{"id":35369098,"url":"https://github.com/psilore/squad","last_synced_at":"2026-01-13T19:51:19.212Z","repository":{"id":328670824,"uuid":"1116322144","full_name":"psilore/squad","owner":"psilore","description":"Generate comprehensive reports about GitHub organizations and teams, including repositories, Dependabot alerts, pull requests, and team members.","archived":false,"fork":false,"pushed_at":"2025-12-23T06:03:23.000Z","size":40,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-12-24T20:32:35.904Z","etag":null,"topics":["devops","devops-tools","markdown","report","squad","team"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/psilore.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-12-14T16:27:39.000Z","updated_at":"2025-12-23T06:03:25.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/psilore/squad","commit_stats":null,"previous_names":["psilore/squad"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/psilore/squad","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psilore%2Fsquad","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psilore%2Fsquad/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psilore%2Fsquad/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psilore%2Fsquad/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/psilore","download_url":"https://codeload.github.com/psilore/squad/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psilore%2Fsquad/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28397976,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-13T14:36:09.778Z","status":"ssl_error","status_checked_at":"2026-01-13T14:35:19.697Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["devops","devops-tools","markdown","report","squad","team"],"created_at":"2026-01-02T02:14:18.679Z","updated_at":"2026-01-13T19:51:19.204Z","avatar_url":"https://github.com/psilore.png","language":"Shell","readme":"# squad\n\n[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg)](https://conventionalcommits.org)\n[![semantic-release](https://img.shields.io/badge/semantic-release-e10079?logo=semantic-release)](https://github.com/semantic-release/semantic-release)\n[![Main](https://github.com/psilore/squad/actions/workflows/main.yml/badge.svg?branch=main)](https://github.com/psilore/squad/actions/workflows/main.yml)\n\nA GitHub Action that generates comprehensive reports about GitHub organizations and teams, including repositories, Dependabot alerts, pull requests, and team members.\n\n## Features\n\n- 📊 **Repository Overview** - List all repositories with visibility status and public repo warnings\n- 🔒 **Security Scanning** - Analyze Dependabot alerts with CVE links and severity tracking\n- 🔀 **Pull Request Tracking** - Monitor open pull requests with draft status and author info\n- 👥 **Team Management** - Track team members and organization users\n- 📈 **Detailed Reports** - Generate markdown reports with comprehensive statistics\n- 🎯 **Flexible Targeting** - Report on entire organizations, specific teams, or individual users\n- 📦 **JSON Exports** - Comprehensive team_data.json with all collected metrics\n\n## Usage\n\n### Basic Example\n\n```yaml\nname: Monthly Security Report\n\non:\n  schedule:\n    - cron: '0 0 1 * *'  # First day of every month\n  workflow_dispatch:\n\njobs:\n  generate-report:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      \n      - name: Generate Report\n        uses: psilore/squad@v1\n        with:\n          owner: 'your-organization'\n          github-token: ${{ secrets.GITHUB_TOKEN }}\n```\n\n### Advanced Example with Team\n\n```yaml\n- name: Generate Team Report\n  id: squad-report\n  uses: psilore/squad@v1\n  with:\n    owner: 'your-organization'\n    team-slug: 'engineering-team'\n    github-token: ${{ secrets.PAT_TOKEN }}\n    since-date: '2024-01-01'\n    until-date: '2024-12-31'\n    report-path: './reports'\n    alerts: 'true'\n    users: 'true'\n    pull-requests: 'true'\n\n- name: Upload Report\n  uses: actions/upload-artifact@v4\n  with:\n    name: squad-report\n    path: ./reports/\n```\n\n## Inputs\n\n| Input | Description | Required | Default |\n|-------|-------------|----------|---------|\n| `owner` | GitHub organization or owner name | ✅ Yes | - |\n| `team-slug` | Team slug within the organization | ❌ No | `''` (entire org) |\n| `github-token` | GitHub token with appropriate permissions | ✅ Yes | - |\n| `since-date` | Start date for report range (YYYY-MM-DD) | ❌ No | First day of previous month |\n| `until-date` | End date for report range (YYYY-MM-DD) | ❌ No | Today |\n| `report-path` | Path where report will be saved | ❌ No | `./report` |\n| `alerts` | Include Dependabot alerts scanning | ❌ No | `true` |\n| `users` | Include user/member data collection | ❌ No | `true` |\n| `pull-requests` | Include open pull requests tracking | ❌ No | `true` |\n\n## Outputs\n\n| Output | Description |\n|--------|-------------|\n| `report-path` | Path to the generated report directory |\n| `total-alerts` | Total number of Dependabot alerts found |\n| `critical-alerts` | Number of critical severity alerts |\n| `total-repos` | Total number of repositories analyzed |\n| `total-users` | Total number of users/members |\n\n## Permissions\n\nThe GitHub token needs the following permissions:\n\n```yaml\npermissions:\n  contents: read\n  issues: read\n  pull-requests: read\n  repository-projects: read\n```\n\nFor organization-level reporting, you may need a Personal Access Token (PAT) with:\n\n- `repo` - Full control of private repositories\n- `read:org` - Read org and team membership\n- `read:user` - Read user profile data\n\n## Report Contents\n\nThe generated report includes:\n\n### Markdown Report (report_summary.md)\n\n1. **Users Table** - Team members with avatars and GitHub profiles\n2. **Repositories Table** - All repos with visibility status and public repo warnings\n3. **Open Pull Requests Table** - Active PRs with status, author, and dates\n4. **Vulnerabilities Table** - Dependabot alerts with CVE links and severity levels\n\n### JSON Exports\n\n- **team_data.json** - Comprehensive data with all metrics and summaries\n- **repos.json** - Repository details with visibility information\n- **users.json** - User/member data with avatars and profiles\n- **prs.json** - Open pull request details\n- **alerts.json** - Dependabot vulnerability data\n- **public_repos.json** - List of public repositories (if any detected)\n\n## Example Workflow with Notifications\n\n```yaml\n- name: Generate Report\n  id: squad\n  uses: psilore/squad@v1\n  with:\n    owner: 'your-org'\n    github-token: ${{ secrets.GITHUB_TOKEN }}\n\n- name: Check Critical Alerts\n  if: steps.squad.outputs.critical-alerts \u003e 0\n  run: |\n    echo \"::warning::Found ${{ steps.squad.outputs.critical-alerts }} critical alerts!\"\n    \n- name: Create Issue on Critical Alerts\n  if: steps.squad.outputs.critical-alerts \u003e 0\n  uses: actions/github-script@v7\n  with:\n    script: |\n      github.rest.issues.create({\n        owner: context.repo.owner,\n        repo: context.repo.repo,\n        title: '🚨 Critical Security Alerts Detected',\n        body: `Found ${{ steps.squad.outputs.critical-alerts }} critical alerts.\\n\\nSee the full report in the workflow artifacts.`,\n        labels: ['security', 'critical']\n      });\n```\n\n## Local Development\n\n### Using Make (Recommended)\n\nThe project includes a Makefile for easy development:\n\n```bash\n# View all available commands\nmake help\n\n# Run all linters (Docker, YAML, Shell)\nmake lint\n\n# Build the Docker image\nmake build\n\n# Build and run\nmake run OWNER=your-org GITHUB_TOKEN=ghp_...\n\n# Quick run without rebuilding\nmake quick-run OWNER=your-org GITHUB_TOKEN=ghp_...\n\n# Run tests\nmake test\n\n# Clean up\nmake clean\n```\n\n### Manual Commands\n\n#### Running the Script Directly\n\n```bash\n# Set required environment variables\nexport OWNER=\"your-organization\"\nexport TEAM_SLUG=\"your-team\"  # Optional\nexport GITHUB_TOKEN=\"ghp_yourtoken\"\n\n# Run the script\n./scripts/squad.sh -o \"$OWNER\" -t \"$TEAM_SLUG\"\n```\n\n#### Building the Docker Image\n\n```bash\ndocker build -t squad:latest .\n```\n\n#### Testing the Action Locally\n\n```bash\n# Method 1: Using the built image\ndocker run --rm \\\n  -e GITHUB_TOKEN=\"$GITHUB_TOKEN\" \\\n  -e INPUT_OWNER=\"your-org\" \\\n  squad:test\n\n# Method 2: Generate report in a specific directory\nmkdir -p output \u0026\u0026 chmod 777 output\ndocker run --rm \\\n  -e GITHUB_TOKEN=\"$GITHUB_TOKEN\" \\\n  -e INPUT_OWNER=\"your-org\" \\\n  -v $(pwd)/output:/workspace/report \\\n  squad:test\n```\n\n### Quality Assurance\n\n```bash\n# Lint Dockerfile\nmake lint-docker\n\n# Lint YAML files\nmake lint-yaml\n\n# Lint shell scripts\nmake lint-shell\n\n# Verify all dependencies\nmake verify-deps\n```\n\n## Contributing\n\nContributions are welcome! Please feel free to submit a Pull Request.\n\n## License\n\nMIT License - see LICENSE file for details\n\n## Support\n\nIf you encounter any issues or have questions, please file an issue in the GitHub repository.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsilore%2Fsquad","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpsilore%2Fsquad","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsilore%2Fsquad/lists"}