From 98241e557766c44eda4184ff7a980021f3e1424f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Jul 2025 17:36:00 +0000 Subject: [PATCH 1/2] Bump pygithub from 1.58.2 to 2.6.1 Bumps [pygithub](https://github.com/pygithub/pygithub) from 1.58.2 to 2.6.1. - [Release notes](https://github.com/pygithub/pygithub/releases) - [Changelog](https://github.com/PyGithub/PyGithub/blob/v2.6.1/doc/changes.rst) - [Commits](https://github.com/pygithub/pygithub/compare/v1.58.2...v2.6.1) --- updated-dependencies: - dependency-name: pygithub dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index bd39333479..c1b52dfdea 100644 --- a/requirements.txt +++ b/requirements.txt @@ -26,7 +26,7 @@ djangorestframework==3.16.0 html2text==2025.4.15 humanize==4.12.3 jira==3.8.0 -PyGithub==1.58.2 +PyGithub==2.6.1 lxml==6.0.0 Markdown==3.8.2 openpyxl==3.1.5 From e7e10f083e0aa463c96ae808e0057bb9a1b1c089 Mon Sep 17 00:00:00 2001 From: Valentijn Scholten Date: Tue, 15 Jul 2025 19:38:17 +0200 Subject: [PATCH 2/2] github auth: use pygithub2.x auth params --- dojo/github.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/dojo/github.py b/dojo/github.py index dc1f865b12..011a3feb28 100644 --- a/dojo/github.py +++ b/dojo/github.py @@ -5,7 +5,7 @@ from django.template.loader import render_to_string # External libs -from github import Github +from github import Auth, Github # Dojo related imports from dojo.models import Engagement, GITHUB_Issue, GITHUB_PKey, Product @@ -33,7 +33,7 @@ def reopen_external_issue_github(find, note, prod, eng): g_issue = GITHUB_Issue.objects.get(finding=find) try: - g_ctx = Github(github_conf.api_key) + g_ctx = Github(auth=Auth.Token(github_conf.api_key)) repo = g_ctx.get_repo(github_product.git_project) issue = repo.get_issue(int(g_issue.issue_id)) except: @@ -64,7 +64,7 @@ def close_external_issue_github(find, note, prod, eng): g_issue = GITHUB_Issue.objects.get(finding=find) try: - g_ctx = Github(github_conf.api_key) + g_ctx = Github(auth=Auth.Token(github_conf.api_key)) repo = g_ctx.get_repo(github_product.git_project) issue = repo.get_issue(int(g_issue.issue_id)) except: @@ -95,7 +95,7 @@ def update_external_issue_github(find, prod, eng): g_issue = GITHUB_Issue.objects.get(finding=find) try: - g_ctx = Github(github_conf.api_key) + g_ctx = Github(auth=Auth.Token(github_conf.api_key)) repo = g_ctx.get_repo(github_product.git_project) issue = repo.get_issue(int(g_issue.issue_id)) issue.edit(title=find.title, body=github_body(find), labels=["defectdojo", "security / " + find.severity]) @@ -130,7 +130,7 @@ def add_external_issue_github(find, prod, eng): logger.info("Create issue with github profile: " + str(github_conf) + " on product: " + str(github_product_key)) try: - g = Github(github_conf.api_key) + g = Github(auth=Auth.Token(github_conf.api_key)) user = g.get_user() logger.debug("logged in with github user: " + user.login) logger.debug("Look for project: " + github_product_key.git_project)