Github API to manage access to Security Alerts?

About

Asked 24/3, 2021 at 13:40 Answered 24/3, 2021 at 14:19

After enabling the Dependabot Security Alerts you need to explicitly grant access to alerts in the Security & Analysis settings (https://github.com/[org]/[repository]/settings/security_analysis). By default collaborators don't see the Security "tab" unless they have admin rights to the repository (which we don't use).

Is there a way to do this with the GitHub API or another automated/scriptable way? This doesn't seem to be in the API, and it's not very practical to do manually with 100's of repositories.

Huysmans answered 24/3, 2021 at 13:40 Comment(2)

I see it's possible to get the alerts but can't seem to find a PUT/POST endpoint to activate it. This might not be possible. – Westminster 24/3, 2021 at 14:16

Not through API but there is a way to do it for a single organization (looks like this is what you want to do and not a repo under a user) via one click. See answer below – Westminster 24/3, 2021 at 14:20

While this might not be possible via API, for organizations, it appears that you can enable this for all repositories in the organization. There are also settings for private repositories. Go to: https://github.com/organizations/[org]/settings/security_analysis

You should see "Enable all" buttons.

Westminster answered 24/3, 2021 at 14:19 Comment(2)

We have enabled this for all repositories. The issue I have is that there's no way to configure who gets access to the Security Alerts by default, and the configuration needs to be done on each repository, and there's no API currently to support this. – Huysmans 25/3, 2021 at 11:1

.. and if you organized your teams in a nested / tree structure, GitHub does not find all the teams – Windpollinated 2/7, 2021 at 19:15

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags