From 151c40b3a43bb69a02ed2bc85d9812b952c06b7c Mon Sep 17 00:00:00 2001 From: lens0021 Date: Tue, 27 Jan 2026 23:03:22 +0900 Subject: [PATCH 1/3] feat: new field ignore_vulnerability_alerts to github_repository --- github/resource_github_repository.go | 17 ++++++++++++----- website/docs/r/repository.html.markdown | 2 ++ 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/github/resource_github_repository.go b/github/resource_github_repository.go index 2419dee190..d9c21873ae 100644 --- a/github/resource_github_repository.go +++ b/github/resource_github_repository.go @@ -411,6 +411,11 @@ func resourceGithubRepository() *schema.Resource { Optional: true, Description: "Set to true to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read.", }, + "ignore_vulnerability_alerts": { + Type: schema.TypeBool, + Optional: true, + Description: "Set to true to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions.", + }, "full_name": { Type: schema.TypeString, Computed: true, @@ -773,9 +778,11 @@ func resourceGithubRepositoryCreate(ctx context.Context, d *schema.ResourceData, } } - err := updateVulnerabilityAlerts(d, client, ctx, owner, repoName) - if err != nil { - return diag.FromErr(err) + if !d.Get("ignore_vulnerability_alerts").(bool) { + err := updateVulnerabilityAlerts(d, client, ctx, owner, repoName) + if err != nil { + return diag.FromErr(err) + } } return resourceGithubRepositoryUpdate(ctx, d, meta) @@ -896,7 +903,7 @@ func resourceGithubRepositoryRead(ctx context.Context, d *schema.ResourceData, m } } - if !d.Get("ignore_vulnerability_alerts_during_read").(bool) { + if !d.Get("ignore_vulnerability_alerts").(bool) && !d.Get("ignore_vulnerability_alerts_during_read").(bool) { vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName) if err != nil { return diag.Errorf("error reading repository vulnerability alerts: %s", err.Error()) @@ -1013,7 +1020,7 @@ func resourceGithubRepositoryUpdate(ctx context.Context, d *schema.ResourceData, } } - if d.HasChange("vulnerability_alerts") { + if !d.Get("ignore_vulnerability_alerts").(bool) && d.HasChange("vulnerability_alerts") { err = updateVulnerabilityAlerts(d, client, ctx, owner, repoName) if err != nil { return diag.FromErr(err) diff --git a/website/docs/r/repository.html.markdown b/website/docs/r/repository.html.markdown index 92c67745de..3358bd0902 100644 --- a/website/docs/r/repository.html.markdown +++ b/website/docs/r/repository.html.markdown @@ -144,6 +144,8 @@ initial repository creation and create the target branch inside of the repositor * `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. +* `ignore_vulnerability_alerts` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions. + * `allow_update_branch` (Optional) - Set to `true` to always suggest updating pull request branches. ### GitHub Pages Configuration From 513cee337e165fc528574be9b8e643a63695f986 Mon Sep 17 00:00:00 2001 From: lens0021 Date: Tue, 27 Jan 2026 23:05:16 +0900 Subject: [PATCH 2/3] docs: Priority --- website/docs/r/repository.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/repository.html.markdown b/website/docs/r/repository.html.markdown index 3358bd0902..007a072a15 100644 --- a/website/docs/r/repository.html.markdown +++ b/website/docs/r/repository.html.markdown @@ -142,10 +142,10 @@ initial repository creation and create the target branch inside of the repositor * `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. -* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. - * `ignore_vulnerability_alerts` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions. +* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. If `ignore_vulnerability_alerts` is set, this field is ignored. + * `allow_update_branch` (Optional) - Set to `true` to always suggest updating pull request branches. ### GitHub Pages Configuration From da3d372174cb97c125b8c30b350a966767acb65f Mon Sep 17 00:00:00 2001 From: lens0021 Date: Tue, 27 Jan 2026 23:12:30 +0900 Subject: [PATCH 3/3] docs: Improve the existing vulnerability_alerts description --- website/docs/r/repository.html.markdown | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/r/repository.html.markdown b/website/docs/r/repository.html.markdown index 007a072a15..b2e745a9ef 100644 --- a/website/docs/r/repository.html.markdown +++ b/website/docs/r/repository.html.markdown @@ -140,9 +140,9 @@ initial repository creation and create the target branch inside of the repositor * `template` - (Optional) Use a template repository to create this resource. See [Template Repositories](#template-repositories) below for details. -* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. +* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. To manage this setting, admin permissions are required; use `ignore_vulnerability_alerts` if you lack permissions. -* `ignore_vulnerability_alerts` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions. +* `ignore_vulnerability_alerts` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions. When enabled, the `vulnerability_alerts` setting is not managed. * `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. If `ignore_vulnerability_alerts` is set, this field is ignored.