diff --git a/src/steps/secretScanningAlerts.ts b/src/steps/secretScanningAlerts.ts index cf20cb6..6c9a842 100644 --- a/src/steps/secretScanningAlerts.ts +++ b/src/steps/secretScanningAlerts.ts @@ -28,15 +28,15 @@ export async function fetchSecretScanningAlerts({ const restClient = getOrCreateRestClient(config, logger); await restClient.iterateSecretScanningAlerts(async (alert) => { - const secretScanningAlertEntity = (await jobState.addEntity( - createSecretScanningAlertEntity(alert), - )) as SecretScanningFindingEntity; - - const repoEntityKey = - alert.repository?.node_id && - getRepositoryEntityKey(alert.repository.node_id); + if (!alert.repository?.node_id) { + return; + } + const secretScanningAlertEntity = await jobState.addEntity( + createSecretScanningAlertEntity(alert) as SecretScanningFindingEntity, + ); - if (repoEntityKey && jobState.hasKey(repoEntityKey)) { + const repoEntityKey = getRepositoryEntityKey(alert.repository.node_id); + if (jobState.hasKey(repoEntityKey)) { await jobState.addRelationship( createDirectRelationship({ _class: RelationshipClass.HAS, diff --git a/src/sync/converters.ts b/src/sync/converters.ts index e6ced55..89f9462 100755 --- a/src/sync/converters.ts +++ b/src/sync/converters.ts @@ -193,8 +193,12 @@ export function createCodeScanningFindingEntity( }); } -export function getSecretScanningAlertKey(id: string) { - return `github_secret_scanning_finding:${id}`; +export function getSecretScanningAlertKey( + data: SecretScanningAlertQueryResponse, +) { + return `github_secret_scanning_finding:${data.repository!.node_id}:${ + data.number + }`; } export function createSecretScanningAlertEntity( @@ -206,7 +210,7 @@ export function createSecretScanningAlertEntity( assign: { _class: GithubEntities.GITHUB_SECRET_SCANNING_ALERT._class, _type: GithubEntities.GITHUB_SECRET_SCANNING_ALERT._type, - _key: getSecretScanningAlertKey(String(data.number)), + _key: getSecretScanningAlertKey(data), displayName: data.secret_type_display_name, name: data.secret_type_display_name, severity: 'CRITICAL',