New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ingest GitHub data #228
Comments
It seems like this could enable more than just understanding user access to code. For example, suppose GitHub detects a vulnerable dependency in a manifest file for some app. GitHub can tell you when that vulnerability has been patched in your source control, but won't tell you whether that fix has been deployed everywhere. Maybe that's scope creep for this issue? Anyway, I've always thought it'd be cool to connect vulnerable dependency data with a tool that understands where that code is deployed. |
* Added parsing for extension permissions to crxcavator ingest * Updated documentation for crxcavator ingest * removed debugging statement * Updated docs to address comments Fixed missing fields * Fixed cypher error * Changed index and import to reference ChromeExtensionPermissions id * Remove potentially bad import data * removed unnecessary json.dumps call * Added back dumps to get information on unknown field for logging, not ingesting though * Added tagging for all logging calls * clarified code comment * lint fix * crxcavator crash fix before merge from master * Initial github commit * Initial github commit * Moved Github setup to config object Added documentation for configuration of Github ingest to README.md * address comment on using templating * Changed repo owner relationship to entity-owner->repo Added default for unconfigured Github handling
@nealharris This is exactly the way that we use this data internally :). In the past we wrote these functions without thinking about OSS but now we're writing as much as we can in open-source-land first. Definitely welcome help here too if there's a particular app you have in mind! |
Title: Ingest GitHub repo data
Description:
Ingest GitHub repo info to enable exploration of user access to code. This is currently a Lyft internal module.
The text was updated successfully, but these errors were encountered: