Skip to content
/ dependabot-reporter Public

Python scripts for querying GitHub Dependabot alert advisories and generating report outputs

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dbca-wa/dependabot-reporter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.github
.github
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
generate_report.py
generate_report.py
 
 
pyproject.toml
pyproject.toml
 
 
uv.lock
uv.lock
 
 

Repository files navigation

GitHub Dependabot reporter

This project contains scripts for querying GitHub Dependabot alert advisories, generating a CSV report and uploading this to blob storage.

Installation

Dependencies for this project are managed using uv. With uv installed, change into the project directory and run:

uv sync

Activate the virtualenv like so:

source .venv/bin/activate

To run Python commands in the activated virtualenv, thereafter run them like so:

python manage.py

Manage new or updated project dependencies with uv also, like so:

uv add newpackage==1.0

Environment variables

This project uses python-dotenv to set environment variables (in a .env file). The following variables are required for the project to run:

GITHUB_TOKEN
GITHUB_ORGANISATION
SEVERITY_MIN_DESC
AZURE_STORAGE_CONNECTION_STRING

About

Python scripts for querying GitHub Dependabot alert advisories and generating report outputs

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •  

Languages