{"id":16123607,"url":"https://github.com/austenstone/security-export","last_synced_at":"2026-02-03T01:36:13.760Z","repository":{"id":219989667,"uuid":"750450670","full_name":"austenstone/security-export","owner":"austenstone","description":"GitHub Action to export GitHub security alerts","archived":false,"fork":false,"pushed_at":"2025-06-23T20:55:15.000Z","size":8045,"stargazers_count":1,"open_issues_count":6,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-28T01:03:12.459Z","etag":null,"topics":["actions","code-scanning","dependabot","ghas","github-advanced-security","secret-scanning","security"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/austenstone.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["austenstone"]}},"created_at":"2024-01-30T17:07:53.000Z","updated_at":"2025-06-06T20:15:37.000Z","dependencies_parsed_at":"2024-02-11T01:26:21.229Z","dependency_job_id":"bbda35aa-ede1-4979-b961-e8567446fe80","html_url":"https://github.com/austenstone/security-export","commit_stats":null,"previous_names":["austenstone/security-export"],"tags_count":2,"template":false,"template_full_name":"austenstone/action-typescript","purl":"pkg:github/austenstone/security-export","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austenstone%2Fsecurity-export","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austenstone%2Fsecurity-export/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austenstone%2Fsecurity-export/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austenstone%2Fsecurity-export/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/austenstone","download_url":"https://codeload.github.com/austenstone/security-export/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austenstone%2Fsecurity-export/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29026374,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T00:53:18.321Z","status":"ssl_error","status_checked_at":"2026-02-03T00:51:45.186Z","response_time":58,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","code-scanning","dependabot","ghas","github-advanced-security","secret-scanning","security"],"created_at":"2024-10-09T21:17:40.613Z","updated_at":"2026-02-03T01:36:13.728Z","avatar_url":"https://github.com/austenstone.png","language":"TypeScript","funding_links":["https://github.com/sponsors/austenstone"],"categories":[],"sub_categories":[],"readme":"# GitHub Security Export\nThis project exports GitHub code scanning, secret scanning, and dependabot security alerts to multiple formats.\n\n## Usage\nCreate a workflow (eg: `.github/workflows/security-export.yml`). See [Creating a Workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file).\n\n### PAT(Personal Access Token)\nYou will need to [create a PAT(Personal Access Token)](https://github.com/settings/tokens/new?scopes=admin:org) that has the appropriate scope.\n\nAdd this PAT as a secret so we can use it as input `github-token`, see [Creating encrypted secrets for a repository](https://docs.github.com/en/enterprise-cloud@latest/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository). \n\n### Organizations\nIf your organization has SAML enabled you must authorize the PAT, see [Authorizing a personal access token for use with SAML single sign-on](https://docs.github.com/en/enterprise-cloud@latest/authentication/authenticating-with-saml-single-sign-on/authorizing-a-personal-access-token-for-use-with-saml-single-sign-on).\n\n#### Basic Usage\nYou can pass `enterprise`, `organization`, or `repository` to scope the export.\n\n```yml\nname: Export Security Alerts\non:\n  workflow_dispatch:\n\njobs:\n  run:\n    name: Export\n    runs-on: ubuntu-latest\n    steps:\n      - uses: austenstone/security-export@main\n        id: export\n        with:\n          github-token: ${{ secrets.PAT }}\n          organization: octodemo\n      - run: |\n          echo \"$DEPENDABOT\"\n          echo \"$CODE_SCANNING\"\n          echo \"$SECRET_SCANNING\"\n        env:\n          DEPENDABOT: ${{ steps.export.outputs.dependabot }}\n          CODE_SCANNING: ${{ steps.export.outputs.code-scanning }}\n          SECRET_SCANNING: ${{ steps.export.outputs.secret-scanning }}\n```\n\n#### CSV Format Example\nYou can export to CSV using the [austenstone/json-to-csv](https://github.com/austenstone/json-to-csv) action.\n\n\u003e [!NOTE]  \n\u003e The output of this action might exceed the maximum size of inputs/outputs. In that case leverage the generated artifact as shown in the example.\n\n```yml\nname: Export Security Alerts\non:\n  workflow_dispatch:\n\njobs:\n  run:\n    name: Export\n    runs-on: ubuntu-latest\n    steps:\n      - uses: austenstone/security-export@main\n        id: export\n        with:\n          github-token: ${{ secrets.PAT }}\n          repository: octodemo/vulnerable-node\n      - uses: austenstone/json-to-csv@main\n        with:\n          json-artifact-name: ${{ steps.export.outputs.artifact-name }}\n          create-artifact: true\n          artifact-name: \"GitHub Security Alerts CSV\"\n\n```\n\n#### Query Parameters Example\n```yml\n          code-scanning-query-parameters: '{ \"severity\": \"critical\", \"state\": \"open\" }'\n          secret-scanning-query-parameters: '{ \"state\": \"open\" }'\n          dependabot-query-parameters: '{ \"severity\": \"critical\", \"state\": \"open\" }'\n```\n\n#### Artifact\nWe create an artifact by default, you can disable this by setting `create-artifact` to `false`. Modify the `artifact-name` to change the name of the artifact.\n\n```yml\n          create-artifact: true\n          artifact-name: \"GitHub Security Alerts\"\n```\n\nAccess the artifact via the output variable `${{ steps[*].export.outputs.artifact-name }}`.\n\n## ➡️ Inputs\nVarious inputs are defined in [`action.yml`](action.yml):\n\n| Name | Description | Default |\n| --- | - | - |\n| github\u0026#x2011;token | Token to use to authorize. | ${{\u0026nbsp;github.token\u0026nbsp;}} |\n| enterprise | The GitHub Enterprise | N/A |\n| organization | The GitHub organization | N/A |\n| repository | The GitHub repository | ${{ github.repository }} |\n| code-scanning | Whether to export code scanning alerts | true |\n| code-scanning-query-parameters | Query parameters as JSON Ex: {\"state\": dismissed} | N/A |\n| secret-scanning | Whether to export secret scanning alerts | true |\n| secret-scanning-query-parameters | Query parameters as JSON | N/A |\n| dependabot | Whether to export dependabot alerts | true |\n| dependabot-query-parameters | Query parameters as JSON Ex: {\"state\": dismissed} | N/A |\n| create-artifact | Whether to create an artifact | true |\n\n## ⬅️ Outputs\n\n| Name | Description |\n| --- | --- |\n| dependabot | Dependabot alerts as a JSON string |\n| code-scanning | Code scanning alerts as a JSON string |\n| secret-scanning | Secret scanning alerts as a JSON string |\n| artifact-name | The name of the artifact |\n\n\n## Further help\nTo get more help on the Actions see [documentation](https://docs.github.com/en/actions).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faustenstone%2Fsecurity-export","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faustenstone%2Fsecurity-export","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faustenstone%2Fsecurity-export/lists"}