Get code scanning alerts in org

This repo demonstrates how to use the GitHub code scanning API to export all the alerts on an organization to a CSV file. This makes it possible for a security team to quickly audit the known vulnerabilities across their organizations that are using GitHub Advanced Security

Running the script

Clone this repo to your local machine
Create a file called .env
Create a GitHub Token which has the repo > security_events permission. (repo permission is needed for private repo)
Add the token to your .env file as shown GH_AUTH_TOKEN=inserttokenhere
Run npm install to install node dependencies
Run node get-code-scanning-alerts.js orgname > output.csv where orgname is the name of your target org. Note, if SSO is enabled on your org, you will need to SSO enable your token

License

This project is licensed under the MIT License.

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
.github/workflows		.github/workflows
.vscode		.vscode
lib		lib
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
get-code-scanning-alerts.js		get-code-scanning-alerts.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.github/workflows

.github/workflows

.vscode

.vscode

lib

lib

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

get-code-scanning-alerts.js

get-code-scanning-alerts.js

package-lock.json

package-lock.json

package.json

package.json

Repository files navigation

Get code scanning alerts in org

Running the script

License

About

Releases

Packages

Contributors 3

Languages

License

jhutchings1/get-code-scanning-alerts-in-org-sample

Folders and files

Latest commit

History

Repository files navigation

Get code scanning alerts in org

Running the script

License

About

Resources

License

Code of conduct

Stars

Watchers

Forks

Languages