Skip to content

feat: new field ignore_vulnerability_alerts to github_repository #3130

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
lens0021 wants to merge 3 commits into from
Closed

feat: new field ignore_vulnerability_alerts to github_repository #3130

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
151c40b
feat: new field ignore_vulnerability_alerts to github_repository
lens0021 Jan 27, 2026
513cee3
docs: Priority
lens0021 Jan 27, 2026
da3d372
docs: Improve the existing vulnerability_alerts description
lens0021 Jan 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 12 additions & 5 deletions github/resource_github_repository.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -411,6 +411,11 @@ func resourceGithubRepository() *schema.Resource {
Optional: true,
Description: "Set to true to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read.",
},
"ignore_vulnerability_alerts": {
Type: schema.TypeBool,
Optional: true,
Description: "Set to true to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions.",
},
"full_name": {
Type: schema.TypeString,
Computed: true,
Expand Down Expand Up @@ -773,9 +778,11 @@ func resourceGithubRepositoryCreate(ctx context.Context, d *schema.ResourceData,
}
}

err := updateVulnerabilityAlerts(d, client, ctx, owner, repoName)
if err != nil {
return diag.FromErr(err)
if !d.Get("ignore_vulnerability_alerts").(bool) {
err := updateVulnerabilityAlerts(d, client, ctx, owner, repoName)
if err != nil {
return diag.FromErr(err)
}
}

return resourceGithubRepositoryUpdate(ctx, d, meta)
Expand Down Expand Up @@ -896,7 +903,7 @@ func resourceGithubRepositoryRead(ctx context.Context, d *schema.ResourceData, m
}
}

if !d.Get("ignore_vulnerability_alerts_during_read").(bool) {
if !d.Get("ignore_vulnerability_alerts").(bool) && !d.Get("ignore_vulnerability_alerts_during_read").(bool) {
vulnerabilityAlerts, _, err := client.Repositories.GetVulnerabilityAlerts(ctx, owner, repoName)
if err != nil {
return diag.Errorf("error reading repository vulnerability alerts: %s", err.Error())
Expand Down Expand Up @@ -1013,7 +1020,7 @@ func resourceGithubRepositoryUpdate(ctx context.Context, d *schema.ResourceData,
}
}

if d.HasChange("vulnerability_alerts") {
if !d.Get("ignore_vulnerability_alerts").(bool) && d.HasChange("vulnerability_alerts") {
err = updateVulnerabilityAlerts(d, client, ctx, owner, repoName)
if err != nil {
return diag.FromErr(err)
Expand Down
6 changes: 4 additions & 2 deletions website/docs/r/repository.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,9 +140,11 @@ initial repository creation and create the target branch inside of the repositor

* `template` - (Optional) Use a template repository to create this resource. See [Template Repositories](#template-repositories) below for details.

* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings.
* `vulnerability_alerts` (Optional) - Set to `true` to enable security alerts for vulnerable dependencies. Enabling requires alerts to be enabled on the owner level. (Note for importing: GitHub enables the alerts on public repos but disables them on private repos by default.) See [GitHub Documentation](https://help.github.com/en/github/managing-security-vulnerabilities/about-security-alerts-for-vulnerable-dependencies) for details. Note that vulnerability alerts have not been successfully tested on any GitHub Enterprise instance and may be unavailable in those settings. To manage this setting, admin permissions are required; use `ignore_vulnerability_alerts` if you lack permissions.

* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read.
* `ignore_vulnerability_alerts` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions. When enabled, the `vulnerability_alerts` setting is not managed.

* `ignore_vulnerability_alerts_during_read` (Optional) - Set to `true` to not call the vulnerability alerts endpoint so the resource can also be used without admin permissions during read. If `ignore_vulnerability_alerts` is set, this field is ignored.

* `allow_update_branch` (Optional) - Set to `true` to always suggest updating pull request branches.

Expand Down