@security-alert monorepo
A Command Line ToolKit for GitHub Security Alert.
Tools
- @security-alert/create-issue
- Create an issue form GitHub Security Alert URL
- @security-alert/list-alerts
- Show list of GitHub Security Alerts.
SARIF to GitHub Issue/Comment
These tools aim to integration CodeQL and GitHub. CodeQL output the scanned results as SARIF format.
- @security-alert/sarif-to-issue
- Create an issue form SARIF file
- @security-alert/sarif-to-comment
- Comment to issue from SARIF file
- @security-alert/sarif-to-markdown
- Convert SARIF to Markdown format
- Good work with GitHub's CodeQL results
Changelog
See Releases page.
Development
yarn install
yarn run build
yarn test
Release Workflow
- Create Release PR via dispatching .github/workflows/create-release-pr.yml
- You can select new version with semver(patch,minor,major)
- [CI] Create Release PR
- Update
lerna.json
'sversion
andpackages/*/package.json
'sversion
- Fill the Pull Request body with Automatically generated release notes
- e.g. azu/monorepo-github-releases#18
- Review Release PR
- You can modify PR body
- Merge Release PR
- [CI] Publish new version to npm and GitHub Release
- The release note content is same to PR body
- CI copy to release note from PR body when merge the PR
- e.g. https://github.com/azu/monorepo-github-releases/releases/tag/v1.6.3
Contributing
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Releases
Release all packages via following command:
GH_TOKEN="${GITHUB_TOKEN}" npm run versionup -- --create-release=github && npm run release -- --yes
# or just release and write Release Note manually
# npm run versionup && npm run release -- --yes
Author
License
MIT © azu