Automating interactions with GitHub Security Advisories #276
-
|
What's the best way to automate interactions with GitHub security advisories? For example, adding comments to the advisories? My use case is trying to enforce 90-day disclosure timelines on my disclosures and keeping disclosure information in sync with a private GitHub issue. I can't seem to find a REST nor GraphQL API for doing any of this against a yet-undisclosed Security Advisory. Is my best bet to do something with Selenium and a Chromedriver? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
Hey Jonathan, Unfortunately, we haven't yet exposed an API for dealing with unpublished Security Advisories. FWIW, you probably don't need a full browser to automate interacting with it 🤔. |
Beta Was this translation helpful? Give feedback.
-
|
I don't really want to have to extract CSRF tokens from the GitHub HTML to do this. But I see kinda what you are saying. |
Beta Was this translation helpful? Give feedback.
-
|
… right, if you have familiarity with Selenium it might be easier to select the inputs and hit submit than to try to parse out the HTML 😅 |
Beta Was this translation helpful? Give feedback.
Hey Jonathan,
Unfortunately, we haven't yet exposed an API for dealing with unpublished Security Advisories.
FWIW, you probably don't need a full browser to automate interacting with it 🤔.