A Command Line ToolKit for GitHub Security Alert.
- @security-alert/create-issue
- Create an issue form GitHub Security Alert URL
- @security-alert/list-alerts
- Show list of GitHub Security Alerts.
These tools aim to integration CodeQL and GitHub. CodeQL output the scanned results as SARIF format.
- @security-alert/sarif-to-issue
- Create an issue form SARIF file
- @security-alert/sarif-to-comment
- Comment to issue from SARIF file
- @security-alert/sarif-to-markdown
- Convert SARIF to Markdown format
- Good work with GitHub's CodeQL results
See Releases page.
yarn install
yarn run build
yarn test
- Create Release PR via dispatching .github/workflows/create-release-pr.yml
- You can select new version with semver(patch,minor,major)
- [CI] Create Release PR
- Update
lerna.json'sversionandpackages/*/package.json'sversion - Fill the Pull Request body with Automatically generated release notes
- e.g. azu/monorepo-github-releases#18
- Review Release PR
- You can modify PR body
- Merge Release PR
- [CI] Publish new version to npm and GitHub Release
- The release note content is same to PR body
- CI copy to release note from PR body when merge the PR
- e.g. https://github.com/azu/monorepo-github-releases/releases/tag/v1.6.3
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature - Commit your changes:
git commit -am 'Add some feature' - Push to the branch:
git push origin my-new-feature - Submit a pull request :D
Release all packages via following command:
GH_TOKEN="${GITHUB_TOKEN}" npm run versionup -- --create-release=github && npm run release -- --yes
# or just release and write Release Note manually
# npm run versionup && npm run release -- --yes
MIT © azu