Otterdog v1.0.4

• Fixed filter invalid codeql lang values returned by gh api (#435)
• Documentation improvement
• Dependencies updates for otterdog

Otterdog v1.0.3

Fixed

• Dependencies updates for otterdog
• Minor development docs and build updates

Otterdog v1.0.2

Fixed

• Fixed support for using common DNS in MongoDB URL configuration (#417)

Otterdog v1.0.1

Fixed

• Fixed support for actions as code scanning language (#411)
• Fixed coercion of has_discussion property in case the repository is the source of organization discussions.
• Fixed importing an organization that has multiple custom properties defined.
• Fixed updating organization teams with local-apply operation.

Otterdog v1.0.0

Changed

• Changed severity of validation messages wrt to missing 'github-pages' environments from WARNING to INFO.

Otterdog v0.11.0

Added

• Added policy dependency_track_upload to upload SBOM data from workflows to a dependency track instance.
• Added operations list-blueprints and approve-blueprints to list and approve remediation PRs created for specific organizations.
• Added support for teams.
• Use asyncer to speed up retrieval of live settings. (#209)

Changed

• Updated development environment to use poetry version 2.0.0 and changed license classifier to EPL-2.0. (#328)
• Changes the exclude_team filter to not consider teams defined in the default config.
• Converted workflow related settings into an embedded model object.
• Included option repo-filter of diff related operations already when getting live data from GitHub to speed up execution.

Fixed

• Fixed display of forced updates in plan operations.

Otterdog v0.10.0

Added

• Added support for organization roles.
• Added operation check-token-permissions to list all granted and missing scopes for the cli token.
• Added option to specify reviewers for blueprint type append_configuration.
• Added view for currently active remediation PRs for configured blueprints.

Changed

• Adapted default template for GitHub organizations to take an additional parameter: project_name.
• Changed accessing security managers of an organization using the organization roles api. (#365)
• Disabled adding automatic help comments for bot users creating a pull request in the config repo.
• Disabled checking of team membership for bot users creating a pull request in the config repo.

Fixed

• Fixed displaying changes when settings squash_merge_commit_title and squash_merge_commit_message were changed at the same time.
• Prevented setting private_vulnerability_reporting_enabled for private repositories.
• Prevented wrapping of long texts when importing the configuration.

Otterdog v0.9.0

Added

• Added validation rules for squash and merge commit title and message settings of a repository.
• Added new blueprint scorecard_integration to integrate OSSF Scorecard evaluations. (#345)
• Added new blueprint append_configuration to append configuration snippets depending on certain conditions.
• Added support for organization rulesets. (#158)
• Added support for templates in required-file blueprints. (#322)
• Added support for a post-add-objects hook in the default configuration that gets executed after resources have been added. (#318)
• Added new blueprint pin_workflow to pin used GitHub actions in workflows.
• Added new blueprint required_file to create files in repositories.
• Added a new operation list-advisories to list GitHub Security Advisories for organizations.

Changed

• Added raising an InsufficientPermissionsException if the token lacks required OAuth scopes for a specific endpoint. (#126)
• Improved the check mechanism for blueprints by only checking a certain number each run and by taking the last check time into account.
• Improved the update mechanism when installing a new GitHub organization to only update the newly added organization. (#349)
• Integrated existing logging with standard python logging facility.
• Utilized rich console formatting instead of low-level colorama styles.
• Improved processing when archiving repositories to process all other requested changes before archiving them. (#134)
• Split up policies into policies and blueprint and added support for them in the UI
• Improved processing of organization settings web_commit_signoff_required and actions_can_approve_pull_request_reviews to force update the same settings on repo level as changes will be implicitly performed by GitHub.

Fixed

• Fixed retrieval of setting two_factor_requirement which has been renamed to two_factor_required in the Web UI. (#339)
• Fixed exclusion of settings that can only be accessed via the Web UI in the local-apply operation. (#330)
• Fixed updating or deleting webhooks with wildcard patterns via the local-apply operation. (#325)
• Fixed importing of rulesets due to missing handling of embedded model object required_status_checks.
• Changing setting squash_merge_commit_message also requires that setting squash_merge_commit_title is present in the payload sent to GitHub.

Otterdog v0.8.0

Added

• Added validation for setting gh_pages_source_path of a repository to check for allowed values.
• Added a playground and visualization of the default settings for a project to the dashboard. (#293)
• Added support for overriding default settings in the otterdog config from a file .otterdog-defaults.json.
• Added support for setting required_merge_queue in repository rulesets. (#282)
• Added support for setting target in repository rulesets.
• Added support for parameter --repo-filter for plan and apply operations. (#275)
• Added support for tags for deployment policies in environments. (#268)
• Added support for custom properties. (#256)
• Added validation for setting forked_repository of a repository to match the expected format <owner>/<repo>.
• Added operation review-permissions to review requested permissions updates from GitHub apps for an organization. (#260)
• Added operation uninstall-app to uninstall a GitHub app for an organization.
• Added operation local-apply to apply change based on two local configurations. (#257)
• Added policy macos_large_runners to control whether MacOS large runners are permitted to use in an organization. (#251)
• Added operation install-app to install a GitHub app for an organization. (#250)
• Added option --no-diff and --force to the push-config operation to disable showing diffs and interactive approvals. (#246)

Changed

• Do not include settings whose values is null in the plan operation output when a resource is added.
• Include model_only settings in the plan operation output when a resource is added.
• Converted status check related settings of a Ruleset into an embedded model object similar to merge queue settings.
• Display changes in list properties using sequence comparison.
• Converted pull request related settings of a Ruleset into an embedded model object similar to merge queue settings.
• Use jsonata instead of jq for querying json objects.
• Use ghproxy by default as transparent cache / proxy when accessing the GitHub API from the webapp. (#274)
• Changed parameter --update-filter for various operations from a python regular expression to a shell pattern format.
• Changed operation import to mask webhook urls in a similar way as in the previous configuration if present.
• Added a retry logic for calls to https://api.github.com to gracefully handle intermittent connection problems.
• Changed ApplyChangesTask to use a local-apply operation rather than an apply operation. (#257)
• Changed operation fetch-config to include 2 additional parameters suffix and ref to fetch a config from a specific git reference.
• Changed operation push-config to always show a diff of the local changes compared to the current remote configuration prior to execution. (#246)

Fixed

• Fixed throttling of comments generated when checking if the configuration is in sync with the live settings.
• Fixed creation of a Ruleset if no merge queue is specified.
• Ensured that validation for a Ruleset fails if any parameter of required_pull_request is missing as they are required.
• Creating a repo with gh_pages_build_type: "disabled" is now working again after changes on GitHub side.
• Avoided unnecessary GitHub API calls when getting the default_branch or id of a repository.
• Detect errors during an automatic apply operation and add a corresponding comment to the pull request.
• Support showing dialog windows when using operation web-login.
• Fixed showing changes to dummy secret values when performing a local-plan operation. (#245)
• Added proper error handling in case no base_template is defined in the otterdog configuration file. (#247)

Otterdog v0.7.0

Added

• Added support for disabling default code security configurations. (#234)
• Added support for configuring default code scanning setup of a repository. (#198)
• Added operation open-pr to automatically create a PR for local changes. (#230)
• Added author information from git when pushing config changes with push-config. (#228)

Changed

• Deprecated organization settings dependabot_alerts_enabled_for_new_repositories,
  dependabot_security_updates_enabled_for_new_repositories and dependency_graph_enabled_for_new_repositories.
• Deprecated organization setting has_repository_projects.

Fixed

• Fixed updating the configuration of a project when its base template changed. (#221)
• Fixed updating configuration when the github_id of a project changed. (#235)