vulnerability-priority-list

A command line report on a GitHub organisation's repositories, ordered by priority, and including time-to-SLA for each severity level

Features

Calculates the SLA due dates based on working days: weekdays excluding public holidays.
😴 indicates the vulnerability has been dismissed in GitHub's UI.
Links to GitHub's dependabot page are included for each repository. Links are dotted-underlined, and typically holding down CTRL or CMD while clicking will open the target page.

Copy sample.env to .env, and populate variables as needed (more details in sample.env)

Run directly

pip install -r requirements.txt
python3 scan.py

or with Docker

 docker-compose run --rm scanner

At the time of writing, it takes around 15 seconds to run, making 8 requests to GitHub's API.

Name		Name	Last commit message	Last commit date
Latest commit History 51 Commits
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
docker-compose.yml		docker-compose.yml
requirements.in		requirements.in
requirements.txt		requirements.txt
sample.env		sample.env
scan.py		scan.py
screenshot.png		screenshot.png