Skip to content

This repo demonstrates how to use the GitHub Code Scanning API to export all the alerts in an organization to a CSV file

License

Notifications You must be signed in to change notification settings

jhutchings1/get-code-scanning-alerts-in-org-sample

Repository files navigation

Get code scanning alerts in org

This repo demonstrates how to use the GitHub code scanning API to export all the alerts on an organization to a CSV file. This makes it possible for a security team to quickly audit the known vulnerabilities across their organizations that are using GitHub Advanced Security

Running the script

  1. Clone this repo to your local machine
  2. Create a file called .env
  3. Create a GitHub Token which has the repo > security_events permission. (repo permission is needed for private repo)
  4. Add the token to your .env file as shown GH_AUTH_TOKEN=inserttokenhere
  5. Run npm install to install node dependencies
  6. Run node get-code-scanning-alerts.js orgname > output.csv where orgname is the name of your target org. Note, if SSO is enabled on your org, you will need to SSO enable your token

License

This project is licensed under the MIT License.

About

This repo demonstrates how to use the GitHub Code Scanning API to export all the alerts in an organization to a CSV file

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •