added severities filtering support

taxfix · Mar 31, 2022 · 985573d · 985573d
1 parent 2569019
commit 985573d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/src/fetch-alerts.ts b/src/fetch-alerts.ts
@@ -7,14 +7,15 @@ export const fetchAlerts = async (
   repositoryName: string,
   repositoryOwner: string,
   count: number,
+  severities: string[],
 ): Promise<Alert[] | []> => {
   const octokit = getOctokit(gitHubPersonalAccessToken)
   const { repository } = await octokit.graphql<{
     repository: Repository
   }>(`
     query {
       repository(owner:"${repositoryOwner}" name:"${repositoryName}") {
-        vulnerabilityAlerts(last: ${count}) {
+        vulnerabilityAlerts(filter:{ severity: [${severities.map(severity => `"${severity}"`)}]} last: ${count}) {
           edges {
             node {
               id

diff --git a/src/main.ts b/src/main.ts
@@ -19,9 +19,10 @@ async function run(): Promise<void> {
     const zenDutyServiceId = getInput('zenduty_service_id')
     const zenDutyEscalationPolicyId = getInput('zenduty_escalation_policy_id')
     const count = parseInt(getInput('count'))
+    const severities = getInput('severities').split(',') || ["Critical","High","Moderate","Low"]
     const owner = context.repo.owner
     const repo = context.repo.repo
-    const alerts = await fetchAlerts(token, repo, owner, count)
+    const alerts = await fetchAlerts(token, repo, owner, count, severities);
     if (alerts.length > 0) {
       if (microsoftTeamsWebhookUrl) {
         await sendAlertsToMicrosoftTeams(microsoftTeamsWebhookUrl, alerts)