feat: Allow to ignore specific dependencies

Author: rndev15

.github/workflows/ci.yml

@@ -34,6 +34,7 @@ jobs:
           # slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
           # severity: low,medium
           # ecosystem: npm,rubygems
+          # ignore_packages: lodash,devise
           # count: 20
           # pager_duty_integration_key: ${{ secrets.PAGER_DUTY_INTEGRATION_KEY }}
           # zenduty_api_key: ${{ secrets.ZENDUTY_API_KEY }}

action.yml

@@ -43,6 +43,8 @@ inputs:
     description: 'Comma separated list of severities. E.g. low,medium,high,critical (NO SPACES BETWEEN COMMA AND SEVERITY)'
   ecosystem:
     description: 'A comma-separated list of ecosystems. If specified, only alerts for these ecosystems will be returned.'
+  ignore_packages:
+    description: 'A comma-separated list of package names. If specified, alerts for these packages will be ignored.'
 branding:
   icon: 'alert-octagon'
   color: 'red'

dist/index.js

@@ -0,0 +1,34 @@
+import { Octokit } from '@octokit/rest'
+
+import { Alert, toEnterpriseAlert, PackageCveMap } from '../entities'
+
+import { filterPackages } from './filters'
+
+export const fetchEnterpriseAlerts = async (
+  gitHubPersonalAccessToken: string,
+  enterprise: string,
+  severity: string,
+  ecosystem: string,
+  ignorePackages: PackageCveMap,
+  count: number,
+): Promise<Alert[] | []> => {
+  const octokit = new Octokit({
+    auth: gitHubPersonalAccessToken,
+    request: {
+      fetch,
+    },
+  })
+  const response = await octokit.dependabot.listAlertsForEnterprise({
+    enterprise,
+    state: 'open',
+    severity,
+    ecosystem: ecosystem.length > 0 ? ecosystem : undefined,
+    per_page: count,
+  })
+
+  return response.data
+    .filter((dependabotAlert) =>
+      filterPackages(dependabotAlert, ignorePackages),
+    )
+    .map(toEnterpriseAlert)
+}