Support new Repository security advisories REST API

[gmlewis]

GitHub Blog post: https://github.blog/changelog/2023-08-10-get-repository-security-advisories-for-your-organization-via-rest-api/
Rest API docs: https://docs.github.com/en/rest/security-advisories/repository-advisories?apiVersion=2022-11-28#list-repository-security-advisories-for-an-organization

This would be a great PR for any new contributor to this repo or a new Go developer.
All contributions are greatly appreciated!

Feel free to volunteer for any issue and the issue can be assigned to you so that others don't attempt to duplicate the work.

Please check out our CONTRIBUTING.md guide to get started. (In particular, please remember to go generate ./... and don't use force-push to your PRs.)

Thank you!

[coderr01]

@gmlewis I like to contribute. As per my understanding

1. we need to add the functionality for GET : /repos/{owner}/{repo}/security-advisories
2. Can you please elaborate where we are going to add that functionality and how we are authenticating to get the token ?

[gmlewis]

Before I answer those questions, please read CONTRIBUTING.md and take some time to read through this code base and play around with it.

All your questions will hopefully be answered.

If you still have questions in a few days, let me know, but honestly if I walk you through the creation of this PR, then it would be more efficient for me to simply write the PR.

Consider this to be a fun learning experience and a challenge and you will learn a lot more by trying to figure out the answers than if I led you through the whole process.

Thanks.

[anishrajan25]

@gmlewis I would like to pick this up. Could you please assign it to me?

[gmlewis]

Thank you, @anishrajan25 !
It's yours.

[anishrajan25]

I was going through the API documentation here, when I identified that there is inconsistency between the API response and the response schema shared by github.

The documentation says that the response body will have the Submission field as:

"submission": [
      {
        "accepted": true
      }
    ],

While as per the response schema in the documentation it says Submission field would be as:

"submission": {
    "accepted": true
}

Have raised the same with github team a while back. Ref to GH Issue

@gmlewis By any chance are you aware of the actual schema for submission field?

For now I will take the submission as per the response schema and continue with the dev for the following 2 APIs:

• Lists repository security advisories for an organization - /orgs/{org}/security-advisories
• Lists security advisories in a repository - /repos/{owner}/{repo}/security-advisories

[gmlewis]

@gmlewis By any chance are you aware of the actual schema for submission field?

No, I'm afraid not, sorry.
Can you try out the API on a repo to see what actually comes back to you?