Open
Description
Schema Inaccuracy
The Response Schema for the dependabot alert endpoint (for organizations) defines 3 valid values for relationship. When using this endpoint we sometimes get the value "inconclusive" which is not listed.
"dependabot-alert-with-repository": {
"type": "object",
"description": "A Dependabot alert.",
"properties": {
"number": {
"$ref": "#/components/schemas/alert-number"
},
"state": {
...
},
"dependency": {
"type": "object",
"description": "Details for the vulnerable dependency.",
"readOnly": true,
"properties": {
...
"relationship": {
"type": "string",
"description": "...",
"readOnly": true,
"nullable": true,
"enum": [
"unknown",
"direct",
"transitive"
]
}
}
},
Expected
The schema should include all values
"dependabot-alert-with-repository": {
"type": "object",
"description": "A Dependabot alert.",
"properties": {
"number": {
"$ref": "#/components/schemas/alert-number"
},
"state": {
...
},
"dependency": {
"type": "object",
"description": "Details for the vulnerable dependency.",
"readOnly": true,
"properties": {
...
"relationship": {
"type": "string",
"description": "...",
"readOnly": true,
"nullable": true,
"enum": [
"unknown",
"direct",
"transitive",
"inconclusive"
]
}
}
},
Reproduction Steps
Due to the sensitive nature of alerts I cannot provide an explicit example.