in src/main.ts [151:196]
async function handleSecurityIssuesScanning(issue: any, owner: string, repo: string, password: string, token: string, botUrl: string) {
const octokit = github.getOctokit(token);
const issueNumber = issue.number;
const { data: existedLabels } = await octokit.rest.issues.listLabelsOnIssue({
owner,
repo,
issue_number: issueNumber,
});
const labelExists = existedLabels.some((label: { name: string }) => label.name === "Security-Issue");
if (labelExists) {
core.info('This issue has already been labeled as Security-Issue. Skip this issue.');
return;
}
const if_security = (await axios.post(botUrl + '/security/', {
'raw': issue,
'password': password
})).data.security;
core.info('Search the security issues by the issue sentinel successfully.');
core.debug(`Response: ${if_security}`);
if (!if_security) {
core.info('Not a security issue.');
return;
}
let message = 'This issue is related to security. Please pay attention.\n'
message += PoweredBy;
await octokit.rest.issues.createComment({
owner,
repo,
issue_number: issueNumber,
body: message
});
core.info(`Comment sent to issue #${issueNumber}`);
const labels = ["Security-Issue"];
await octokit.rest.issues.addLabels({
owner,
repo,
issue_number: issueNumber,
labels
});
core.info(`Label added to issue #${issueNumber}`);
}