Merge branch 'main' into 2764-dependabot-improvements

Author: mchammer01

data/release-notes/3-0/0.yml

@@ -128,6 +128,7 @@ sections:
     - Juypter Notebook rendering in the web UI may fail if the notebook includes non UTF-8 encoded characters.
     - Dependency graph fails to parse `setup.py` Python manifest files, resulting in HTTP 500 errors in logs. This, combined with the duplicated logging issue, results in increased root volume utilization.
     - A race condition can cause dependency graph database migrations to appear to fail.
+    - Instances with a custom timezone that were upgraded from an earlier release of GitHub Enterprise Server may have incorrect timestamps in the web UI.
 
   deprecations:
     - heading: Deprecation of GitHub Enterprise Server 2.19

data/release-notes/3-0/1.yml

@@ -40,3 +40,4 @@ sections:
     - 'Repository [deploy keys](/developers/overview/managing-deploy-keys) are unable to be used with repositories containing LFS objects.'
     - 'Juypter Notebook rendering in the web UI may fail if the notebook includes non UTF-8 encoded characters.'
     - 'Dependency graph fails to parse `yarn.lock` Javascript manifest files, resulting in HTTP 500 errors in logs.'
+    - 'Instances with a custom timezone that were upgraded from an earlier release of GitHub Enterprise Server may have incorrect timestamps in the web UI.'

lib/webhooks/static/dotcom/repository_vulnerability_alert.create.payload.json

@@ -4,9 +4,11 @@
     "id": 91095730,
     "affected_range": ">= 2.0.4, < 2.0.6",
     "affected_package_name": "rack",
+    "fixed_in": "2.0.6",
     "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-16470",
     "external_identifier": "CVE-2018-16470",
-    "fixed_in": "2.0.6"
+    "ghsa_id": "GHSA-hg78-4f6x-99wq",
+    "created_at": "2021-03-01T01:23:45Z"
   },
   "repository": {
     "id": 186853002,

lib/webhooks/static/dotcom/repository_vulnerability_alert.dismiss.payload.json

@@ -4,9 +4,11 @@
     "id": 7649605,
     "affected_range": "0.2.0",
     "affected_package_name": "many_versioned_gem",
+    "fixed_in": "0.2.5",
     "external_reference": "https://nvd.nist.gov/vuln/detail/CVE-2018-3728",
     "external_identifier": "CVE-2018-3728",
-    "fixed_in": "0.2.5",
+    "ghsa_id": "GHSA-jp4x-w63m-7wgm",
+    "created_at": "2017-10-24T00:00:00Z",
     "dismisser": {
       "login":"octocat",
       "id":1,
@@ -28,6 +30,6 @@
       "site_admin":true
     },
     "dismiss_reason": "No bandwidth to fix this",
-    "dismissed_at": "2017-10-25T00:00:00+00:00"
+    "dismissed_at": "2017-10-25T00:00:00Z"
   }
 }