{"id":48890740,"url":"https://github.com/ericboehs/github-team-auditor","last_synced_at":"2026-04-16T07:36:58.197Z","repository":{"id":300317873,"uuid":"1005868392","full_name":"ericboehs/github-team-auditor","owner":"ericboehs","description":null,"archived":false,"fork":false,"pushed_at":"2025-11-21T08:22:47.000Z","size":1943,"stargazers_count":0,"open_issues_count":13,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-12T03:55:40.414Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ericboehs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-21T01:27:48.000Z","updated_at":"2025-07-02T00:40:22.000Z","dependencies_parsed_at":"2025-06-28T06:19:13.455Z","dependency_job_id":null,"html_url":"https://github.com/ericboehs/github-team-auditor","commit_stats":null,"previous_names":["ericboehs/github-team-auditor"],"tags_count":0,"template":false,"template_full_name":"ericboehs/rails-starter","purl":"pkg:github/ericboehs/github-team-auditor","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericboehs%2Fgithub-team-auditor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericboehs%2Fgithub-team-auditor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericboehs%2Fgithub-team-auditor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericboehs%2Fgithub-team-auditor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ericboehs","download_url":"https://codeload.github.com/ericboehs/github-team-auditor/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericboehs%2Fgithub-team-auditor/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31876810,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T07:36:03.521Z","status":"ssl_error","status_checked_at":"2026-04-16T07:35:53.576Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-16T07:36:57.477Z","updated_at":"2026-04-16T07:36:58.188Z","avatar_url":"https://github.com/ericboehs.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Team Auditor\n\nA comprehensive web application for auditing GitHub team memberships and access compliance. Built for organizations that need to regularly review and validate team member access, track member activity, and maintain security compliance.\n\n## Overview\n\nGitHub Team Auditor streamlines the process of conducting security audits on GitHub teams by:\n\n- **Automated Team Synchronization** - Pulls team member data directly from GitHub API\n- **Interactive Audit Sessions** - Provides guided workflows for reviewing member access\n- **Member Activity Tracking** - Correlates GitHub issues with team members to show activity\n- **Progress Tracking** - Visual progress indicators and completion statistics\n- **Real-time Collaboration** - Multiple auditors can work on the same audit simultaneously\n- **Audit Trail** - Complete history of access decisions and notes\n\n## Key Features\n\n### 🔍 **Comprehensive Team Auditing**\n- Create audit sessions for any GitHub team\n- Review member access with validated/pending/removed status tracking\n- Add detailed notes and comments for each member\n- Track audit progress with real-time statistics\n\n### 🔄 **Real-time Team Synchronization** \n- Background synchronization of team data from GitHub\n- Live UI updates showing sync progress\n- Automatic detection of new team members and changes\n\n### 🎯 **Issue Correlation \u0026 Activity Tracking**\n- Automatically correlates GitHub issues with team members\n- Configurable search terms for finding relevant member activity\n- Visual indicators showing member engagement and activity levels\n- Timeline view of when members were first/last seen in issues\n\n### ⚡ **Modern User Experience**\n- Responsive design that works on desktop and mobile\n- Dark mode support for comfortable viewing\n- Keyboard shortcuts for power users (Ctrl+hjkl navigation, Ctrl+/ for help)\n- Real-time updates without page refreshes using Turbo Streams\n\n### 🛡️ **Security \u0026 Compliance**\n- Secure session-based authentication\n- Audit trail of all access decisions\n- Export capabilities for compliance reporting\n- Role-based access controls\n\n## Use Cases\n\n### Security Audits\n- **Quarterly Access Reviews** - Systematically review all team members' continued need for access\n- **Onboarding/Offboarding** - Ensure new hires have appropriate access and departing employees are removed\n- **Compliance Reporting** - Generate reports showing audit completion and decisions\n\n### Team Management\n- **Activity Monitoring** - Identify inactive team members who may no longer need access\n- **Access Validation** - Verify that team membership aligns with current roles and responsibilities\n- **Team Health** - Get insights into team engagement through issue correlation\n\n### Organizational Oversight\n- **Multi-team Audits** - Conduct audits across multiple teams and organizations\n- **Progress Tracking** - Monitor audit completion rates across different teams\n- **Historical Analysis** - Track access decisions and changes over time\n\n## Tech Stack\n\n- **Rails 8.0.2** with modern asset pipeline (Propsharp)\n- **SQLite3** for all environments including production\n- **Hotwire** (Turbo + Stimulus) for real-time interactivity\n- **Tailwind CSS** for responsive, modern UI design\n- **ViewComponent** for maintainable, reusable UI components\n- **Solid Libraries** for database-backed cache, queue, and cable\n\n## Getting Started\n\n### Prerequisites\n\n- Ruby 3.2+\n- Rails 8.0.2+\n- SQLite3\n- GitHub Personal Access Token (classic) with `repo` and `read:org` scopes\n\n### Installation\n\n1. Clone the repository:\n  ```bash\n  git clone \u003crepository-url\u003e\n  cd github-team-auditor\n  ```\n\n2. Install dependencies and set up the database:\n  ```bash\n  bin/setup\n  ```\n\n3. Configure your GitHub API token:\n  ```bash\n  # Using direnv (recommended)\n  echo \"export GHTA_GITHUB_TOKEN=your_github_personal_access_token\" \u003e\u003e .envrc\n  direnv allow\n  ```\n   \n  Or set environment variable directly:\n  ```bash\n  export GHTA_GITHUB_TOKEN=your_github_personal_access_token\n  ```\n   \n  Or add to your `.env` file:\n  ```\n  GHTA_GITHUB_TOKEN=your_github_personal_access_token\n  ```\n\n4. Start the development server:\n  ```bash\n  bin/dev\n  ```\n\n5. Visit `http://localhost:3000` and create your first user account\n\n### First Audit Session\n\n1. **Add a Team** - Navigate to Teams and add your GitHub organization/team\n2. **Sync Team Data** - Click \"Sync GitHub Team\" to pull current member data\n3. **Create Audit Session** - Start a new audit session for the team\n4. **Review Members** - Go through each member and mark them as validated, pending, or removed\n5. **Track Progress** - Monitor completion percentage and add notes as needed\n\n## Usage\n\n### Creating an Audit Session\n\n1. Go to **Audits** → **New Audit Session**\n2. Select the team you want to audit\n3. Give your audit session a descriptive name (e.g., \"Q1 2024 Security Review\")\n4. Set a due date if needed\n5. Click **Create Audit Session**\n\n### Conducting the Audit\n\n1. **Review each member** by clicking through the status badges:\n  - **Pending** (yellow) → **Validated** (green) → **Removed** (red)\n2. **Add notes** for any members requiring explanation\n3. **Use keyboard shortcuts** for faster navigation:\n  - `Ctrl + h/l` - Navigate left/right between columns\n  - `Ctrl + j/k` - Navigate up/down between rows  \n  - `Ctrl + /` - Show keyboard shortcuts help\n4. **Track progress** using the stats widgets at the top\n\n### Team Management\n\n- **Sync Teams** regularly to get the latest member data from GitHub\n- **Find GitHub Issues** to correlate member activity with team membership\n- **Monitor job progress** through real-time UI updates\n\n## Development\n\n### Code Quality\n\nRun the full CI pipeline (formatting, linting, security scan, tests):\n\n```bash\nbin/ci\n```\n\nAuto-fix formatting issues:\n\n```bash\nbin/ci --fix\n```\n\nWatch CI status in real-time:\n\n```bash\nbin/watch-ci\n```\n\n### Testing\n\nRun tests:\n\n```bash\nbin/rails test\n```\n\nGenerate coverage report:\n\n```bash\nbin/coverage\n```\n\n### Code Standards\n\n- **EditorConfig**: UTF-8, LF line endings, 2-space indentation\n- **RuboCop**: Rails Omakase configuration  \n- **SimpleCov**: 95% minimum coverage requirement\n- **Conventional Commits**: Structured commit messages\n\n## Documentation\n\n### For Developers\n\n- **[App Components](app/components/README.md)** - ViewComponent architecture and reusable UI components\n- **[Background Jobs](app/jobs/README.md)** - Job architecture, real-time updates, and error handling  \n- **[Services](app/services/README.md)** - Business logic services and GitHub API integration\n- **[Development Guide](docs/development.md)** - Complete development setup and workflow\n- **[GitHub API Integration](docs/api_integration.md)** - API client documentation and usage\n- **[Real-time Features](docs/real_time_features.md)** - Turbo Streams, ActionCable, and live UI updates\n- **[Authentication System](docs/authentication.md)** - Session-based auth, security features, and component usage\n- **[Testing Guide](docs/testing.md)** - Test strategy, coverage requirements, and best practices  \n- **[Job Architecture](docs/job_architecture.md)** - Detailed background job implementation and patterns\n\n### For Users \u0026 Product Management\n\n- **[User Guide](docs/user_guide.md)** - Complete end-user documentation and workflows\n- **[Product Requirements](docs/PRD.md)** - Feature specifications and product goals\n\n### For Contributors\n\n- **[Developer Tools](bin/README.md)** - CI scripts and development utilities\n- **[Rake Tasks](lib/tasks/README.md)** - Custom management tasks and commands\n\n## Contributing\n\n1. Follow the existing code style and conventions\n2. Ensure tests pass: `bin/ci`\n3. Maintain test coverage above 95%\n4. Use conventional commit messages\n\n## License\n\nThis project is licensed under the [MIT License](https://opensource.org/licenses/MIT).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericboehs%2Fgithub-team-auditor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fericboehs%2Fgithub-team-auditor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericboehs%2Fgithub-team-auditor/lists"}