feat: Fetch alerts with open status only

kunalnagarco / action-cve

A GitHub action that sends Dependabot Vulnerability Alerts to Slack, PagerDuty, Zenduty, Microsoft Teams.

https://github.com/marketplace/actions/check-cve

MIT License

20 stars 20 forks source link

feat: Fetch alerts with open status only #167

Closed dan-serendipity closed 4 months ago

dan-serendipity commented 4 months ago

The existing call returns the first count alerts. Some of these alerts may be fixed or dismissed, while there may be older open alerts which were not returned. Moving the filter operation to the backend resolves this problem.

N.B. Alert state is one of auto_dismissed, dismissed, fixed, and open. Of these, we are only interested in open

dan-serendipity commented 4 months ago

@kunalnagar - Done Attached are:

the script I have used to test the fetchAlerts function, first on main, and then on my branch;
the terminal output for each execution of the script, first on main. Notice the older alerts that were missed out on the first execution

dan-serendipity commented 4 months ago

LGTM 🚀

Please squash and merge. Thanks!

I don't have write access. I've reduced the commit history to a single commit, but I think you will need to merge.

github-actions[bot] commented 4 months ago

:tada: This PR is included in version 1.11.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket:

kunalnagar commented 4 months ago

I don't have write access. I've reduced the commit history to a single commit, but I think you will need to merge.

Thanks @dan-serendipity - I've merged the PR for now but I'll take a look at the contribution settings. Maybe I overlooked something -- thanks for the contribution!