Skip to content

Adding SecretScanning Toolset #280

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Adding SecretScanning Toolset #280

wants to merge 6 commits into from
+418 −3

Conversation

tonytrg
Copy link
Contributor

@tonytrg tonytrg commented Apr 15, 2025
edited
Loading

This PR adds:

@tonytrg tonytrg force-pushed the tonytrg/add-secret-scanning-tools branch from d31dd8b to 6c01bf9 Compare April 16, 2025 14:15
@tonytrg tonytrg marked this pull request as ready for review April 16, 2025 14:22
@Copilot Copilot AI review requested due to automatic review settings April 16, 2025 14:22
Copilot
Copilot AI reviewed Apr 16, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces a new secret scanning toolset to the MCP server by adding two new commands: GetSecretScanningAlert and ListSecretScanningAlerts.

  • Integrates secret scanning tools into the toolset initialization in pkg/github/tools.go.
  • Implements secret scanning functionalities in pkg/github/secret_scanning.go with accompanying tests in pkg/github/secret_scanning_test.go.
  • Updates the README.md with usage documentation for the new secret scanning endpoints.

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

File Description
pkg/github/tools.go Registers the secret scanning tools into the toolset collection.
pkg/github/secret_scanning_test.go Provides tests ensuring correct behavior of the secret scanning tool handlers.
pkg/github/secret_scanning.go Implements the GetSecretScanningAlert and ListSecretScanningAlerts functions.
README.md Adds documentation detailing the usage of the new secret scanning tools.

@tonytrg tonytrg changed the title Adding GetSecretScanningAlert and ListSecretScanningAlerts Adding SecretScanning Toolset Apr 16, 2025
@tonytrg
Copy link
Contributor Author

tonytrg commented Apr 16, 2025
edited
Loading

Did a manual test run:

Can you list me all secret scanning alerts in github/repo that are resolved?

A: 
Query params
{
  "owner": "github",
  "repo": "repo",
  "state": "resolved"
}

[
... Returned list of secretalerts, all resolved
]

Alright give me github/repo alertnumber 196

A:
Query params
{
  "owner": "github",
  "repo": "repo",
  "alertNumber": 196
}

{"number":196,
...
}

@tonytrg @Copilot
Update README.md
bab315f 
Co-authored-by: Copilot <[email protected]>
@tonytrg tonytrg self-assigned this Apr 16, 2025
SamMorrowDrums
SamMorrowDrums reviewed Apr 16, 2025
View reviewed changes
Copy link
Collaborator

@SamMorrowDrums SamMorrowDrums left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this looks great, just a couple of small comments.

.gitignore

# Go
vendor
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
vendor
vendor

pkg/github/tools.go
@@ -73,6 +73,11 @@ func InitToolsets(passedToolsets []string, readOnly bool, getClient GetClientFn,
toolsets.NewServerTool(GetCodeScanningAlert(getClient, t)),
toolsets.NewServerTool(ListCodeScanningAlerts(getClient, t)),
)
secretSecurity := toolsets.NewToolset("secret_security", "Secret security related tools, such as GitHub Secret Scanning").
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is actually called secret protection. https://github.blog/changelog/2025-03-04-introducing-github-secret-protection-and-github-code-security/

We just split the security products, otherwise I'd have called it all Advanced Security or ghas.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SamMorrowDrums SamMorrowDrums SamMorrowDrums left review comments

Copilot code review Copilot Copilot left review comments

@juruen juruen Awaiting requested review from juruen juruen is a code owner

@williammartin williammartin Awaiting requested review from williammartin williammartin is a code owner

@toby toby Awaiting requested review from toby toby is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@tonytrg tonytrg

Labels
tool-proposal
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tonytrg @SamMorrowDrums