Modified Gitrob to also scan GitHub organization private repositories. #4
Conversation
|
Hey @PaulTurner-awin! Thanks for the contribution. This fixes a bug I previously mentioned here on our repository mirror: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gitrob/-/issues/3. I'll do some testing on the GitLab side and get back to you. It works a little bit different on GitLab as there's no easy way to tell if an id relates to a group/organization, or a project. |
|
Looks good! I'll go ahead and merge this in as its an improvement over what we already have and does not break the gitlab feature as is. However, as I'm sure you know, we can make some improvements on the gitlab side to improve the interface implementation and make the code a little cleaner. I'll take that on and patch after the merge. Thanks again! |
|
Your changes are in the 3.4.2-beta release. Thanks! |
2 participants
I'm hoping this change may be useful for someone else.
These changes modify Gitrob to also scan your GitHub organization private repositories that the access key you use has access to. This was done as part of evaluating Gitrob for internal company use.
Important: The interface changes are replicated in the GitLab implementation, but are not fully implemented. I don't currently have a GitLab account to proceed with this.
I'm happy to discuss any of this further.