Created
March 15, 2024 22:28
-
-
Save Starttoaster/29fa77700be15c0647d616ce60ec193c to your computer and use it in GitHub Desktop.
Check if Dependabot automated security fixes are enabled
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ORGANIZATION="your-org" | |
| # Get list of repositories (public and private) in the organization -- ignore archived | |
| repos=$(gh repo list $ORGANIZATION --no-archived --limit 400 --json name --jq '.[].name') | |
| for repo in $repos; do | |
| result=$(gh api repos/$ORGANIZATION/$repo/automated-security-fixes) | |
| enabled=$(echo $result | jq '.enabled') | |
| if [ "$enabled" != "true" ]; then | |
| echo "$repo - dependabot security updates aren't enabled" | |
| fi | |
| paused=$(echo $result | jq '.paused') | |
| if [ "$paused" = "true" ]; then | |
| echo "$repo - dependabot security updates are paused" | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This assumes you have 400 repositories or less in an organization. So... make it paginate the request if you have more or update the limit.