Skip to content

tonycch/get-dependabot-alerts-sample

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
get-dependabot-alerts.js
get-dependabot-alerts.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Get Dependabot Alerts from a repository

Overview

This Node script takes in a given org and repo to dump out all Dependabot Alerts in the Security tab page.

How to use

  1. Clone this repo to your local machine
  2. Create a filed called .env
  3. Create a GitHub Personal Access Token with repo permission
  4. Add the token to your .env file as GITHUB_TOKEN=insert-token-here
  5. Run npm install then run get-dependabot-alerts.js with org and repo

Example

npm install
node get-dependabot-alerts.js octodemo activemq > output.csv

License

This project is licensed under the MIT License.

About

Get Dependabot Alerts from a repo

Topics

dependencies software-composition-analysis dependabot software-supp

Resources

Readme

License

MIT license
Activity

Stars

13 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages