chezou/github_vulns.py

## github_vulns.py
import requests


class GitHubClient:
    def __init__(self, apikey, session=None):
        self.headers = {"Authorization": f"Bearer {apikey}"}
        if not session:
            self.sess = requests.Session()
        else:
            self.sess = session

    def query(self, query):
        r = self.sess.post(
            "https://api.github.com/graphql",
            json={"query": query},
            headers=self.headers,
        )
        if r.status_code == 200:
            return r.json()
        else:
            raise Exception(
                f"Query failed: status code {r.status_code}\n query: {query}"
            )

    def format_vulnerabilities(self, vuls):
        return [
            {
                "name": v["package"]["name"],
                "severity": v["severity"],
                "vulnerableVersionRange": v["vulnerableVersionRange"],
                "advisory": v["advisory"],
            }
            for v in vuls["data"]["securityVulnerabilities"]["nodes"]
        ]

    def fetch_vulnerabilities(self, first=50, ecosystem="PIP"):
        query = f"""
    {{
        securityVulnerabilities(first: {first}, ecosystem: {ecosystem}, orderBy: {{field: UPDATED_AT, direction: DESC}}) {{
            nodes {{
            package {{
                ecosystem
                name
            }}
            severity
            vulnerableVersionRange
            updatedAt
            advisory {{
                ghsaId
                publishedAt
            }}
            }}
        }}
    }}
        """

        vuls = self.query(query)
        return self.format_vulnerabilities(vuls)


apikey = "your api key"
cli = GitHubClient(apikey)
vuls = cli.fetch_vulnerabilities()
print(vuls)
	import requests


	class GitHubClient:
	def __init__(self, apikey, session=None):
	self.headers = {"Authorization": f"Bearer {apikey}"}
	if not session:
	self.sess = requests.Session()
	else:
	self.sess = session

	def query(self, query):
	r = self.sess.post(
	"https://api.github.com/graphql",
	json={"query": query},
	headers=self.headers,
	)
	if r.status_code == 200:
	return r.json()
	else:
	raise Exception(
	f"Query failed: status code {r.status_code}\n query: {query}"
	)

	def format_vulnerabilities(self, vuls):
	return [
	{
	"name": v["package"]["name"],
	"severity": v["severity"],
	"vulnerableVersionRange": v["vulnerableVersionRange"],
	"advisory": v["advisory"],
	}
	for v in vuls["data"]["securityVulnerabilities"]["nodes"]
	]

	def fetch_vulnerabilities(self, first=50, ecosystem="PIP"):
	query = f"""
	{{
	securityVulnerabilities(first: {first}, ecosystem: {ecosystem}, orderBy: {{field: UPDATED_AT, direction: DESC}}) {{
	nodes {{
	package {{
	ecosystem
	name
	}}
	severity
	vulnerableVersionRange
	updatedAt
	advisory {{
	ghsaId
	publishedAt
	}}
	}}
	}}
	}}
	"""

	vuls = self.query(query)
	return self.format_vulnerabilities(vuls)


	apikey = "your api key"
	cli = GitHubClient(apikey)
	vuls = cli.fetch_vulnerabilities()
	print(vuls)