Check if pull request is associated with vulnarabilityAlert #118788

sebastiankoltun · 2024-04-12T09:08:38Z

sebastiankoltun
Apr 12, 2024

Select Topic Area

GraphQL query for vulnerability alert pull requests

Question:
Are there other ways around to check if pull request is associated with vulnerability alert?

Body

I need to find out if dependabot created pull request is associated with vulnerability alert.

I found one solution using GraphQL query:

query VulnerabilityAlertsPullRequests($repo_owner: String!, $repo_name: String!) {
    organization(login: $repo_owner){
        repository(name: $repo_name){
            vulnerabilityAlerts(first: 100){
                nodes {
                    dependabotUpdate {
                        pullRequest {
                            number
                        }
                    }
                }
                pageInfo {
                    ...pageInfo
                }
            }
        }
    }
}

But the problem is that this query return paginated results with bunch of nulls and there is no way to filter out such results using query filters.

{
  "data": {
    "organization": {
      "repository": {
        "vulnerabilityAlerts": {
          "nodes": [
            {
              "dependabotUpdate": null
            },
            {
              "dependabotUpdate": null
            },
            {
              "dependabotUpdate": null
            },
            {
              "dependabotUpdate": null
            },
           [...]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Community

Check if pull request is associated with vulnarabilityAlert #118788

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 0 comments

Select a reply

GitHub Community

Check if pull request is associated with vulnarabilityAlert #118788

sebastiankoltun Apr 12, 2024

Select Topic Area

Body

Replies: 0 comments

sebastiankoltun
Apr 12, 2024