{"id":19742523,"url":"https://github.com/nyg/dependabot-vuln-viewer","last_synced_at":"2025-04-30T07:31:57.766Z","repository":{"id":37045146,"uuid":"441855789","full_name":"nyg/dependabot-vuln-viewer","owner":"nyg","description":"Displays Dependabot security alerts for multiple GitHub repositories.","archived":false,"fork":false,"pushed_at":"2024-10-21T22:52:53.000Z","size":2744,"stargazers_count":2,"open_issues_count":2,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-10-22T19:16:57.301Z","etag":null,"topics":["apollo-client","dependabot","github","github-api","graphql","log4shell","security","vulnerabilities"],"latest_commit_sha":null,"homepage":"dependabot-vuln-viewer.vercel.app","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nyg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-12-26T09:41:19.000Z","updated_at":"2024-10-01T01:12:29.000Z","dependencies_parsed_at":"2023-02-18T15:30:59.136Z","dependency_job_id":"c810dc78-2899-4386-ab63-714a1846f159","html_url":"https://github.com/nyg/dependabot-vuln-viewer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyg%2Fdependabot-vuln-viewer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyg%2Fdependabot-vuln-viewer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyg%2Fdependabot-vuln-viewer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyg%2Fdependabot-vuln-viewer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nyg","download_url":"https://codeload.github.com/nyg/dependabot-vuln-viewer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224201992,"owners_count":17272681,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apollo-client","dependabot","github","github-api","graphql","log4shell","security","vulnerabilities"],"created_at":"2024-11-12T01:32:04.734Z","updated_at":"2024-11-12T01:32:05.169Z","avatar_url":"https://github.com/nyg.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Dependabot Vulnerability Viewer\n\nDisplays Dependabot vulnerability alerts of multiple repositories on a single\npage. Only vulnerabilities of repositories that your personal access token has\naccess to will be displayed (restriction of GitHub's GraphQL API).\n\n## Demo\n\nHosted at [dependabot-vuln-viewer.vercel.app][].\n\n\u003e *Disclaimer*: Your personal access token is, in theory, never sent to the\n\u003e server (the GraphQL API request is made by the browser). However, due to the\n\u003e magic behind Next.js and Apollo Client, I cannot guarantee it. Feel free to\n\u003e clone the repo and run it in local. Let me know if you know more than I do on\n\u003e this subject.\n\n![demo screenshot](/public/dvv-screen.png)\n\n### Query String\n\nCan be any valid [advanced search][] query string:\n\n* `user:\u003ca GitHub user\u003e`,\n* `repo:\u003crepo owner\u003e/\u003crepo name\u003e`,\n* [etc.][],\n* any combination of the above.\n\n### Personal Access Token\n\nSee [here][] to create a personal access token for the GitHub API. Only the\n`repo` [scope][] is needed, or `public_repo` if you don't care about private\nrepositories.\n\n## Install \u0026 Run\n\n```sh\ngit clone https://github.com/nyg/dependabot-vuln-viewer.git\ncd dependabot-vuln-viewer\nnpm install\nnpm run dev # localhost:3000\n```\n\n## Improvements\n\n* Store settings in `localStorage`\n* Add OAuth login, GitHub Enterprise\n\n[dependabot-vuln-viewer.vercel.app]: https://dependabot-vuln-viewer.vercel.app/\n[Advanced Search]: https://github.com/search/advanced\n[etc.]: https://docs.github.com/en/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax\n[here]: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token\n[scope]: https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnyg%2Fdependabot-vuln-viewer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnyg%2Fdependabot-vuln-viewer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnyg%2Fdependabot-vuln-viewer/lists"}