1. Install (one-time setup)

   1. Download or clone this repository
   2. cd github-reports
   3. go build .

2. Create credentials (one-time setup)

3. Run! e.g.:

   ./github-dependabot-report
   --privateKeyFile=dependabot-report.2024-01-24.private-key.pem \
   --appID=807018 \
   --appInstallID=46514769  \
   --excludeNonProd \
   --excludeArchived \
   --outputFile=report.html

I will provide a compiled version when I figure out how to get around the MacOS notarization issue.

Github recommends the use of Github Apps to authenticate with their REST APIs, and in fact, the ones we are using here require it, so the first thing you need to do is create a Github App. Just follow these instructions, with the following additions:

• You are creating a GitHub App owned by a personal account (step 2)
• For the Homepage URL you can really use anything you want (e.g. https://gihub.com)
• Uncheck Active under Webhook
• In permissions, set the Repository permissions for Dependabot alerts to Read-only
• Set Where can this GitHub App be installed? to Any account

You do not need to provide any other information.

Now click on "Create Github App".

Next we need to obtain a Private Key from this Github App which we will use later during authentication. To do this, click on Edit next to the Github App you just created, Private keys section and click on Generate a private key. This will download the private key to your machine (as a .pem file); remember where it is stored as you will need this later.

While you are on this page, also take note of your App ID which is visible at the top of this page, you will need this later as well.

Follow these instructions, with the following additions:

• in step 7, make sure you select "glcp" to install the app in the GLCP Organization.
• In step 8, select All repositories

Now click on install.

You will need a final bit of information from the installed GitHub App, namely the Github App installation ID. The only way I have been able to retrieve this is by going to the Settings page of the installed Github App (click on the gear icon next to "Installed"). If you now look at the URL in the browser, you should see https://github.com/apps/dependabot-report/installations/12345678: 12345678 is the Github App installation ID (obviously your number will be different).