{"id":14263177,"url":"https://github.com/GitHubSecurityLab/gh-mrva","last_synced_at":"2025-08-13T09:32:35.152Z","repository":{"id":154005655,"uuid":"620276606","full_name":"GitHubSecurityLab/gh-mrva","owner":"GitHubSecurityLab","description":"Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)","archived":false,"fork":false,"pushed_at":"2024-04-17T19:55:02.000Z","size":11833,"stargazers_count":49,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-11-13T13:43:39.912Z","etag":null,"topics":["gh-extension"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/GitHubSecurityLab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-03-28T11:22:35.000Z","updated_at":"2024-08-24T21:19:59.000Z","dependencies_parsed_at":null,"dependency_job_id":"dab5e0ab-c338-479a-b468-80bdcf1d5507","html_url":"https://github.com/GitHubSecurityLab/gh-mrva","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fgh-mrva","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fgh-mrva/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fgh-mrva/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GitHubSecurityLab%2Fgh-mrva/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/GitHubSecurityLab","download_url":"https://codeload.github.com/GitHubSecurityLab/gh-mrva/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":229754500,"owners_count":18119126,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gh-extension"],"created_at":"2024-08-22T13:03:03.387Z","updated_at":"2024-12-14T20:30:39.034Z","avatar_url":"https://github.com/GitHubSecurityLab.png","language":"Go","readme":"# gh-mrva\n\n\u003e This is an unofficial tool and is not officially supported by GitHub.\n\n## Configuration\n\nA configuration file will be created in `~/.config/gh-mrva/config.yml`. The following options are supported:\n- `codeql_path`: Path to CodeQL distribution (checkout of [codeql repo](https://github.com/github/codeql))\n- `controller`: NWO of the MRVA controller to use\n- `list_file`: Path to the JSON file containing the target repos\n\n## Usage\n\n### Submit a new query\n\n```bash\ngh mrva submit [--codeql-path\u003cpath to CodeQL repo\u003e] [--controller \u003ccontroller\u003e] --language \u003clanguage\u003e --session \u003csession name\u003e [--list-file \u003clist file\u003e] --list \u003clist\u003e [--query \u003cquery\u003e | --query-suite \u003cquery suite\u003e ]\n```\n\nNote: `codeql-dist`, `controller` and `list-file` are only optionals if defined in the configuration file\n\n### Download the results\n\n```bash\ngh mrva download --session \u003csession name\u003e --output-dir \u003coutput directory\u003e [--download-dbs] [--nwo \u003cowner/repo\u003e]\n```\n\n### List sessions\n\n```bash\ngh mrva list [--json]\n```\n\n### Check scan status\n\n```bash\ngh mrva status --session \u003csession name\u003e [--json]\n```\n\n## Contributing\n\n`gh-mrva` is a work in progress. If you have ideas for new fixes or improvements, please open an issue or pull request.\n\nIf possible, tests should be added for any new fixes. We favour testing with real file systems or processes where possible.\n\n## Releasing\n\nReleasing is currently done via tags. To release a new version, create a new tag and push it to the remote. The release workflow will automatically build and publish the new version.\n\ne.g.\n\n```sh\n# Determine the latest tag\ngit tag -l | sort -V | tail -n 1\n\n# Create a new tag\ngit tag -a v0.0.2 -m \"Release v0.0.2\"\n\n# Push the tag to the remote\ngit push origin --tags\n```\n","funding_links":[],"categories":["gh-extension","🧩 Categories","CodeQL CLI Tooling"],"sub_categories":["Repository Management"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGitHubSecurityLab%2Fgh-mrva","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FGitHubSecurityLab%2Fgh-mrva","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGitHubSecurityLab%2Fgh-mrva/lists"}