An open API service indexing awesome lists of open source software.

https://github.com/phrase/vulnerability_alerts_github_action


https://github.com/phrase/vulnerability_alerts_github_action

Last synced: 9 months ago
JSON representation

Awesome Lists containing this project

README

          

# phrase/vulnerability_alerts_github_action

This action checks for Dependabot security alerts and notifies in slack.

## Inputs

### `slack-token`

**Required** Your slack access token for the bot.

### `slack-channel`

**Required** Channel where to post the notification.

### `github-token`

**Required** GitHub token to execute the GraphQL query for repository.

### `github-repository`

**Required** Name of repository to check.

## Example usage

```yaml
name: Dependabot vulnerabilities
on:
schedule:
- cron: '0 8 * * 1-5'
jobs:
testnotify:
name: Notify
runs-on: ubuntu-latest
steps:
- name: Notify
id: vulnerability_alerts_github_action
uses: phrase/vulnerability_alerts_github_action@85ca43c872b642ab4e692cb573cc6f496753e4cf
with:
slack-token: ${{ secrets.SLACK_VULNERABILITIES_NOTIFICATIONS_TOKEN }}
slack-channel: ${{ secrets.SLACK_TEAM_INTEGRATIONS_CHANNEL }}
github-token: ${{ secrets.GH_VULNERABILITIES_ACTION_TOKEN }}
github-repository: ${{ github.repository }}
```