Module: Dependagrab::GHAPI

Defined in:: lib/dependagrab/gh_api.rb

Constant Summary collapse

GRAPHQL_API =

"https://api.github.com/graphql"

SCHEMA_PATH =

File.join(File.expand_path('../../', File.dirname(__FILE__)), "static/gh_schema.json")

HTTP = Configure GraphQL endpoint using the basic HTTP network adapter.

GraphQL::Client::HTTP.new(GRAPHQL_API) do
  def headers(context)
    # Optionally set any HTTP headers
    {
      "User-Agent": "dependagrab #{Dependagrab::VERSION}",
    }.tap do |h|
      if context[:api_token]
        h["Authorization"] = "bearer #{context[:api_token]}"
      end
    end
  end
end

Schema = However, it’s smart to dump this to a JSON file and load from disk Run it from a script or rake task GraphQL::Client.dump_schema(GHAPI::HTTP, “gh_schema.json”)

GraphQL::Client.load_schema(SCHEMA_PATH)

Client =

GraphQL::Client.new(schema: Schema, execute: HTTP)

Query =

Client.parse "query($repo: String!, $owner: String!, $after_cursor: String) {\n repository(name: $repo, owner: $owner) {\n   vulnerabilityAlerts(first: 20, after: $after_cursor) {\n     pageInfo {\n       endCursor\n       hasNextPage\n     }\n     nodes {\n\n       securityVulnerability {\n         package {\n           name\n           ecosystem\n         }\n         vulnerableVersionRange\n         firstPatchedVersion {\n           identifier\n         }\n         advisory {\n           cvss {\n             vectorString\n             score\n           }\n           cwes(first:100) {\n             edges {\n               node {\n                 cweId\n                 name\n               }\n             }\n           }\n           id\n           ghsaId\n           severity\n           summary\n           permalink\n           description\n         }\n\n       }\n     }\n   }\n }\n}\n"