https://github.com/phrase/vulnerability_alerts_github_action
https://github.com/phrase/vulnerability_alerts_github_action
Last synced: 9 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/phrase/vulnerability_alerts_github_action
- Owner: phrase
- Created: 2021-09-07T10:44:18.000Z (almost 5 years ago)
- Default Branch: main
- Last Pushed: 2025-07-03T13:13:44.000Z (about 1 year ago)
- Last Synced: 2025-07-03T14:27:29.306Z (about 1 year ago)
- Language: Elixir
- Size: 30.3 KB
- Stars: 0
- Watchers: 11
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# phrase/vulnerability_alerts_github_action
This action checks for Dependabot security alerts and notifies in slack.
## Inputs
### `slack-token`
**Required** Your slack access token for the bot.
### `slack-channel`
**Required** Channel where to post the notification.
### `github-token`
**Required** GitHub token to execute the GraphQL query for repository.
### `github-repository`
**Required** Name of repository to check.
## Example usage
```yaml
name: Dependabot vulnerabilities
on:
schedule:
- cron: '0 8 * * 1-5'
jobs:
testnotify:
name: Notify
runs-on: ubuntu-latest
steps:
- name: Notify
id: vulnerability_alerts_github_action
uses: phrase/vulnerability_alerts_github_action@85ca43c872b642ab4e692cb573cc6f496753e4cf
with:
slack-token: ${{ secrets.SLACK_VULNERABILITIES_NOTIFICATIONS_TOKEN }}
slack-channel: ${{ secrets.SLACK_TEAM_INTEGRATIONS_CHANNEL }}
github-token: ${{ secrets.GH_VULNERABILITIES_ACTION_TOKEN }}
github-repository: ${{ github.repository }}
```