Skip to content

Incorrect ecosystem enum definition in security advisory response schema #39255

New issue
New issue
Closed
Closed
Incorrect ecosystem enum definition in security advisory response schema#39255
Labels
contentThis issue or pull request belongs to the Docs Content teamfix-internallyTriggers a workflow to copy the issue internally and close the current issue
@sxl613

Description

@sxl613
sxl613
opened on Jul 10, 2025

Code of Conduct

What article on docs.github.com is affected?

The repository security advisory response schema lists an incomplete/incorrect enum for the ecosystem field.

The docs list the enum as:

              "ecosystem": {
                "type": "string",
                "description": "The package's language or package management ecosystem.",
                "enum": [
                  "rubygems",
                  "npm",
                  "pip",
                  "maven",
                  "nuget",
                  "composer",
                  "go",
                  "rust",
                  "erlang",
                  "actions",
                  "pub",
                  "other",
                  "swift"
                ]
              },

but one can get at least one additional value that's not in the list above.
E.g. application which shows up in GHSA-rqg7-xfqg-v7q5.

What part(s) of the article would you like to see updated?

The repository security advisory response schema section. In particular the ecosystem field in the response schema.

Additional information

Relevant data point: GHSA-rqg7-xfqg-v7q5

Metadata

Metadata

Assignees

No one assigned

    Labels

    contentThis issue or pull request belongs to the Docs Content teamfix-internallyTriggers a workflow to copy the issue internally and close the current issue

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions