"id,omitempty"`
+	Name        *string    `json:"name,omitempty"`
+	Language    *string    `json:"language,omitempty"`
+	Uploader    *User      `json:"uploader,omitempty"`
+	ContentType *string    `json:"content_type,omitempty"`
+	Size        *int64     `json:"size,omitempty"`
+	CreatedAt   *Timestamp `json:"created_at,omitempty"`
+	UpdatedAt   *Timestamp `json:"updated_at,omitempty"`
+	URL         *string    `json:"url,omitempty"`
+}
+
 // ScanningAnalysis represents an individual GitHub Code Scanning ScanningAnalysis on a single repository.
 //
 // GitHub API docs: https://docs.github.com/en/rest/code-scanning
@@ -208,7 +235,7 @@ type SarifID struct {
 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events
 // read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#list-code-scanning-alerts-for-an-organization
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-an-organization
 func (s *CodeScanningService) ListAlertsForOrg(ctx context.Context, org string, opts *AlertListOptions) ([]*Alert, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/code-scanning/alerts", org)
 	u, err := addOptions(u, opts)
@@ -236,7 +263,7 @@ func (s *CodeScanningService) ListAlertsForOrg(ctx context.Context, org string,
 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events
 // read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#list-code-scanning-alerts-for-a-repository
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-a-repository
 func (s *CodeScanningService) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *AlertListOptions) ([]*Alert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts", owner, repo)
 	u, err := addOptions(u, opts)
@@ -265,7 +292,7 @@ func (s *CodeScanningService) ListAlertsForRepo(ctx context.Context, owner, repo
 //
 // The security alert_id is the number at the end of the security alert's URL.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#get-a-code-scanning-alert
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-code-scanning-alert
 func (s *CodeScanningService) GetAlert(ctx context.Context, owner, repo string, id int64) (*Alert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v", owner, repo, id)
 
@@ -308,13 +335,40 @@ func (s *CodeScanningService) UpdateAlert(ctx context.Context, owner, repo strin
 	return a, resp, nil
 }
 
+// ListAlertInstances lists instances of a code scanning alert.
+//
+// You must use an access token with the security_events scope to use this endpoint.
+// GitHub Apps must have the security_events read permission to use this endpoint.
+//
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-instances-of-a-code-scanning-alert
+func (s *CodeScanningService) ListAlertInstances(ctx context.Context, owner, repo string, id int64, opts *AlertInstancesListOptions) ([]*MostRecentInstance, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v/instances", owner, repo, id)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var alertInstances []*MostRecentInstance
+	resp, err := s.client.Do(ctx, req, &alertInstances)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return alertInstances, resp, nil
+}
+
 // UploadSarif uploads the result of code scanning job to GitHub.
 //
 // For the parameter sarif, you must first compress your SARIF file using gzip and then translate the contents of the file into a Base64 encoding string.
 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events
 // write permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data
 func (s *CodeScanningService) UploadSarif(ctx context.Context, owner, repo string, sarif *SarifAnalysis) (*SarifID, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/sarifs", owner, repo)
 
@@ -332,13 +386,45 @@ func (s *CodeScanningService) UploadSarif(ctx context.Context, owner, repo strin
 	return sarifID, resp, nil
 }
 
+// SARIFUpload represents information about a SARIF upload.
+type SARIFUpload struct {
+	// `pending` files have not yet been processed, while `complete` means results from the SARIF have been stored.
+	// `failed` files have either not been processed at all, or could only be partially processed.
+	ProcessingStatus *string `json:"processing_status,omitempty"`
+	// The REST API URL for getting the analyses associated with the upload.
+	AnalysesURL *string `json:"analyses_url,omitempty"`
+}
+
+// GetSARIF gets information about a SARIF upload.
+//
+// You must use an access token with the security_events scope to use this endpoint.
+// GitHub Apps must have the security_events read permission to use this endpoint.
+//
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-information-about-a-sarif-upload
+func (s *CodeScanningService) GetSARIF(ctx context.Context, owner, repo, sarifID string) (*SARIFUpload, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-scanning/sarifs/%v", owner, repo, sarifID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	sarifUpload := new(SARIFUpload)
+	resp, err := s.client.Do(ctx, req, sarifUpload)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return sarifUpload, resp, nil
+}
+
 // ListAnalysesForRepo lists code scanning analyses for a repository.
 //
 // Lists the details of all code scanning analyses for a repository, starting with the most recent.
 // You must use an access token with the security_events scope to use this endpoint.
 // GitHub Apps must have the security_events read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#list-code-scanning-analyses-for-a-repository
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-code-scanning-analyses-for-a-repository
 func (s *CodeScanningService) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts *AnalysesListOptions) ([]*ScanningAnalysis, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses", owner, repo)
 	u, err := addOptions(u, opts)
@@ -367,7 +453,7 @@ func (s *CodeScanningService) ListAnalysesForRepo(ctx context.Context, owner, re
 //
 // The security analysis_id is the ID of the analysis, as returned from the ListAnalysesForRepo operation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#get-a-code-scanning-analysis-for-a-repository
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-code-scanning-analysis-for-a-repository
 func (s *CodeScanningService) GetAnalysis(ctx context.Context, owner, repo string, id int64) (*ScanningAnalysis, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses/%v", owner, repo, id)
 
@@ -385,6 +471,85 @@ func (s *CodeScanningService) GetAnalysis(ctx context.Context, owner, repo strin
 	return analysis, resp, nil
 }
 
+// DeleteAnalysis represents a successful deletion of a code scanning analysis.
+type DeleteAnalysis struct {
+	// Next deletable analysis in chain, without last analysis deletion confirmation
+	NextAnalysisURL *string `json:"next_analysis_url,omitempty"`
+	// Next deletable analysis in chain, with last analysis deletion confirmation
+	ConfirmDeleteURL *string `json:"confirm_delete_url,omitempty"`
+}
+
+// DeleteAnalysis deletes a single code scanning analysis from a repository.
+//
+// You must use an access token with the repo scope to use this endpoint.
+// GitHub Apps must have the security_events read permission to use this endpoint.
+//
+// The security analysis_id is the ID of the analysis, as returned from the ListAnalysesForRepo operation.
+//
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#delete-a-code-scanning-analysis-from-a-repository
+func (s *CodeScanningService) DeleteAnalysis(ctx context.Context, owner, repo string, id int64) (*DeleteAnalysis, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses/%v", owner, repo, id)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	deleteAnalysis := new(DeleteAnalysis)
+	resp, err := s.client.Do(ctx, req, deleteAnalysis)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return deleteAnalysis, resp, nil
+}
+
+// ListCodeQLDatabases lists the CodeQL databases that are available in a repository.
+//
+// You must use an access token with the security_events scope to use this endpoint.
+// GitHub Apps must have the contents read permission to use this endpoint.
+//
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-codeql-databases-for-a-repository
+func (s *CodeScanningService) ListCodeQLDatabases(ctx context.Context, owner, repo string) ([]*CodeQLDatabase, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-scanning/codeql/databases", owner, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var codeqlDatabases []*CodeQLDatabase
+	resp, err := s.client.Do(ctx, req, &codeqlDatabases)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return codeqlDatabases, resp, nil
+}
+
+// GetCodeQLDatabase gets a CodeQL database for a language in a repository.
+//
+// You must use an access token with the security_events scope to use this endpoint.
+// GitHub Apps must have the contents read permission to use this endpoint.
+//
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-codeql-database-for-a-repository
+func (s *CodeScanningService) GetCodeQLDatabase(ctx context.Context, owner, repo, language string) (*CodeQLDatabase, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-scanning/codeql/databases/%v", owner, repo, language)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	codeqlDatabase := new(CodeQLDatabase)
+	resp, err := s.client.Do(ctx, req, codeqlDatabase)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return codeqlDatabase, resp, nil
+}
+
 // DefaultSetupConfiguration represents a code scanning default setup configuration.
 type DefaultSetupConfiguration struct {
 	State      *string    `json:"state,omitempty"`
@@ -399,7 +564,7 @@ type DefaultSetupConfiguration struct {
 // endpoint with private repos or the public_repo scope for public repos. GitHub Apps must have the repo write
 // permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#get-a-code-scanning-default-setup-configuration
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-code-scanning-default-setup-configuration
 func (s *CodeScanningService) GetDefaultSetupConfiguration(ctx context.Context, owner, repo string) (*DefaultSetupConfiguration, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/code-scanning/default-setup", owner, repo)
 
@@ -440,7 +605,7 @@ type UpdateDefaultSetupConfigurationResponse struct {
 // This method might return an AcceptedError and a status code of 202. This is because this is the status that GitHub
 // returns to signify that it has now scheduled the update of the pull request branch in a background task.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning#update-a-code-scanning-default-setup-configuration
+// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#update-a-code-scanning-default-setup-configuration
 func (s *CodeScanningService) UpdateDefaultSetupConfiguration(ctx context.Context, owner, repo string, options *UpdateDefaultSetupConfigurationOptions) (*UpdateDefaultSetupConfigurationResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/code-scanning/default-setup", owner, repo)
 

vendor/github.com/google/go-github/v55/github/dependabot_alerts.go

@@ -17,8 +17,8 @@ type Dependency struct {
 	Scope        *string               `json:"scope,omitempty"`
 }
 
-// AdvisoryCVSs represents the advisory pertaining to the Common Vulnerability Scoring System.
-type AdvisoryCVSs struct {
+// AdvisoryCVSS represents the advisory pertaining to the Common Vulnerability Scoring System.
+type AdvisoryCVSS struct {
 	Score        *float64 `json:"score,omitempty"`
 	VectorString *string  `json:"vector_string,omitempty"`
 }
@@ -37,7 +37,7 @@ type DependabotSecurityAdvisory struct {
 	Description     *string                  `json:"description,omitempty"`
 	Vulnerabilities []*AdvisoryVulnerability `json:"vulnerabilities,omitempty"`
 	Severity        *string                  `json:"severity,omitempty"`
-	CVSs            *AdvisoryCVSs            `json:"cvss,omitempty"`
+	CVSS            *AdvisoryCVSS            `json:"cvss,omitempty"`
 	CWEs            []*AdvisoryCWEs          `json:"cwes,omitempty"`
 	Identifiers     []*AdvisoryIdentifier    `json:"identifiers,omitempty"`
 	References      []*AdvisoryReference     `json:"references,omitempty"`
@@ -62,7 +62,9 @@ type DependabotAlert struct {
 	DismissedReason       *string                     `json:"dismissed_reason,omitempty"`
 	DismissedComment      *string                     `json:"dismissed_comment,omitempty"`
 	FixedAt               *Timestamp                  `json:"fixed_at,omitempty"`
-	Repository            *Repository                 `json:"repository,omitempty"`
+	AutoDismissedAt       *Timestamp                  `json:"auto_dismissed_at,omitempty"`
+	// The repository is always empty for events
+	Repository *Repository `json:"repository,omitempty"`
 }
 
 // ListAlertsOptions specifies the optional parameters to the DependabotService.ListRepoAlerts

vendor/github.com/google/go-github/v55/github/doc.go

@@ -8,7 +8,7 @@ Package github provides a client for using the GitHub API.
 
 Usage:
 
-	import "github.com/google/go-github/v54/github"	// with go modules enabled (GO111MODULE=on or outside GOPATH)
+	import "github.com/google/go-github/v55/github"	// with go modules enabled (GO111MODULE=on or outside GOPATH)
 	import "github.com/google/go-github/github"     // with go modules disabled
 
 Construct a new GitHub client, then use the various services on the client to
@@ -40,34 +40,16 @@ For more sample code snippets, head over to the https://github.com/google/go-git
 
 # Authentication
 
-The go-github library does not directly handle authentication. Instead, when
-creating a new client, pass an http.Client that can handle authentication for
-you. The easiest and recommended way to do this is using the golang.org/x/oauth2
-library, but you can always use any other library that provides an http.Client.
-If you have an OAuth2 access token (for example, a personal API token), you can
-use it with the oauth2 library using:
+Use Client.WithAuthToken to configure your client to authenticate using an Oauth token
+(for example, a personal access token). This is what is needed for a majority of use cases
+aside from GitHub Apps.
 
-	import "golang.org/x/oauth2"
-
-	func main() {
-		ctx := context.Background()
-		ts := oauth2.StaticTokenSource(
-			&oauth2.Token{AccessToken: "... your access token ..."},
-		)
-		tc := oauth2.NewClient(ctx, ts)
-
-		client := github.NewClient(tc)
-
-		// list all repositories for the authenticated user
-		repos, _, err := client.Repositories.List(ctx, "", nil)
-	}
+	client := github.NewClient(nil).WithAuthToken("... your access token ...")
 
 Note that when using an authenticated Client, all calls made by the client will
 include the specified OAuth token. Therefore, authenticated clients should
 almost never be shared between different users.
 
-See the oauth2 docs for complete instructions on using that library.
-
 For API methods that require HTTP Basic Authentication, use the
 BasicAuthTransport.
 

vendor/github.com/google/go-github/v55/github/enterprise_actions_runner_groups.go

@@ -0,0 +1,310 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListOrganizations represents the response from the list orgs endpoints.
+type ListOrganizations struct {
+	TotalCount    *int            `json:"total_count,omitempty"`
+	Organizations []*Organization `json:"organizations"`
+}
+
+// EnterpriseRunnerGroup represents a self-hosted runner group configured in an enterprise.
+type EnterpriseRunnerGroup struct {
+	ID                           *int64   `json:"id,omitempty"`
+	Name                         *string  `json:"name,omitempty"`
+	Visibility                   *string  `json:"visibility,omitempty"`
+	Default                      *bool    `json:"default,omitempty"`
+	SelectedOrganizationsURL     *string  `json:"selected_organizations_url,omitempty"`
+	RunnersURL                   *string  `json:"runners_url,omitempty"`
+	Inherited                    *bool    `json:"inherited,omitempty"`
+	AllowsPublicRepositories     *bool    `json:"allows_public_repositories,omitempty"`
+	RestrictedToWorkflows        *bool    `json:"restricted_to_workflows,omitempty"`
+	SelectedWorkflows            []string `json:"selected_workflows,omitempty"`
+	WorkflowRestrictionsReadOnly *bool    `json:"workflow_restrictions_read_only,omitempty"`
+}
+
+// EnterpriseRunnerGroups represents a collection of self-hosted runner groups configured for an enterprise.
+type EnterpriseRunnerGroups struct {
+	TotalCount   *int                     `json:"total_count,omitempty"`
+	RunnerGroups []*EnterpriseRunnerGroup `json:"runner_groups"`
+}
+
+// CreateEnterpriseRunnerGroupRequest represents a request to create a Runner group for an enterprise.
+type CreateEnterpriseRunnerGroupRequest struct {
+	Name       *string `json:"name,omitempty"`
+	Visibility *string `json:"visibility,omitempty"`
+	// List of organization IDs that can access the runner group.
+	SelectedOrganizationIDs []int64 `json:"selected_organization_ids,omitempty"`
+	// Runners represent a list of runner IDs to add to the runner group.
+	Runners []int64 `json:"runners,omitempty"`
+	// If set to True, public repos can use this runner group
+	AllowsPublicRepositories *bool `json:"allows_public_repositories,omitempty"`
+	// If true, the runner group will be restricted to running only the workflows specified in the SelectedWorkflows slice.
+	RestrictedToWorkflows *bool `json:"restricted_to_workflows,omitempty"`
+	// List of workflows the runner group should be allowed to run. This setting will be ignored unless RestrictedToWorkflows is set to true.
+	SelectedWorkflows []string `json:"selected_workflows,omitempty"`
+}
+
+// UpdateEnterpriseRunnerGroupRequest represents a request to update a Runner group for an enterprise.
+type UpdateEnterpriseRunnerGroupRequest struct {
+	Name                     *string  `json:"name,omitempty"`
+	Visibility               *string  `json:"visibility,omitempty"`
+	AllowsPublicRepositories *bool    `json:"allows_public_repositories,omitempty"`
+	RestrictedToWorkflows    *bool    `json:"restricted_to_workflows,omitempty"`
+	SelectedWorkflows        []string `json:"selected_workflows,omitempty"`
+}
+
+// SetOrgAccessRunnerGroupRequest represents a request to replace the list of organizations
+// that can access a self-hosted runner group configured in an enterprise.
+type SetOrgAccessRunnerGroupRequest struct {
+	// Updated list of organization IDs that should be given access to the runner group.
+	SelectedOrganizationIDs []int64 `json:"selected_organization_ids"`
+}
+
+// ListEnterpriseRunnerGroupOptions extend ListOptions to have the optional parameters VisibleToOrganization.
+type ListEnterpriseRunnerGroupOptions struct {
+	ListOptions
+
+	// Only return runner groups that are allowed to be used by this organization.
+	VisibleToOrganization string `url:"visible_to_organization,omitempty"`
+}
+
+// ListRunnerGroups lists all self-hosted runner groups configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#list-self-hosted-runner-groups-for-an-enterprise
+func (s *EnterpriseService) ListRunnerGroups(ctx context.Context, enterprise string, opts *ListEnterpriseRunnerGroupOptions) (*EnterpriseRunnerGroups, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	groups := &EnterpriseRunnerGroups{}
+	resp, err := s.client.Do(ctx, req, &groups)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return groups, resp, nil
+}
+
+// GetEnterpriseRunnerGroup gets a specific self-hosted runner group for an enterprise using its RunnerGroup ID.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#get-a-self-hosted-runner-group-for-an-enterprise
+func (s *EnterpriseService) GetEnterpriseRunnerGroup(ctx context.Context, enterprise string, groupID int64) (*EnterpriseRunnerGroup, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v", enterprise, groupID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runnerGroup := new(EnterpriseRunnerGroup)
+	resp, err := s.client.Do(ctx, req, runnerGroup)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runnerGroup, resp, nil
+}
+
+// DeleteEnterpriseRunnerGroup deletes a self-hosted runner group from an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#delete-a-self-hosted-runner-group-from-an-enterprise
+func (s *EnterpriseService) DeleteEnterpriseRunnerGroup(ctx context.Context, enterprise string, groupID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v", enterprise, groupID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// CreateEnterpriseRunnerGroup creates a new self-hosted runner group for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#create-a-self-hosted-runner-group-for-an-enterprise
+func (s *EnterpriseService) CreateEnterpriseRunnerGroup(ctx context.Context, enterprise string, createReq CreateEnterpriseRunnerGroupRequest) (*EnterpriseRunnerGroup, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups", enterprise)
+	req, err := s.client.NewRequest("POST", u, createReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runnerGroup := new(EnterpriseRunnerGroup)
+	resp, err := s.client.Do(ctx, req, runnerGroup)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runnerGroup, resp, nil
+}
+
+// UpdateEnterpriseRunnerGroup updates a self-hosted runner group for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#update-a-self-hosted-runner-group-for-an-enterprise
+func (s *EnterpriseService) UpdateEnterpriseRunnerGroup(ctx context.Context, enterprise string, groupID int64, updateReq UpdateEnterpriseRunnerGroupRequest) (*EnterpriseRunnerGroup, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v", enterprise, groupID)
+	req, err := s.client.NewRequest("PATCH", u, updateReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runnerGroup := new(EnterpriseRunnerGroup)
+	resp, err := s.client.Do(ctx, req, runnerGroup)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runnerGroup, resp, nil
+}
+
+// ListOrganizationAccessRunnerGroup lists the organizations with access to a self-hosted runner group configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#list-organization-access-to-a-self-hosted-runner-group-in-an-enterprise
+func (s *EnterpriseService) ListOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID int64, opts *ListOptions) (*ListOrganizations, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations", enterprise, groupID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	orgs := &ListOrganizations{}
+	resp, err := s.client.Do(ctx, req, &orgs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return orgs, resp, nil
+}
+
+// SetOrganizationAccessRunnerGroup replaces the list of organizations that have access to a self-hosted runner group configured in an enterprise
+// with a new List of organizations.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#set-organization-access-for-a-self-hosted-runner-group-in-an-enterprise
+func (s *EnterpriseService) SetOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID int64, ids SetOrgAccessRunnerGroupRequest) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations", enterprise, groupID)
+
+	req, err := s.client.NewRequest("PUT", u, ids)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// AddOrganizationAccessRunnerGroup adds an organization to the list of selected organizations that can access a self-hosted runner group.
+// The runner group must have visibility set to 'selected'.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#add-organization-access-to-a-self-hosted-runner-group-in-an-enterprise
+func (s *EnterpriseService) AddOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID, orgID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations/%v", enterprise, groupID, orgID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// RemoveOrganizationAccessRunnerGroup removes an organization from the list of selected organizations that can access a self-hosted runner group.
+// The runner group must have visibility set to 'selected'.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#remove-organization-access-to-a-self-hosted-runner-group-in-an-enterprise
+func (s *EnterpriseService) RemoveOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID, orgID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations/%v", enterprise, groupID, orgID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// ListRunnerGroupRunners lists self-hosted runners that are in a specific enterprise group.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#list-self-hosted-runners-in-a-group-for-an-enterprise
+func (s *EnterpriseService) ListRunnerGroupRunners(ctx context.Context, enterprise string, groupID int64, opts *ListOptions) (*Runners, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners", enterprise, groupID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runners := &Runners{}
+	resp, err := s.client.Do(ctx, req, &runners)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runners, resp, nil
+}
+
+// SetRunnerGroupRunners replaces the list of self-hosted runners that are part of an enterprise runner group
+// with a new list of runners.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#set-self-hosted-runners-in-a-group-for-an-enterprise
+func (s *EnterpriseService) SetRunnerGroupRunners(ctx context.Context, enterprise string, groupID int64, ids SetRunnerGroupRunnersRequest) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners", enterprise, groupID)
+
+	req, err := s.client.NewRequest("PUT", u, ids)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// AddRunnerGroupRunners adds a self-hosted runner to a runner group configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#add-a-self-hosted-runner-to-a-group-for-an-enterprise
+func (s *EnterpriseService) AddRunnerGroupRunners(ctx context.Context, enterprise string, groupID, runnerID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners/%v", enterprise, groupID, runnerID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// RemoveRunnerGroupRunners removes a self-hosted runner from a group configured in an enterprise.
+// The runner is then returned to the default group.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups?apiVersion=2022-11-28#remove-a-self-hosted-runner-from-a-group-for-an-enterprise
+func (s *EnterpriseService) RemoveRunnerGroupRunners(ctx context.Context, enterprise string, groupID, runnerID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners/%v", enterprise, groupID, runnerID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}

vendor/github.com/google/go-github/v55/github/enterprise_actions_runners.go

@@ -29,6 +29,26 @@ func (s *EnterpriseService) ListRunnerApplicationDownloads(ctx context.Context,
 	return rads, resp, nil
 }
 
+// GenerateEnterpriseJITConfig generates a just-in-time configuration for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-configuration-for-a-just-in-time-runner-for-an-enterprise
+func (s *EnterpriseService) GenerateEnterpriseJITConfig(ctx context.Context, enterprise string, request *GenerateJITConfigRequest) (*JITRunnerConfig, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners/generate-jitconfig", enterprise)
+
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	jitConfig := new(JITRunnerConfig)
+	resp, err := s.client.Do(ctx, req, jitConfig)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return jitConfig, resp, nil
+}
+
 // CreateRegistrationToken creates a token that can be used to add a self-hosted runner.
 //
 // GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-registration-token-for-an-enterprise

vendor/github.com/google/go-github/v55/github/event_types.go

@@ -134,6 +134,25 @@ type DeleteEvent struct {
 	Installation *Installation `json:"installation,omitempty"`
 }
 
+// DependabotAlertEvent is triggered when there is activity relating to Dependabot alerts.
+// The Webhook event name is "dependabot_alert".
+//
+// GitHub API docs: https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#dependabot_alert
+type DependabotAlertEvent struct {
+	Action *string          `json:"action,omitempty"`
+	Alert  *DependabotAlert `json:"alert,omitempty"`
+
+	// The following fields are only populated by Webhook events.
+	Installation *Installation `json:"installation,omitempty"`
+	Enterprise   *Enterprise   `json:"enterprise,omitempty"`
+	Repo         *Repository   `json:"repository,omitempty"`
+	Sender       *User         `json:"sender,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Organization *Organization `json:"organization,omitempty"`
+}
+
 // DeployKeyEvent is triggered when a deploy key is added or removed from a repository.
 // The Webhook event name is "deploy_key".
 //
@@ -1591,6 +1610,8 @@ type WorkflowRunEvent struct {
 //
 // GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
 type SecurityAdvisory struct {
+	CVSS            *AdvisoryCVSS            `json:"cvss,omitempty"`
+	CWEs            []*AdvisoryCWEs          `json:"cwes,omitempty"`
 	GHSAID          *string                  `json:"ghsa_id,omitempty"`
 	Summary         *string                  `json:"summary,omitempty"`
 	Description     *string                  `json:"description,omitempty"`
@@ -1639,6 +1660,13 @@ type FirstPatchedVersion struct {
 type SecurityAdvisoryEvent struct {
 	Action           *string           `json:"action,omitempty"`
 	SecurityAdvisory *SecurityAdvisory `json:"security_advisory,omitempty"`
+
+	// The following fields are only populated by Webhook events.
+	Enterprise   *Enterprise   `json:"enterprise,omitempty"`
+	Installation *Installation `json:"installation,omitempty"`
+	Organization *Organization `json:"organization,omitempty"`
+	Repository   *Repository   `json:"repository,omitempty"`
+	Sender       *User         `json:"sender,omitempty"`
 }
 
 // CodeScanningAlertEvent is triggered when a code scanning finds a potential vulnerability or error in your code.

vendor/github.com/google/go-github/v55/github/git_commits.go

@@ -10,9 +10,8 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"io"
 	"strings"
-
-	"github.com/ProtonMail/go-crypto/openpgp"
 )
 
 // SignatureVerification represents GPG signature verification.
@@ -23,6 +22,25 @@ type SignatureVerification struct {
 	Payload   *string `json:"payload,omitempty"`
 }
 
+// MessageSigner is used by GitService.CreateCommit to sign a commit.
+//
+// To create a MessageSigner that signs a commit with a [golang.org/x/crypto/openpgp.Entity],
+// or [github.com/ProtonMail/go-crypto/openpgp.Entity], use:
+//
+//	commit.Signer = github.MessageSignerFunc(func(w io.Writer, r io.Reader) error {
+//		return openpgp.ArmoredDetachSign(w, openpgpEntity, r, nil)
+//	})
+type MessageSigner interface {
+	Sign(w io.Writer, r io.Reader) error
+}
+
+// MessageSignerFunc is a single function implementation of MessageSigner.
+type MessageSignerFunc func(w io.Writer, r io.Reader) error
+
+func (f MessageSignerFunc) Sign(w io.Writer, r io.Reader) error {
+	return f(w, r)
+}
+
 // Commit represents a GitHub commit.
 type Commit struct {
 	SHA          *string                `json:"sha,omitempty"`
@@ -41,11 +59,6 @@ type Commit struct {
 	// is only populated for requests that fetch GitHub data like
 	// Pulls.ListCommits, Repositories.ListCommits, etc.
 	CommentCount *int `json:"comment_count,omitempty"`
-
-	// SigningKey denotes a key to sign the commit with. If not nil this key will
-	// be used to sign the commit. The private key must be present and already
-	// decrypted. Ignored if Verification.Signature is defined.
-	SigningKey *openpgp.Entity `json:"-"`
 }
 
 func (c Commit) String() string {
@@ -96,6 +109,12 @@ type createCommit struct {
 	Signature *string       `json:"signature,omitempty"`
 }
 
+type CreateCommitOptions struct {
+	// CreateCommit will sign the commit with this signer. See MessageSigner doc for more details.
+	// Ignored on commits where Verification.Signature is defined.
+	Signer MessageSigner
+}
+
 // CreateCommit creates a new commit in a repository.
 // commit must not be nil.
 //
@@ -104,10 +123,13 @@ type createCommit struct {
 // the authenticated user’s information and the current date.
 //
 // GitHub API docs: https://docs.github.com/en/rest/git/commits#create-a-commit
-func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string, commit *Commit) (*Commit, *Response, error) {
+func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string, commit *Commit, opts *CreateCommitOptions) (*Commit, *Response, error) {
 	if commit == nil {
 		return nil, nil, fmt.Errorf("commit must be provided")
 	}
+	if opts == nil {
+		opts = &CreateCommitOptions{}
+	}
 
 	u := fmt.Sprintf("repos/%v/%v/git/commits", owner, repo)
 
@@ -125,16 +147,16 @@ func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string
 	if commit.Tree != nil {
 		body.Tree = commit.Tree.SHA
 	}
-	if commit.SigningKey != nil {
-		signature, err := createSignature(commit.SigningKey, body)
+	switch {
+	case commit.Verification != nil:
+		body.Signature = commit.Verification.Signature
+	case opts.Signer != nil:
+		signature, err := createSignature(opts.Signer, body)
 		if err != nil {
 			return nil, nil, err
 		}
 		body.Signature = &signature
 	}
-	if commit.Verification != nil {
-		body.Signature = commit.Verification.Signature
-	}
 
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
@@ -150,8 +172,8 @@ func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string
 	return c, resp, nil
 }
 
-func createSignature(signingKey *openpgp.Entity, commit *createCommit) (string, error) {
-	if signingKey == nil || commit == nil {
+func createSignature(signer MessageSigner, commit *createCommit) (string, error) {
+	if signer == nil {
 		return "", errors.New("createSignature: invalid parameters")
 	}
 
@@ -160,9 +182,9 @@ func createSignature(signingKey *openpgp.Entity, commit *createCommit) (string,
 		return "", err
 	}
 
-	writer := new(bytes.Buffer)
-	reader := bytes.NewReader([]byte(message))
-	if err := openpgp.ArmoredDetachSign(writer, signingKey, reader, nil); err != nil {
+	var writer bytes.Buffer
+	err = signer.Sign(&writer, strings.NewReader(message))
+	if err != nil {
 		return "", err
 	}
 

vendor/github.com/google/go-github/v55/github/github-accessors.go

@@ -343,7 +343,7 @@ func (a *AdvancedSecurityCommittersBreakdown) GetUserLogin() string {
 }
 
 // GetScore returns the Score field.
-func (a *AdvisoryCVSs) GetScore() *float64 {
+func (a *AdvisoryCVSS) GetScore() *float64 {
 	if a == nil {
 		return nil
 	}
@@ -351,7 +351,7 @@ func (a *AdvisoryCVSs) GetScore() *float64 {
 }
 
 // GetVectorString returns the VectorString field if it's non-nil, zero value otherwise.
-func (a *AdvisoryCVSs) GetVectorString() string {
+func (a *AdvisoryCVSS) GetVectorString() string {
 	if a == nil || a.VectorString == nil {
 		return ""
 	}
@@ -2830,6 +2830,78 @@ func (c *CodeownersError) GetSuggestion() string {
 	return *c.Suggestion
 }
 
+// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetContentType() string {
+	if c == nil || c.ContentType == nil {
+		return ""
+	}
+	return *c.ContentType
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *c.CreatedAt
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
+	}
+	return *c.ID
+}
+
+// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetLanguage() string {
+	if c == nil || c.Language == nil {
+		return ""
+	}
+	return *c.Language
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
+	}
+	return *c.Name
+}
+
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetSize() int64 {
+	if c == nil || c.Size == nil {
+		return 0
+	}
+	return *c.Size
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *c.UpdatedAt
+}
+
+// GetUploader returns the Uploader field.
+func (c *CodeQLDatabase) GetUploader() *User {
+	if c == nil {
+		return nil
+	}
+	return c.Uploader
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetURL() string {
+	if c == nil || c.URL == nil {
+		return ""
+	}
+	return *c.URL
+}
+
 // GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
 func (c *CodeResult) GetHTMLURL() string {
 	if c == nil || c.HTMLURL == nil {
@@ -4502,6 +4574,38 @@ func (c *CreateCodespaceOptions) GetWorkingDirectory() string {
 	return *c.WorkingDirectory
 }
 
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetAllowsPublicRepositories() bool {
+	if c == nil || c.AllowsPublicRepositories == nil {
+		return false
+	}
+	return *c.AllowsPublicRepositories
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
+	}
+	return *c.Name
+}
+
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetRestrictedToWorkflows() bool {
+	if c == nil || c.RestrictedToWorkflows == nil {
+		return false
+	}
+	return *c.RestrictedToWorkflows
+}
+
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetVisibility() string {
+	if c == nil || c.Visibility == nil {
+		return ""
+	}
+	return *c.Visibility
+}
+
 // GetDescription returns the Description field if it's non-nil, zero value otherwise.
 func (c *CreateEvent) GetDescription() string {
 	if c == nil || c.Description == nil {
@@ -4878,6 +4982,22 @@ func (d *DefaultSetupConfiguration) GetUpdatedAt() Timestamp {
 	return *d.UpdatedAt
 }
 
+// GetConfirmDeleteURL returns the ConfirmDeleteURL field if it's non-nil, zero value otherwise.
+func (d *DeleteAnalysis) GetConfirmDeleteURL() string {
+	if d == nil || d.ConfirmDeleteURL == nil {
+		return ""
+	}
+	return *d.ConfirmDeleteURL
+}
+
+// GetNextAnalysisURL returns the NextAnalysisURL field if it's non-nil, zero value otherwise.
+func (d *DeleteAnalysis) GetNextAnalysisURL() string {
+	if d == nil || d.NextAnalysisURL == nil {
+		return ""
+	}
+	return *d.NextAnalysisURL
+}
+
 // GetInstallation returns the Installation field.
 func (d *DeleteEvent) GetInstallation() *Installation {
 	if d == nil {
@@ -4926,6 +5046,14 @@ func (d *DeleteEvent) GetSender() *User {
 	return d.Sender
 }
 
+// GetAutoDismissedAt returns the AutoDismissedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetAutoDismissedAt() Timestamp {
+	if d == nil || d.AutoDismissedAt == nil {
+		return Timestamp{}
+	}
+	return *d.AutoDismissedAt
+}
+
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
 func (d *DependabotAlert) GetCreatedAt() Timestamp {
 	if d == nil || d.CreatedAt == nil {
@@ -5046,6 +5174,62 @@ func (d *DependabotAlert) GetURL() string {
 	return *d.URL
 }
 
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DependabotAlertEvent) GetAction() string {
+	if d == nil || d.Action == nil {
+		return ""
+	}
+	return *d.Action
+}
+
+// GetAlert returns the Alert field.
+func (d *DependabotAlertEvent) GetAlert() *DependabotAlert {
+	if d == nil {
+		return nil
+	}
+	return d.Alert
+}
+
+// GetEnterprise returns the Enterprise field.
+func (d *DependabotAlertEvent) GetEnterprise() *Enterprise {
+	if d == nil {
+		return nil
+	}
+	return d.Enterprise
+}
+
+// GetInstallation returns the Installation field.
+func (d *DependabotAlertEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
+	}
+	return d.Installation
+}
+
+// GetOrganization returns the Organization field.
+func (d *DependabotAlertEvent) GetOrganization() *Organization {
+	if d == nil {
+		return nil
+	}
+	return d.Organization
+}
+
+// GetRepo returns the Repo field.
+func (d *DependabotAlertEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
+	}
+	return d.Repo
+}
+
+// GetSender returns the Sender field.
+func (d *DependabotAlertEvent) GetSender() *User {
+	if d == nil {
+		return nil
+	}
+	return d.Sender
+}
+
 // GetCVEID returns the CVEID field if it's non-nil, zero value otherwise.
 func (d *DependabotSecurityAdvisory) GetCVEID() string {
 	if d == nil || d.CVEID == nil {
@@ -5054,12 +5238,12 @@ func (d *DependabotSecurityAdvisory) GetCVEID() string {
 	return *d.CVEID
 }
 
-// GetCVSs returns the CVSs field.
-func (d *DependabotSecurityAdvisory) GetCVSs() *AdvisoryCVSs {
+// GetCVSS returns the CVSS field.
+func (d *DependabotSecurityAdvisory) GetCVSS() *AdvisoryCVSS {
 	if d == nil {
 		return nil
 	}
-	return d.CVSs
+	return d.CVSS
 }
 
 // GetDescription returns the Description field if it's non-nil, zero value otherwise.
@@ -6478,6 +6662,94 @@ func (e *Enterprise) GetWebsiteURL() string {
 	return *e.WebsiteURL
 }
 
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetAllowsPublicRepositories() bool {
+	if e == nil || e.AllowsPublicRepositories == nil {
+		return false
+	}
+	return *e.AllowsPublicRepositories
+}
+
+// GetDefault returns the Default field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetDefault() bool {
+	if e == nil || e.Default == nil {
+		return false
+	}
+	return *e.Default
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetID() int64 {
+	if e == nil || e.ID == nil {
+		return 0
+	}
+	return *e.ID
+}
+
+// GetInherited returns the Inherited field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetInherited() bool {
+	if e == nil || e.Inherited == nil {
+		return false
+	}
+	return *e.Inherited
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetName() string {
+	if e == nil || e.Name == nil {
+		return ""
+	}
+	return *e.Name
+}
+
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetRestrictedToWorkflows() bool {
+	if e == nil || e.RestrictedToWorkflows == nil {
+		return false
+	}
+	return *e.RestrictedToWorkflows
+}
+
+// GetRunnersURL returns the RunnersURL field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetRunnersURL() string {
+	if e == nil || e.RunnersURL == nil {
+		return ""
+	}
+	return *e.RunnersURL
+}
+
+// GetSelectedOrganizationsURL returns the SelectedOrganizationsURL field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetSelectedOrganizationsURL() string {
+	if e == nil || e.SelectedOrganizationsURL == nil {
+		return ""
+	}
+	return *e.SelectedOrganizationsURL
+}
+
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetVisibility() string {
+	if e == nil || e.Visibility == nil {
+		return ""
+	}
+	return *e.Visibility
+}
+
+// GetWorkflowRestrictionsReadOnly returns the WorkflowRestrictionsReadOnly field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetWorkflowRestrictionsReadOnly() bool {
+	if e == nil || e.WorkflowRestrictionsReadOnly == nil {
+		return false
+	}
+	return *e.WorkflowRestrictionsReadOnly
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroups) GetTotalCount() int {
+	if e == nil || e.TotalCount == nil {
+		return 0
+	}
+	return *e.TotalCount
+}
+
 // GetAdvancedSecurityEnabledForNewRepositories returns the AdvancedSecurityEnabledForNewRepositories field if it's non-nil, zero value otherwise.
 func (e *EnterpriseSecurityAnalysisSettings) GetAdvancedSecurityEnabledForNewRepositories() bool {
 	if e == nil || e.AdvancedSecurityEnabledForNewRepositories == nil {
@@ -10246,6 +10518,14 @@ func (l *ListExternalGroupsOptions) GetDisplayName() string {
 	return *l.DisplayName
 }
 
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (l *ListOrganizations) GetTotalCount() int {
+	if l == nil || l.TotalCount == nil {
+		return 0
+	}
+	return *l.TotalCount
+}
+
 // GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
 func (l *ListRepositories) GetTotalCount() int {
 	if l == nil || l.TotalCount == nil {
@@ -11318,6 +11598,14 @@ func (m *MostRecentInstance) GetAnalysisKey() string {
 	return *m.AnalysisKey
 }
 
+// GetCategory returns the Category field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetCategory() string {
+	if m == nil || m.Category == nil {
+		return ""
+	}
+	return *m.Category
+}
+
 // GetCommitSHA returns the CommitSHA field if it's non-nil, zero value otherwise.
 func (m *MostRecentInstance) GetCommitSHA() string {
 	if m == nil || m.CommitSHA == nil {
@@ -11334,6 +11622,14 @@ func (m *MostRecentInstance) GetEnvironment() string {
 	return *m.Environment
 }
 
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetHTMLURL() string {
+	if m == nil || m.HTMLURL == nil {
+		return ""
+	}
+	return *m.HTMLURL
+}
+
 // GetLocation returns the Location field.
 func (m *MostRecentInstance) GetLocation() *Location {
 	if m == nil {
@@ -20046,6 +20342,22 @@ func (s *SarifID) GetURL() string {
 	return *s.URL
 }
 
+// GetAnalysesURL returns the AnalysesURL field if it's non-nil, zero value otherwise.
+func (s *SARIFUpload) GetAnalysesURL() string {
+	if s == nil || s.AnalysesURL == nil {
+		return ""
+	}
+	return *s.AnalysesURL
+}
+
+// GetProcessingStatus returns the ProcessingStatus field if it's non-nil, zero value otherwise.
+func (s *SARIFUpload) GetProcessingStatus() string {
+	if s == nil || s.ProcessingStatus == nil {
+		return ""
+	}
+	return *s.ProcessingStatus
+}
+
 // GetSBOM returns the SBOM field.
 func (s *SBOM) GetSBOM() *SBOMInfo {
 	if s == nil {
@@ -20382,6 +20694,30 @@ func (s *SecretScanningAlert) GetNumber() int {
 	return *s.Number
 }
 
+// GetPushProtectionBypassed returns the PushProtectionBypassed field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassed() bool {
+	if s == nil || s.PushProtectionBypassed == nil {
+		return false
+	}
+	return *s.PushProtectionBypassed
+}
+
+// GetPushProtectionBypassedAt returns the PushProtectionBypassedAt field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassedAt() Timestamp {
+	if s == nil || s.PushProtectionBypassedAt == nil {
+		return Timestamp{}
+	}
+	return *s.PushProtectionBypassedAt
+}
+
+// GetPushProtectionBypassedBy returns the PushProtectionBypassedBy field.
+func (s *SecretScanningAlert) GetPushProtectionBypassedBy() *User {
+	if s == nil {
+		return nil
+	}
+	return s.PushProtectionBypassedBy
+}
+
 // GetRepository returns the Repository field.
 func (s *SecretScanningAlert) GetRepository() *Repository {
 	if s == nil {
@@ -20398,6 +20734,14 @@ func (s *SecretScanningAlert) GetResolution() string {
 	return *s.Resolution
 }
 
+// GetResolutionComment returns the ResolutionComment field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetResolutionComment() string {
+	if s == nil || s.ResolutionComment == nil {
+		return ""
+	}
+	return *s.ResolutionComment
+}
+
 // GetResolvedAt returns the ResolvedAt field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlert) GetResolvedAt() Timestamp {
 	if s == nil || s.ResolvedAt == nil {
@@ -20446,6 +20790,14 @@ func (s *SecretScanningAlert) GetState() string {
 	return *s.State
 }
 
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetUpdatedAt() Timestamp {
+	if s == nil || s.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *s.UpdatedAt
+}
+
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlert) GetURL() string {
 	if s == nil || s.URL == nil {
@@ -20606,22 +20958,6 @@ func (s *SecretScanningAlertUpdateOptions) GetResolution() string {
 	return *s.Resolution
 }
 
-// GetSecretType returns the SecretType field if it's non-nil, zero value otherwise.
-func (s *SecretScanningAlertUpdateOptions) GetSecretType() string {
-	if s == nil || s.SecretType == nil {
-		return ""
-	}
-	return *s.SecretType
-}
-
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (s *SecretScanningAlertUpdateOptions) GetState() string {
-	if s == nil || s.State == nil {
-		return ""
-	}
-	return *s.State
-}
-
 // GetStatus returns the Status field if it's non-nil, zero value otherwise.
 func (s *SecretScanningPushProtection) GetStatus() string {
 	if s == nil || s.Status == nil {
@@ -20630,6 +20966,14 @@ func (s *SecretScanningPushProtection) GetStatus() string {
 	return *s.Status
 }
 
+// GetCVSS returns the CVSS field.
+func (s *SecurityAdvisory) GetCVSS() *AdvisoryCVSS {
+	if s == nil {
+		return nil
+	}
+	return s.CVSS
+}
+
 // GetDescription returns the Description field if it's non-nil, zero value otherwise.
 func (s *SecurityAdvisory) GetDescription() string {
 	if s == nil || s.Description == nil {
@@ -20694,6 +21038,38 @@ func (s *SecurityAdvisoryEvent) GetAction() string {
 	return *s.Action
 }
 
+// GetEnterprise returns the Enterprise field.
+func (s *SecurityAdvisoryEvent) GetEnterprise() *Enterprise {
+	if s == nil {
+		return nil
+	}
+	return s.Enterprise
+}
+
+// GetInstallation returns the Installation field.
+func (s *SecurityAdvisoryEvent) GetInstallation() *Installation {
+	if s == nil {
+		return nil
+	}
+	return s.Installation
+}
+
+// GetOrganization returns the Organization field.
+func (s *SecurityAdvisoryEvent) GetOrganization() *Organization {
+	if s == nil {
+		return nil
+	}
+	return s.Organization
+}
+
+// GetRepository returns the Repository field.
+func (s *SecurityAdvisoryEvent) GetRepository() *Repository {
+	if s == nil {
+		return nil
+	}
+	return s.Repository
+}
+
 // GetSecurityAdvisory returns the SecurityAdvisory field.
 func (s *SecurityAdvisoryEvent) GetSecurityAdvisory() *SecurityAdvisory {
 	if s == nil {
@@ -20702,6 +21078,14 @@ func (s *SecurityAdvisoryEvent) GetSecurityAdvisory() *SecurityAdvisory {
 	return s.SecurityAdvisory
 }
 
+// GetSender returns the Sender field.
+func (s *SecurityAdvisoryEvent) GetSender() *User {
+	if s == nil {
+		return nil
+	}
+	return s.Sender
+}
+
 // GetAdvancedSecurity returns the AdvancedSecurity field.
 func (s *SecurityAndAnalysis) GetAdvancedSecurity() *AdvancedSecurity {
 	if s == nil {
@@ -20806,14 +21190,6 @@ func (s *SelectedReposList) GetTotalCount() int {
 	return *s.TotalCount
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (s *ServiceHook) GetName() string {
-	if s == nil || s.Name == nil {
-		return ""
-	}
-	return *s.Name
-}
-
 // GetFrom returns the From field if it's non-nil, zero value otherwise.
 func (s *SignatureRequirementEnforcementLevelChanges) GetFrom() string {
 	if s == nil || s.From == nil {
@@ -22590,6 +22966,38 @@ func (u *UpdateDefaultSetupConfigurationResponse) GetRunURL() string {
 	return *u.RunURL
 }
 
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetAllowsPublicRepositories() bool {
+	if u == nil || u.AllowsPublicRepositories == nil {
+		return false
+	}
+	return *u.AllowsPublicRepositories
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetName() string {
+	if u == nil || u.Name == nil {
+		return ""
+	}
+	return *u.Name
+}
+
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetRestrictedToWorkflows() bool {
+	if u == nil || u.RestrictedToWorkflows == nil {
+		return false
+	}
+	return *u.RestrictedToWorkflows
+}
+
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetVisibility() string {
+	if u == nil || u.Visibility == nil {
+		return ""
+	}
+	return *u.Visibility
+}
+
 // GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
 func (u *UpdateRunnerGroupRequest) GetAllowsPublicRepositories() bool {
 	if u == nil || u.AllowsPublicRepositories == nil {

vendor/github.com/google/go-github/v55/github/github.go

@@ -24,11 +24,10 @@ import (
 	"time"
 
 	"github.com/google/go-querystring/query"
-	"golang.org/x/oauth2"
 )
 
 const (
-	Version = "v54.0.0"
+	Version = "v55.0.0"
 
 	defaultAPIVersion = "2022-11-28"
 	defaultBaseURL    = "https://api.github.com/"
@@ -306,16 +305,92 @@ func addOptions(s string, opts interface{}) (string, error) {
 
 // NewClient returns a new GitHub API client. If a nil httpClient is
 // provided, a new http.Client will be used. To use API methods which require
-// authentication, provide an http.Client that will perform the authentication
-// for you (such as that provided by the golang.org/x/oauth2 library).
+// authentication, either use Client.WithAuthToken or provide NewClient with
+// an http.Client that will perform the authentication for you (such as that
+// provided by the golang.org/x/oauth2 library).
 func NewClient(httpClient *http.Client) *Client {
-	if httpClient == nil {
-		httpClient = &http.Client{}
-	}
-	baseURL, _ := url.Parse(defaultBaseURL)
-	uploadURL, _ := url.Parse(uploadBaseURL)
+	c := &Client{client: httpClient}
+	c.initialize()
+	return c
+}
 
-	c := &Client{client: httpClient, BaseURL: baseURL, UserAgent: defaultUserAgent, UploadURL: uploadURL}
+// WithAuthToken returns a copy of the client configured to use the provided token for the Authorization header.
+func (c *Client) WithAuthToken(token string) *Client {
+	c2 := c.copy()
+	defer c2.initialize()
+	transport := c2.client.Transport
+	if transport == nil {
+		transport = http.DefaultTransport
+	}
+	c2.client.Transport = roundTripperFunc(
+		func(req *http.Request) (*http.Response, error) {
+			req = req.Clone(req.Context())
+			req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))
+			return transport.RoundTrip(req)
+		},
+	)
+	return c2
+}
+
+// WithEnterpriseURLs returns a copy of the client configured to use the provided base and
+// upload URLs. If the base URL does not have the suffix "/api/v3/", it will be added
+// automatically. If the upload URL does not have the suffix "/api/uploads", it will be
+// added automatically.
+//
+// Note that WithEnterpriseURLs is a convenience helper only;
+// its behavior is equivalent to setting the BaseURL and UploadURL fields.
+//
+// Another important thing is that by default, the GitHub Enterprise URL format
+// should be http(s)://[hostname]/api/v3/ or you will always receive the 406 status code.
+// The upload URL format should be http(s)://[hostname]/api/uploads/.
+func (c *Client) WithEnterpriseURLs(baseURL, uploadURL string) (*Client, error) {
+	c2 := c.copy()
+	defer c2.initialize()
+	var err error
+	c2.BaseURL, err = url.Parse(baseURL)
+	if err != nil {
+		return nil, err
+	}
+
+	if !strings.HasSuffix(c2.BaseURL.Path, "/") {
+		c2.BaseURL.Path += "/"
+	}
+	if !strings.HasSuffix(c2.BaseURL.Path, "/api/v3/") &&
+		!strings.HasPrefix(c2.BaseURL.Host, "api.") &&
+		!strings.Contains(c2.BaseURL.Host, ".api.") {
+		c2.BaseURL.Path += "api/v3/"
+	}
+
+	c2.UploadURL, err = url.Parse(uploadURL)
+	if err != nil {
+		return nil, err
+	}
+
+	if !strings.HasSuffix(c2.UploadURL.Path, "/") {
+		c2.UploadURL.Path += "/"
+	}
+	if !strings.HasSuffix(c2.UploadURL.Path, "/api/uploads/") &&
+		!strings.HasPrefix(c2.UploadURL.Host, "api.") &&
+		!strings.Contains(c2.UploadURL.Host, ".api.") {
+		c2.UploadURL.Path += "api/uploads/"
+	}
+	return c2, nil
+}
+
+// initialize sets default values and initializes services.
+func (c *Client) initialize() {
+	if c.client == nil {
+		c.client = &http.Client{}
+	}
+	if c.BaseURL == nil {
+		c.BaseURL, _ = url.Parse(defaultBaseURL)
+	}
+	if c.UploadURL == nil {
+		c.UploadURL, _ = url.Parse(uploadBaseURL)
+	}
+	if c.UserAgent == "" {
+		c.UserAgent = defaultUserAgent
+	}
 	c.common.client = c
 	c.Actions = (*ActionsService)(&c.common)
 	c.Activity = (*ActivityService)(&c.common)
@@ -349,7 +424,27 @@ func NewClient(httpClient *http.Client) *Client {
 	c.SecurityAdvisories = (*SecurityAdvisoriesService)(&c.common)
 	c.Teams = (*TeamsService)(&c.common)
 	c.Users = (*UsersService)(&c.common)
-	return c
+}
+
+// copy returns a copy of the current client. It must be initialized before use.
+func (c *Client) copy() *Client {
+	c.clientMu.Lock()
+	// can't use *c here because that would copy mutexes by value.
+	clone := Client{
+		client:                  c.client,
+		UserAgent:               c.UserAgent,
+		BaseURL:                 c.BaseURL,
+		UploadURL:               c.UploadURL,
+		secondaryRateLimitReset: c.secondaryRateLimitReset,
+	}
+	c.clientMu.Unlock()
+	if clone.client == nil {
+		clone.client = &http.Client{}
+	}
+	c.rateMu.Lock()
+	copy(clone.rateLimits[:], c.rateLimits[:])
+	c.rateMu.Unlock()
+	return &clone
 }
 
 // NewClientWithEnvProxy enhances NewClient with the HttpProxy env.
@@ -358,56 +453,18 @@ func NewClientWithEnvProxy() *Client {
 }
 
 // NewTokenClient returns a new GitHub API client authenticated with the provided token.
-func NewTokenClient(ctx context.Context, token string) *Client {
-	return NewClient(oauth2.NewClient(ctx, oauth2.StaticTokenSource(&oauth2.Token{AccessToken: token})))
+// Deprecated: Use NewClient(nil).WithAuthToken(token) instead.
+func NewTokenClient(_ context.Context, token string) *Client {
+	// This always returns a nil error.
+	return NewClient(nil).WithAuthToken(token)
 }
 
 // NewEnterpriseClient returns a new GitHub API client with provided
 // base URL and upload URL (often is your GitHub Enterprise hostname).
-// If the base URL does not have the suffix "/api/v3/", it will be added automatically.
-// If the upload URL does not have the suffix "/api/uploads", it will be added automatically.
-// If a nil httpClient is provided, a new http.Client will be used.
 //
-// Note that NewEnterpriseClient is a convenience helper only;
-// its behavior is equivalent to using NewClient, followed by setting
-// the BaseURL and UploadURL fields.
-//
-// Another important thing is that by default, the GitHub Enterprise URL format
-// should be http(s)://[hostname]/api/v3/ or you will always receive the 406 status code.
-// The upload URL format should be http(s)://[hostname]/api/uploads/.
+// Deprecated: Use NewClient(httpClient).WithEnterpriseURLs(baseURL, uploadURL) instead.
 func NewEnterpriseClient(baseURL, uploadURL string, httpClient *http.Client) (*Client, error) {
-	baseEndpoint, err := url.Parse(baseURL)
-	if err != nil {
-		return nil, err
-	}
-
-	if !strings.HasSuffix(baseEndpoint.Path, "/") {
-		baseEndpoint.Path += "/"
-	}
-	if !strings.HasSuffix(baseEndpoint.Path, "/api/v3/") &&
-		!strings.HasPrefix(baseEndpoint.Host, "api.") &&
-		!strings.Contains(baseEndpoint.Host, ".api.") {
-		baseEndpoint.Path += "api/v3/"
-	}
-
-	uploadEndpoint, err := url.Parse(uploadURL)
-	if err != nil {
-		return nil, err
-	}
-
-	if !strings.HasSuffix(uploadEndpoint.Path, "/") {
-		uploadEndpoint.Path += "/"
-	}
-	if !strings.HasSuffix(uploadEndpoint.Path, "/api/uploads/") &&
-		!strings.HasPrefix(uploadEndpoint.Host, "api.") &&
-		!strings.Contains(uploadEndpoint.Host, ".api.") {
-		uploadEndpoint.Path += "api/uploads/"
-	}
-
-	c := NewClient(httpClient)
-	c.BaseURL = baseEndpoint
-	c.UploadURL = uploadEndpoint
-	return c, nil
+	return NewClient(httpClient).WithEnterpriseURLs(baseURL, uploadURL)
 }
 
 // RequestOption represents an option that can modify an http.Request.
@@ -753,7 +810,7 @@ func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, erro
 			}, err
 		}
 		// If we've hit a secondary rate limit, don't make further requests before Retry After.
-		if err := c.checkSecondaryRateLimitBeforeDo(ctx, req); err != nil {
+		if err := c.checkSecondaryRateLimitBeforeDo(req); err != nil {
 			return &Response{
 				Response: err.Response,
 			}, err
@@ -885,7 +942,7 @@ func (c *Client) checkRateLimitBeforeDo(req *http.Request, rateLimitCategory rat
 // current client state in order to quickly check if *AbuseRateLimitError can be immediately returned
 // from Client.Do, and if so, returns it so that Client.Do can skip making a network API call unnecessarily.
 // Otherwise it returns nil, and Client.Do should proceed normally.
-func (c *Client) checkSecondaryRateLimitBeforeDo(ctx context.Context, req *http.Request) *AbuseRateLimitError {
+func (c *Client) checkSecondaryRateLimitBeforeDo(req *http.Request) *AbuseRateLimitError {
 	c.rateMu.Lock()
 	secondary := c.secondaryRateLimitReset
 	c.rateMu.Unlock()
@@ -1162,7 +1219,11 @@ func CheckResponse(r *http.Response) error {
 	errorResponse := &ErrorResponse{Response: r}
 	data, err := io.ReadAll(r.Body)
 	if err == nil && data != nil {
-		json.Unmarshal(data, errorResponse)
+		err = json.Unmarshal(data, errorResponse)
+		if err != nil {
+			// reset the response as if this never happened
+			errorResponse = &ErrorResponse{Response: r}
+		}
 	}
 	// Re-populate error response body because GitHub error responses are often
 	// undocumented and inconsistent.
@@ -1517,7 +1578,7 @@ func (c *Client) roundTripWithOptionalFollowRedirect(ctx context.Context, u stri
 
 	// If redirect response is returned, follow it
 	if followRedirects && resp.StatusCode == http.StatusMovedPermanently {
-		resp.Body.Close()
+		_ = resp.Body.Close()
 		u = resp.Header.Get("Location")
 		resp, err = c.roundTripWithOptionalFollowRedirect(ctx, u, false, opts...)
 	}
@@ -1539,3 +1600,10 @@ func Int64(v int64) *int64 { return &v }
 // String is a helper routine that allocates a new string value
 // to store v and returns a pointer to it.
 func String(v string) *string { return &v }
+
+// roundTripperFunc creates a RoundTripper (transport)
+type roundTripperFunc func(*http.Request) (*http.Response, error)
+
+func (fn roundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error) {
+	return fn(r)
+}

vendor/github.com/google/go-github/v55/github/issue_import.go

@@ -86,14 +86,11 @@ func (s *IssueImportService) Create(ctx context.Context, owner, repo string, iss
 	if err != nil {
 		aerr, ok := err.(*AcceptedError)
 		if ok {
-			decErr := json.Unmarshal(aerr.Raw, i)
-			if decErr != nil {
-				err = decErr
+			if err := json.Unmarshal(aerr.Raw, i); err != nil {
+				return i, resp, err
 			}
-
-			return i, resp, nil
+			return i, resp, err
 		}
-
 		return nil, resp, err
 	}
 

vendor/github.com/google/go-github/v55/github/messages.go

@@ -54,6 +54,7 @@ var (
 		"content_reference":              &ContentReferenceEvent{},
 		"create":                         &CreateEvent{},
 		"delete":                         &DeleteEvent{},
+		"dependabot_alert":               &DependabotAlertEvent{},
 		"deploy_key":                     &DeployKeyEvent{},
 		"deployment":                     &DeploymentEvent{},
 		"deployment_status":              &DeploymentStatusEvent{},

vendor/github.com/google/go-github/v55/github/misc.go

@@ -245,35 +245,3 @@ func (c *Client) Zen(ctx context.Context) (string, *Response, error) {
 
 	return buf.String(), resp, nil
 }
-
-// ServiceHook represents a hook that has configuration settings, a list of
-// available events, and default events.
-type ServiceHook struct {
-	Name            *string    `json:"name,omitempty"`
-	Events          []string   `json:"events,omitempty"`
-	SupportedEvents []string   `json:"supported_events,omitempty"`
-	Schema          [][]string `json:"schema,omitempty"`
-}
-
-func (s *ServiceHook) String() string {
-	return Stringify(s)
-}
-
-// ListServiceHooks lists all of the available service hooks.
-//
-// GitHub API docs: https://developer.github.com/webhooks/#services
-func (c *Client) ListServiceHooks(ctx context.Context) ([]*ServiceHook, *Response, error) {
-	u := "hooks"
-	req, err := c.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var hooks []*ServiceHook
-	resp, err := c.Do(ctx, req, &hooks)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return hooks, resp, nil
-}

vendor/github.com/google/go-github/v55/github/orgs_hooks_configuration.go

@@ -0,0 +1,49 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// GetHookConfiguration returns the configuration for the specified organization webhook.
+//
+// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks?apiVersion=2022-11-28#get-a-webhook-configuration-for-an-organization
+func (s *OrganizationsService) GetHookConfiguration(ctx context.Context, org string, id int64) (*HookConfig, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/hooks/%v/config", org, id)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	config := new(HookConfig)
+	resp, err := s.client.Do(ctx, req, config)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return config, resp, nil
+}
+
+// EditHookConfiguration updates the configuration for the specified organization webhook.
+//
+// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks?apiVersion=2022-11-28#update-a-webhook-configuration-for-an-organization
+func (s *OrganizationsService) EditHookConfiguration(ctx context.Context, org string, id int64, config *HookConfig) (*HookConfig, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/hooks/%v/config", org, id)
+	req, err := s.client.NewRequest("PATCH", u, config)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	c := new(HookConfig)
+	resp, err := s.client.Do(ctx, req, c)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return c, resp, nil
+}