Ctrl K

Update a Dependabot alert

You must use an access token with the `security_events` scope to use this endpoint with private repositories. You can also use tokens with the `public_repo` scope for public repositories only. GitHub Apps must have **Dependabot alerts** write permission to use this endpoint.

Script github Verified

by hugo697 · 10/25/2023

Use in Windmill

The script

Submitted by hugo697 Typescript (fetch-only)

Verified 367 days ago

All edits

Permalink

type Github = {
  token: string;
};
/**
 * Update a Dependabot alert
 * You must use an access token with the `security_events` scope to use this endpoint with private repositories.
You can also use tokens with the `public_repo` scope for public repositories only.
GitHub Apps must have **Dependabot alerts** write permission to use this endpoint.
 */
export async function main(
  auth: Github,
  owner: string,
  repo: string,
  alert_number: string,
  body: {
    dismissed_comment?: string;
    dismissed_reason?:
      | "fix_started"
      | "inaccurate"
      | "no_bandwidth"
      | "not_used"
      | "tolerable_risk";
    state: "dismissed" | "open";
  }
) {
  const url = new URL(
    `https://api.github.com/repos/${owner}/${repo}/dependabot/alerts/${alert_number}`
  );

  const response = await fetch(url, {
    method: "PATCH",
    headers: {
      "Content-Type": "application/json",
      Authorization: "Bearer " + auth.token,
    },
    body: JSON.stringify(body),
  });
  if (!response.ok) {
    const text = await response.text();
    throw new Error(`${response.status} ${text}`);
  }
  return await response.json();
}


`1`	`type Github = {`
`2`	`token: string;`
`3`	`};`
`4`	`/**`
`5`	`* Update a Dependabot alert`
`6`	* You must use an access token with the `security_events` scope to use this endpoint with private repositories.
`7`	You can also use tokens with the `public_repo` scope for public repositories only.
`8`	`GitHub Apps must have Dependabot alerts write permission to use this endpoint.`
`9`	`*/`
`10`	`export async function main(`
`11`	`auth: Github,`
`12`	`owner: string,`
`13`	`repo: string,`
`14`	`alert_number: string,`
`15`	`body: {`
`16`	`dismissed_comment?: string;`
`17`	`dismissed_reason?:`
`18`	`\| "fix_started"`
`19`	`\| "inaccurate"`
`20`	`\| "no_bandwidth"`
`21`	`\| "not_used"`
`22`	`\| "tolerable_risk";`
`23`	`state: "dismissed" \| "open";`
`24`	`}`
`25`	`) {`
`26`	`const url = new URL(`
`27`	`https://api.github.com/repos/${owner}/${repo}/dependabot/alerts/${alert_number}`
`28`	`);`
`29`
`30`	`const response = await fetch(url, {`
`31`	`method: "PATCH",`
`32`	`headers: {`
`33`	`"Content-Type": "application/json",`
`34`	`Authorization: "Bearer " + auth.token,`
`35`	`},`
`36`	`body: JSON.stringify(body),`
`37`	`});`
`38`	`if (!response.ok) {`
`39`	`const text = await response.text();`
`40`	throw new Error(`${response.status} ${text}`);
`41`	`}`
`42`	`return await response.json();`
`43`	`}`
`44`