-
Notifications
You must be signed in to change notification settings - Fork 0
GitHub Issues
Jacob Centner edited this page Apr 10, 2026
·
2 revisions
Sentinel can create GitHub issues from approved findings, with deduplication and dry-run support.
-
Scan —
sentinel scan /repoproduces findings -
Review — inspect findings via CLI (
sentinel findings) or Web UI -
Approve —
sentinel approve <id>marks findings for issue creation -
Create —
sentinel create-issuescreates GitHub issues from approved findings
Set these environment variables (or pass via CLI flags):
export SENTINEL_GITHUB_TOKEN=ghp_... # GitHub personal access token
export SENTINEL_GITHUB_OWNER=your-username # Repo owner
export SENTINEL_GITHUB_REPO=your-repo # Repo nameThe token needs repo scope (or public_repo for public repos).
# Approve by finding ID
sentinel approve 7
sentinel approve 12
# Or approve via the web UI with the "Approve" button# Preview first (no API calls)
sentinel create-issues --dry-run
# Create for real
sentinel create-issuesCreated issues include:
- Title from the finding title
- Body with severity, detector, description, evidence, and file location
- Labels:
sentinel, detector name, severity level - Deduplication: won't create an issue if one with the same fingerprint already exists as an open issue
Example created issue:
Title: CVE-2024-3651 in idna 3.4
Labels:
sentinel,dep-audit,highBody:
## Sentinel Finding **Detector:** dep-audit **Severity:** HIGH | **Confidence:** 1.00 **File:** requirements.txt ### Description Vulnerability GHSA-jjg7-2v4v-x38h: Denial of service via resource consumption for internationalized domain names. Fix available: upgrade to idna >= 3.7 ### Evidence pip-audit output: idna 3.4 has known vulnerability CVE-2024-3651 --- *Created by [Local Repo Sentinel](https://github.com/jcentner/sentinel)*
sentinel create-issues \
--owner jcentner \
--github-repo sentinel \
--token ghp_... \
--dry-run \
--json-outputSecurity: Prefer
SENTINEL_GITHUB_TOKENenv var over--tokenflag to avoid shell history leaks.
sentinel create-issues --json-outputReturns structured JSON with created issue URLs and any errors.
Local Repo Sentinel · MIT License
Getting Started
Reference
Detectors
- Detector: Todo Scanner
- Detector: Complexity
- Detector: Dead Code
- Detector: Dep Audit
- Detector: Docs Drift
- Detector: Unused Deps
- Detector: Lint Runner
- Detector: ESLint Runner
- Detector: Go Linter
- Detector: Rust Clippy
- Detector: Git Hotspots
- Detector: Stale Env
- Detector: Semantic Drift
- Detector: Test Coherence
- Detector: CI/CD Drift
- Detector: Architecture Drift
- Detector: Inline Comment Drift
- Detector: Intent Comparison
Advanced
Workflow