Get code scanning alerts in org

This repo demonstrates how to use the GitHub code scanning API to export all the alerts on an organization to a CSV file. This makes it possible for a security team to quickly audit the known vulnerabilities across their organizations that are using GitHub Advanced Security

Running the script

Clone this repo to your local machine
Create a file called .env
Create a GitHub Token which has the repo > security_events permission. (repo permission is needed for private repo)
Add the token to your .env file as shown GH_AUTH_TOKEN= <insert token here>
Run npm install to install node dependencies
Run node get-secret-scanning-alerts.js org > output.csv where org is the name of your target organization. Note, if SSO is enabled on your org, you will need to SSO enable your token.
- Optionally, you can run node get-secret-scanning-alerts.js 'org' http://enterprise.github.yourcompany.com > output.csv where the optional second parameter is your github enterprise base URL. Do not include the trailing '/' in the URL.

License

This project is licensed under the MIT License.

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
.github/workflows		.github/workflows
.vscode		.vscode
lib		lib
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
get-secret-scanning-alerts.js		get-secret-scanning-alerts.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Get code scanning alerts in org

Running the script

License

About

Releases

Packages

Contributors 4

Languages

License

mr-sherman/get-secret-scanning-alerts-in-org

Folders and files

Latest commit

History

Repository files navigation

Get code scanning alerts in org

Running the script

License

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 4

Languages

Packages