This pull request includes changes to both the README.md and ghazdo-csv-report.ps1 files in the src/csv-report directory, as well as the ghazdo-csv-report.yml file. The changes primarily focus on improving the documentation, error handling, and functionality of the script.
Documentation improvements:
src/csv-report/README.md: Updated the instructions for obtaining a Personal Access Token (PAT) and added a new section on how to use the pipeline.
Error handling improvements:
src/csv-report/ghazdo-csv-report.ps1: Added error handling for cases where the script fails to retrieve projects or repositories. In such cases, the script now logs the error and continues to the next item. [1][2]
Functionality improvements:
src/csv-report/ghazdo-csv-report.ps1: Updated the script to require PS7 or higher and added verbose debugging output for HTTP payload size. The script now also considers API client rate limiting and sets the maximum number of alerts returned by the Advanced Security API to 10000 per repo. [1][2][3]
src/csv-report/ghazdo-csv-report.ps1: Updated the script to handle cases where the maximum number of alerts has been reached. It now logs a warning if the number of alerts equals the maximum limit.
src/csv-report/README.md and src/csv-report/ghazdo-csv-report.ps1: Updated the PAT permissions requirements to include Projects - Read for organization scope. [1][2]
This pull request includes changes to both the
README.mdandghazdo-csv-report.ps1files in thesrc/csv-reportdirectory, as well as theghazdo-csv-report.ymlfile. The changes primarily focus on improving the documentation, error handling, and functionality of the script.Documentation improvements:
src/csv-report/README.md: Updated the instructions for obtaining a Personal Access Token (PAT) and added a new section on how to use the pipeline.Error handling improvements:
src/csv-report/ghazdo-csv-report.ps1: Added error handling for cases where the script fails to retrieve projects or repositories. In such cases, the script now logs the error and continues to the next item. [1] [2]Functionality improvements:
src/csv-report/ghazdo-csv-report.ps1: Updated the script to require PS7 or higher and added verbose debugging output for HTTP payload size. The script now also considers API client rate limiting and sets the maximum number of alerts returned by the Advanced Security API to 10000 per repo. [1] [2] [3]src/csv-report/ghazdo-csv-report.ps1: Updated the script to handle PATs that already contain a colon.src/csv-report/ghazdo-csv-report.ps1: Updated the script to handle cases where the maximum number of alerts has been reached. It now logs a warning if the number of alerts equals the maximum limit.src/csv-report/ghazdo-csv-report.yml: Updated the pipeline file to specify that the script requires PS7.Changes to permissions requirements:
src/csv-report/README.mdandsrc/csv-report/ghazdo-csv-report.ps1: Updated the PAT permissions requirements to includeProjects - Readfor organization scope. [1] [2]