0

I am working on a python script that gets a specific repository by name, ultimately I want to see if there are any security alerts associated with it.

Thus far I can get the repo using the python git library, however I can seem to find a way to get information about the alerts [I have created a repo that intentionally has a vulnerable dependency in it, and in the UI it has been flagged.]

This is what my script looks like at the moment: 

from github import Github

# create a github instance with my test token
github_instance = Github("my_token_is_here")

# get a specific repository
repo = github_instance.get_repo("name/test_sec_alerts")

does get_repo have the ability to bubble up information about security alerts?

Lombax
  • 851
  • 4
  • 9
  • 25

1 Answers1

2

This data is currently only available in the Repository Vulnerability Alerts Schema Preview, part of the broader Schema Preview feature which is not well supported in PyGithub as of today.

Dynamic (non-hardcoded) consumption of Schema Previews is a feature that's been requested before but seems to have ultimately failed to gain enough traction to warrant a full pull request. You may want to consider filing for a feature request in the PyGithub issue tracker.

esqew
  • 42,425
  • 27
  • 92
  • 132