Summary
Dependabot alerts have no coverage in this module — there is no Dependabot command category under src/functions/public/. The Dependabot alerts REST API lets you list and update vulnerability alerts at the repository, organization, and enterprise level — essential for supply-chain security automation and reporting.
Changelog reference
Desired capability
Add functions for the Dependabot alerts REST API:
Get-GitHubDependabotAlert — list/get alerts at repo, org, and enterprise level, with filters (state, severity, ecosystem, package, scope).Set-GitHubDependabotAlert — update alert state (dismissed/open) with dismissed reason/comment.
Acceptance criteria
- Functions use
Invoke-GitHubAPI and the active GitHubContext; pagination handled.
- Repo-, org-, and enterprise-level listing supported via parameter sets.
- Typed alert objects with default formats (severity, package, advisory summary).
- Integration tests against an owned repo with Dependabot alerts enabled (skipped gracefully when unavailable).
Notes
- Requires
security_events (or repo) scope; org/enterprise listing requires appropriate admin permissions.
Summary
Dependabot alerts have no coverage in this module — there is no
Dependabotcommand category undersrc/functions/public/. The Dependabot alerts REST API lets you list and update vulnerability alerts at the repository, organization, and enterprise level — essential for supply-chain security automation and reporting.Changelog reference
Desired capability
Add functions for the Dependabot alerts REST API:
Get-GitHubDependabotAlert— list/get alerts at repo, org, and enterprise level, with filters (state, severity, ecosystem, package, scope).Set-GitHubDependabotAlert— update alert state (dismissed/open) with dismissed reason/comment.Acceptance criteria
Invoke-GitHubAPIand the activeGitHubContext; pagination handled.Notes
security_events(orrepo) scope; org/enterprise listing requires appropriate admin permissions.