github / enable-security-alerts-sample Goto Github PK

It looks like the text under the "Calling this script to check for enabled security alerts" section in the README.md is incorrect as it implies that it "will enable security alerts on all repositories in your organization" when the header seems to suggest it will only check what the status is?

Hi, when using this script against our Github Enterprise Cloud I get rate limit errors:
"You have triggered an abuse detection mechanism. Please wait a few minutes before you try again.
https://developer.github.com/v3/#abuse-rate-limits"

Suggestion: https://github.com/github/platform-samples/tree/master/api/ruby/find-inactive-members has rate limiting

Just came across the option to allow security fixes across an entire organization... does that mean that enabling via this script / the API wouldn't be necessary? Happy to reach out to support if that's a better question for them. Thanks!

There is a solution for #9, however the shell scripts in folder shell_script also lack rate limiting.
My solution is to add "sleep 1" after the PUT curl:
curl -s -X PUT -H "Authorization: bearer $api_key" -H "Accept: application/vnd.github.london-preview+json" $enable_url
sleep 1 #rate limiting to prevent blocking by github server

In both shell scripts

It would be great if a Dockerfile was included. Given GitHub's lack of organization wide settings, we want to run this on a weekly basis to ensure that this is always enabled. It would be great if we didn't have to maintain a fork to include a Dockerfile and build our own image.

Only 30 repos can be handled with the shell script as it does not follow pagination.