A shell script to enable vulnerability alerts across multiple repositories in GitHub organizations or enterprises.
- GitHub CLI installed and authenticated
- jq command-line JSON processor
- Appropriate GitHub permissions to enable security features
./main.sh <target_name> <scope>target_name: (Required) The name of the organization or enterprisescope: (Optional) Either "org" or "enterprise". Defaults to "org"
Enable vulnerability alerts for a single organization:
./main.sh my-organization orgEnable vulnerability alerts for all organizations in an enterprise:
./main.sh my-enterprise enterprise- Supports both organization and enterprise-level operations
- Handles pagination for large organizations/enterprises
- Filters out archived and disabled repositories
- Removes duplicate repositories
- Provides error handling for API failures
- Cleans up temporary files automatically
The script performs the following GitHub API operations:
- Fetches organizations (for enterprise scope)
- Retrieves active repositories for each organization
- Enables vulnerability alerts for each repository
- Validates input parameters
- Reports API errors during vulnerability alert enablement
- Provides descriptive error messages
- Requires GitHub CLI authentication
- Processes up to 100 items per page (GitHub API limitation)
- Temporary files (
orgs.tmpand repos.tmp) are created during execution
This project is available under the MIT License.