Skip to content
This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization.
JavaScript Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib Execute API calls in series to prevent hitting rate limit Jul 15, 2019
shell_script Added basic rate limiting to prevent github server blocking requests … Jul 16, 2019
.env.example Rewrite using @octokit/rest Jun 9, 2019
.gitignore
CODE-OF-CONDUCT.md Add repository health files. Apr 29, 2019
CONTRIBUTING.md Make license link in CONTRIBUTING.md match extensionless LICENSE Jul 6, 2019
LICENSE
README.md
enable-automated-security-fixes-for-org.js Execute API calls in series to prevent hitting rate limit Jul 15, 2019
enable-security-alerts-for-org-check.js Add a security vulnerability alert check script Jul 15, 2019
enable-security-alerts-for-org.js
package-lock.json
package.json

README.md

Enable security alerts and automated security fixes sample

This repository contains sample scripts for Node and Bash which can be used to enable security alerts and automated security fixes in all of the repositories in a given organization.

This project is being provided as a sample only which illustrates how to enable vulnerability alerts and enable automated security fixes in all repositories in a given organization.

Node script

Note: This node script is also available integrated into the GitHub Administration Tool (ghad).

Prerequisites

  • Install Node
  • Clone this repository
  • At the commandline, run npm install
  • Generate a new personal access token with repo and read:org permissions
  • Copy .env.example to .env and include your new personal access token in the GH_AUTH_TOKEN value.

Calling this script to enable security alerts

  • At the commandline, run node enable-security-alerts-for-org.js myorgname where myorgname is your organization. This will enable security alerts on all repositories in your organization.

Calling this script to check for enabled security alerts

  • At the commandline, run node enable-security-alerts-for-org-check.js myorgname where myorgname is your organization. This will enable security alerts on all repositories in your organization.

Calling this script to enable automated security fixes

You'll need to enable security alerts before you can enable automated security fixes

  • At the commandline, run node enable-automated-security-fixes-for-org.js myorgname where myorgname is your organization. This will enable security alerts on all repositories in your organization.

Shell script

Prerequisites

Calling this script to enable security alerts

  • At the commandline, run ./shell_script/enable_vulnerability_alerts_for_entire_org.sh myorgname accessToken where myorgname is your organization, and accessToken is the personal access token you generated earlier.

Calling this script to enable automated security fixes

You'll need to enable security alerts before you can enable automated security fixes

  • At the commandline, run ./shell_script/enable_automated_security_fixes_for_entire_org.sh myorgname accessToken where myorgname is your organization, and accessToken is the personal access token you generated earlier.

Contributing

If you'd like to contribute to this sample with fixes, or support for other platforms, please follow the contribution guidelines.

License

This project is available under the MIT license.

You can’t perform that action at this time.