When I scan my code with Gosec, I want to be able to exclude the confidence:LOW results from being shown. I need that because I am using GitHub actions and I set it up in a way to block the PR if there is an error. I don't want to bother my team with LOWs :)
Related
I am trying to write a Powershell script that gets all the work items that have changed in an organization after a certain Date time. I only need certain fields but right now just trying to grab all of them and dump them into a CSV. I have tried several APIs but I have been unable to get where I want to go. The Wiql api fails when there are more that 2000 items. Can anyone point me in the right direction.
#$uri = "$baseurl/$($_.name)/_apis/wit/reporting/workitemrevisions?includeLatestOnly=true"
#$uri = "$baseurl/$($_.name)/_apis/wit/reporting/workitemrevisions?includeLatestOnly=true&startDateTime=$LastRunTime&Types=$WorkItemType"
#$uri = "$baseurl/$($_.name)/_apis/wit/wiql?api-version=5.0"
#TESTING REMOVE
$uri = "$baseurl/TestingWillBeDeleted/_apis/wit/wiql?api-version=5.0"
There is a design limitation while pulling the workitems without any filters or conditions attached. As per the design, one can pull only 2000 work items at once. If you are looking to pull more than that I would like to recommend you build the Powershell script to
Step 1. Get the list of unique work item types that got altered between choose dates.
Step 2. Customize Powershell to pull the work item of individual type to each sheet in the EXCEL.
for eg: If there are changes on BUG, TASK, USER STORY work items, at the end of step 2 you can see the excel sheet with 3 sheets with individual work items dumped.
Hope this helps.
I'm trying to query PRs in the Github GUI based on certain criterias. I want to show all pull requests that have not been written by a certain author.
The following example would be a query that returns all PRs written by the author mgol:
https://github.com/pulls?q=org%3Ajquery+is%3Aopen+is%3Apr+author%3Amgol
I would now like to return all PRs in the jquery organization, but not the ones from mgol. I tried multiple things, adding not: and things like this, but nothing seems to just filter out the PRs by this single author.
Try adding -author:mgol to get negated searches. This applies to other searches, too (Issues, etc.). See https://docs.github.com/en/search-github/getting-started-with-searching-on-github/understanding-the-search-syntax#exclude-certain-results for more.
My organization is trying to find an out of the box way with Azure DevOps to see which features were 'committed to' at the start of the release, and which are delivered. The Velocity report would be perfect, except Features are assigned to areas that are configured to run off of sprints that are child-iterations of larger release-iterations, and we want the data at the release-iteration level.
We're able to build queries that can mostly deliver this, but that method doesn't track changes, just shows you a current point in time view of how things are.
The goal is to have data we can use to evaluate if we're making commitments we can keep.
How have other organizations tackled this sort of problem? How do you tie committed vs. actuals at the Feature level?
I could understand your requirements. But based on my test, Velocity Report has some limitations:
For example:
If the Iteration Path has Child Iteration, it will show the child Iteration on Velocity Report. As you said , release-iteration will not show in the Report.
So it cannot meet all your needs.
I tested some related extensions and existing charts, and it seems that there is no tool that can improve or replace the Velocity Report .
For a workaround:
For Child Iteration, you still could use the Velocity Report to record the process.
For the Parent Iteration, you could create different queries to show the process(Planned
, Completed,Completed Late and so on). You can use query to get the work item list of the corresponding state.
Here are examples:
Planned :
Completed:
...
Then you could add them to the Dashboards(Query Title Widget):
On the other hand, this requirement is valuable.
You could add your request for this feature on our UserVoice site, which is our main forum for product suggestions.
I have been searching Github documentation well as pygithub documentation as well on how I could get the stats for each users committed and merged lines of code into the master branch from a specific date. So far the best i could find is under contributions it list out a users committed lines of codes however this gives the stats for the life of the project but i need to filter this by a specific date. Is there anyway to do this appreciate the help.
It looks like you can pretty easily retrieve a list of the commits from a specific user and in agiven date range using the pygithub Repository get_commits method. You can see from the method signature below that you can filter by the hash, path, date range, and author.
def get_commits(
self,
sha=github.GithubObject.NotSet,
path=github.GithubObject.NotSet,
since=github.GithubObject.NotSet,
until=github.GithubObject.NotSet,
author=github.GithubObject.NotSet,
)
I'm trying to figure out if there's any way to exercise the various fields defined for the github advanced search form that would allow me to effectively exclude hits from a specific repo. In other words I want to do a code search for all hits landing outside a given repository, an inverse repository search if you will.
I may be able to tune the size field with an inequality, but I'm hoping there's something I may be overlooking that has this sort of search in mind. My specific use case is that there's a major monorepo on our remote but there's a small constellation of support repositories which reuse some bits of the main repo that need to be refactored. I'm trying to identify those source hits in the smaller repos that need to be upgraded.
https://github.com/search/advanced?q=test&type=Repositories
Use -repo in the normal search. You can exclude a repository by prepending a hyphen (-).
foo_library -repo:owner1/repoX -repo:owner2/repo
See also docs.github.com or github.community.