A Command Line ToolKit for GitHub Security Alert.
- @security-alert/create-issue
- Create an issue form GitHub Security Alert URL
- @security-alert/list-alerts
- Show list of GitHub Security Alerts.
These tools aim to integration CodeQL and GitHub. CodeQL output the scanned results as SARIF format.
- @security-alert/sarif-to-issue
- Create an issue form SARIF file
- @security-alert/sarif-to-comment
- Comment to issue from SARIF file
- @security-alert/sarif-to-markdown
- Convert SARIF to Markdown format
- Good work with GitHub's CodeQL results
See Releases page.
yarn install
yarn run build
yarn test
git checkout -b release-branch
git push -u
GH_TOKEN=xxx npm run versionup
npm run release # use npm instead of yarn
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature - Commit your changes:
git commit -am 'Add some feature' - Push to the branch:
git push origin my-new-feature - Submit a pull request :D
Release all packages via following command:
GH_TOKEN="${GITHUB_TOKEN}" npm run versionup -- --create-release=github && npm run release -- --yes
# or just release and write Release Note manually
# npm run versionup && npm run release -- --yes
MIT © azu