dependency-track/docs/_docs/datasources/github-advisories.md at master

mirror of https://github.com/DependencyTrack/dependency-track.git synced 2026-02-06 17:59:53 +00:00

ybelMekk 86b08b7a6d remove(docs): outdated doc

This is supported, ref: https://github.blog/changelog/2023-04-27-graphql-improvements-for-fine-grained-pats-and-github-apps/

Signed-off-by: ybelMekk <youssef.bel.mekki@nav.no>

2023-10-25 22:57:53 +02:00

1 KiB

Executable file

Raw Permalink Blame History

title

category

chapter

order

redirect_from

GitHub Advisories

Datasources

/datasources/nsp/

/datasources/npm/

GitHub Advisories (GHSA) is a database of CVEs and GitHub-originated security advisories affecting the open source world. Advisories may or may not be documented in the [National Vulnerability Database]({{ site.baseurl }}{% link _docs/datasources/nvd.md %}).

Dependency-Track integrates with GHSA by mirroring advisories via GitHub's public GraphQL API. The mirror is refreshed daily, or upon restart of the Dependency-Track instance. A personal access token (PAT) is required in order to authenticate with GitHub, but no scopes have to be assigned to it. GitHub provides guidance on how to create a PAT here.

1 KiB Executable file Raw Permalink Blame History

1 KiB

Executable file

Raw Permalink Blame History