Skip to content

Commit

Permalink
Add security-advisory and code-scanning-alert event types (#2311)
Browse files Browse the repository at this point in the history 
Fixes: #2306.
  • Loading branch information
@sourikghosh
sourikghosh authored Mar 4, 2022
1 parent 5a4019e commit 4d609bd
Show file tree
Hide file tree
Showing 5 changed files with 1,007 additions and 16 deletions.
36 changes: 20 additions & 16 deletions github/code-scanning.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,22 +67,26 @@ type Tool struct {
//
// GitHub API docs: https://docs.github.com/en/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository
type Alert struct {
RuleID *string `json:"rule_id,omitempty"`
RuleSeverity *string `json:"rule_severity,omitempty"`
RuleDescription *string `json:"rule_description,omitempty"`
Rule *Rule `json:"rule,omitempty"`
Tool *Tool `json:"tool,omitempty"`
CreatedAt *Timestamp `json:"created_at,omitempty"`
State *string `json:"state,omitempty"`
ClosedBy *User `json:"closed_by,omitempty"`
ClosedAt *Timestamp `json:"closed_at,omitempty"`
URL *string `json:"url,omitempty"`
HTMLURL *string `json:"html_url,omitempty"`
MostRecentInstance *MostRecentInstance `json:"most_recent_instance,omitempty"`
DismissedBy *User `json:"dismissed_by,omitempty"`
DismissedAt *Timestamp `json:"dismissed_at,omitempty"`
DismissedReason *string `json:"dismissed_reason,omitempty"`
InstancesURL *string `json:"instances_url,omitempty"`
Number *int `json:"number,omitempty"`
RuleID *string `json:"rule_id,omitempty"`
RuleSeverity *string `json:"rule_severity,omitempty"`
RuleDescription *string `json:"rule_description,omitempty"`
Rule *Rule `json:"rule,omitempty"`
Tool *Tool `json:"tool,omitempty"`
CreatedAt *Timestamp `json:"created_at,omitempty"`
UpdatedAt *Timestamp `json:"updated_at,omitempty"`
FixedAt *Timestamp `json:"fixed_at,omitempty"`
State *string `json:"state,omitempty"`
ClosedBy *User `json:"closed_by,omitempty"`
ClosedAt *Timestamp `json:"closed_at,omitempty"`
URL *string `json:"url,omitempty"`
HTMLURL *string `json:"html_url,omitempty"`
MostRecentInstance *MostRecentInstance `json:"most_recent_instance,omitempty"`
Instances []*MostRecentInstance `json:"instances,omitempty"`
DismissedBy *User `json:"dismissed_by,omitempty"`
DismissedAt *Timestamp `json:"dismissed_at,omitempty"`
DismissedReason *string `json:"dismissed_reason,omitempty"`
InstancesURL *string `json:"instances_url,omitempty"`
}

// ID returns the ID associated with an alert. It is the number at the end of the security alert's URL.
Expand Down
68 changes: 68 additions & 0 deletions github/event_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1248,3 +1248,71 @@ type WorkflowRunEvent struct {
Sender *User `json:"sender,omitempty"`
Installation *Installation `json:"installation,omitempty"`
}

// SecurityAdvisory represents the advisory object in SecurityAdvisoryEvent payload.
//
// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
type SecurityAdvisory struct {
GHSAID *string `json:"ghsa_id,omitempty"`
Summary *string `json:"summary,omitempty"`
Description *string `json:"description,omitempty"`
Severity *string `json:"severity,omitempty"`
Identifiers []*AdvisoryIdentifier `json:"identifiers,omitempty"`
References []*AdvisoryReference `json:"references,omitempty"`
PublishedAt *Timestamp `json:"published_at,omitempty"`
UpdatedAt *Timestamp `json:"updated_at,omitempty"`
WithdrawnAt *Timestamp `json:"withdrawn_at,omitempty"`
Vulnerabilities []*AdvisoryVulnerability `json:"vulnerabilities,omitempty"`
}

// AdvisoryIdentifier represents the identifier for a Security Advisory.
type AdvisoryIdentifier struct {
Value *string `json:"value,omitempty"`
Type *string `json:"type,omitempty"`
}

// AdvisoryReference represents the reference url for the security advisory.
type AdvisoryReference struct {
URL *string `json:"url,omitempty"`
}

// AdvisoryVulnerability represents the vulnerability object for a Security Advisory.
type AdvisoryVulnerability struct {
Package *VulnerabilityPackage `json:"package,omitempty"`
Severity *string `json:"severity,omitempty"`
VulnerableVersionRange *string `json:"vulnerable_version_range,omitempty"`
FirstPatchedVersion *FirstPatchedVersion `json:"first_patched_version,omitempty"`
}

// VulnerabilityPackage represents the package object for an Advisory Vulnerability.
type VulnerabilityPackage struct {
Ecosystem *string `json:"ecosystem,omitempty"`
Name *string `json:"name,omitempty"`
}

// FirstPatchedVersion represents the identifier for the first patched version of that vulnerability.
type FirstPatchedVersion struct {
Identifier *string `json:"identifier,omitempty"`
}

// SecurityAdvisoryEvent is triggered when a security-related vulnerability is found in software on GitHub.
//
// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
type SecurityAdvisoryEvent struct {
Action *string `json:"action,omitempty"`
SecurityAdvisory *SecurityAdvisory `json:"security_advisory,omitempty"`
}

// CodeScanningAlertEvent is triggered when a code scanning finds a potential vulnerability or error in your code.
//
// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert
type CodeScanningAlertEvent struct {
Action *string `json:"action,omitempty"`
Alert *Alert `json:"alert,omitempty"`
Ref *string `json:"ref,omitempty"`
// CommitOID is the commit SHA of the code scanning alert
CommitOID *string `json:"commit_oid,omitempty"`
Repo *Repository `json:"repository,omitempty"`
Org *Organization `json:"organization,omitempty"`
Sender *User `json:"sender,omitempty"`
}
Loading

0 comments on commit 4d609bd

Please sign in to comment.