Disclaimer

( ˶°ㅁ°) !! This is a fork of stephanebouget/github-security-alerts

The aim of this project is to submit evolutions. This is not the official repository of the app. You should not submit bug reports, issues or pull requests to this fork.

Last constributions from here:

• The spinner for loading elements does not turn in the expected rotation (#34, #35)
• When I run the app in CLI, I got some cryptic errors about the API without details (#32, #33)
• On macOS, when I click outside the init window, I loose it and cannot get it back until restart of the app (#17, #31)
• Improve DEVELOP file with Markdown rendering, and fix Rust version command (#25, #26)

GitHub Security Alerts

👉 Developers: See DEVELOP | CONTRIBUTING

A modern desktop application that monitors security vulnerabilities across your GitHub repositories in real-time. Built with Angular and Rust/Tauri for a lightweight, performant experience.

🛡️ Installation Security Notice

When installing this application, you may encounter security warnings from your operating system.

Why ? This application is not code-signed with a commercial certificate, which is a costly process for open-source projects.

📋 Features

Core Functionality

• Real-time Security Monitoring: Track Dependabot security alerts across all your repositories
• Repository Management: Select and manage which repositories to monitor
• GitHub Integration: Seamless authentication via GitHub personal access tokens
• System Tray Integration: Minimize to system tray with icon status indicators
• Auto-refresh: Automatic alert updates every hour (configurable)

📥 Download

Get the latest version of GitHub Security Alerts:

• Download Latest Release

Available for Windows, macOS, and Linux.

⚠️ Prerequisites

GitHub Advanced Security Features

To ensure this application works correctly, you must enable GitHub Advanced Security features on the repositories you want to monitor.:

• Dependabot alerts must be activated
• Security advisories should be enabled
• For private repositories, you may need a GitHub Enterprise or GitHub Advanced Security license

🎯 Usage Guide

First Launch

1. Authenticate

• Personal repositories only: Sign in with GitHub is sufficient
• Organizations included: Create a GitHub Personal Access Token (PAT) for full access
• The app validates the token and saves it securely

2. Select Repositories

• Click the "📦 Repositories" button in the header
• Expand owners (users/organizations) to see their repositories
• Select repositories you want to monitor
• Click "✓ Done - View Alerts"

3. View Alerts

• The main "Alerts" view shows a summary of total security alerts
• Each repository displays its alert count
• Click any repository to open it on GitHub in your browser
• Checkmark (✓) indicates no alerts, numbers show active alerts

✨ Additional Features

• OTA Updates: Automatic over-the-air updates with signature verification for security

• API Rate Limits Usage: Real-time monitoring of GitHub API rate limits and usage statistics

• Auto-refresh Interval Customizable: Configure refresh intervals from 1 minute to 4 hours based on your needs

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.