v3 - now with lots of friends, and a bugfix

What's Changed

• Bump requests from 2.28.1 to 2.28.2 by @dependabot in #33
• Bump actions/stale from 7 to 8 by @dependabot in #34
• Bump github/super-linter from 4 to 5 by @dependabot in #35
• Prep to move to github.com/advanced-security by @some-natalie in #37
• Bump requests from 2.28.2 to 2.29.0 by @dependabot in #38
• Bump requests from 2.29.0 to 2.30.0 by @dependabot in #40
• Use env variable GITHUB_API_URL by @mbaluda in #39
• Bump requests from 2.30.0 to 2.31.0 by @dependabot in #42
• bump super-linter to new org by @some-natalie in #43
• Filtering type of alerts to export and Dependabot alerts support GHES by @theztefan in #44
• Better error handling by @ctcampbell in #45
• Add Code Scanning security severity to CSV, improve error handling by @ctcampbell in #46
• Bump actions/checkout from 3 to 4 by @dependabot in #49
• Bump actions/stale from 8 to 9 by @dependabot in #50
• Update README examples to v3 by @zkoppert in #51
• add token file to ignore by @some-natalie in #56
• Bump github/codeql-action from 2 to 3 by @dependabot in #57
• Bump actions/dependency-review-action from 3 to 4 by @dependabot in #59
• Update codeowners by @some-natalie in #60
• Bump super-linter/super-linter from 5 to 6 by @dependabot in #62

New Contributors

• @mbaluda made their first contribution in #39
• @theztefan made their first contribution in #44
• @ctcampbell made their first contribution in #45
• @zkoppert made their first contribution in #51

Full Changelog: v2...v3

Dependabot alert improvements

What's Changed

• Bump actions/dependency-review-action from 2 to 3 by @dependabot in #28
• Add CVSS score column in Dependabot Alert List by @parroty in #29
• Bump actions/stale from 6 to 7 by @dependabot in #32
• Add org-level / enterprise-level dependabot alert list by @parroty in #30
• Ignore "excluded_repos.csv" for code scanning alerts of GitHub Enterprise Cloud by @parroty in #31

New Contributors

• @parroty made their first contribution in #29

Full Changelog: v2...v2.1.0

v2 - now with 100% more Dependabot

What's Changed

Now includes Dependabot alerts via the REST API

⚠️ This API is in public beta and subject to change. It only works for repositories in GitHub.com.

• update docs by @some-natalie in #21
• Bump actions/stale from 5 to 6 by @dependabot in #22
• 15 add dependabot alert information by @some-natalie in #23

Full Changelog: v1...v2

v1

It's already used quite a bit, so let's just call it v1 ❤️

v0.5.0

What's Changed

• add enterprise cloud code scanning alerts by @some-natalie in #14

Full Changelog: v0.4.0...v0.5.0

v0.4.0

What's Changed

• Bump requests from 2.27.1 to 2.28.0 by @dependabot in #5
• Bump actions/dependency-review-action from 1 to 2 by @dependabot in #6
• fix refactor of repo code scanning alerts by @some-natalie in #7
• fix repo code scanning by @some-natalie in #8
• Bump requests from 2.28.0 to 2.28.1 by @dependabot in #11

New Contributors

• @dependabot made their first contribution in #5

Full Changelog: v0.3.0...v0.4.0

v0.3.0 - add enterprise-scoped logic

What's Changed

• Add enterprise secret scanning for GHEC by @some-natalie in #1
• Add super linter config by @some-natalie in #2
• Add enterprise-wide code scanning alerts for Enterprise Server and GHAE by @some-natalie in #3
• Adds CSVs to .gitignore
• Add dependency check at PR time to prevent new vulnerabilities in dependencies

New Contributors

• @some-natalie made their first contribution in #1

Full Changelog: v0.2.0...v0.3.0

v0.2.0 - add organization support 🎉

🎉 Organization-wide reporting works for code and secret scanning alerts

rework docker file

v0.1.1

rework dockerfile

Initial release

Repository scoped export of secret scanning and code scanning alerts