ghas-mcp-server
by rajbos
ghas-mcp-server is an MCP server designed to interact with GitHub Advanced Security (GHAS) for repositories. It provides tools to list Dependabot alerts, secret scanning alerts, and code scanning alerts.
Last updated: N/A
What is ghas-mcp-server?
The ghas-mcp-server is a server that integrates with the MCP (Managed Configuration Protocol) framework to retrieve security alerts from GitHub Advanced Security (GHAS). It allows users to easily list Dependabot, secret scanning, and code scanning alerts for their repositories.
How to use ghas-mcp-server?
To use this server, install it in VS Code or VS Code Insiders using the provided installation links. Configure the server in your MCP configuration file, providing either a GitHub Personal Access Token with the necessary scopes or using the authenticated GitHub CLI. Then, use the MCP framework to interact with the server and retrieve the desired security alerts.
Key features of ghas-mcp-server
Lists Dependabot alerts
Lists secret scanning alerts
Lists code scanning alerts
Supports authentication via Personal Access Token or GitHub CLI
Integrates with MCP framework
Easy installation in VS Code and VS Code Insiders
Use cases of ghas-mcp-server
Security monitoring of GitHub repositories
Automated security alert reporting
Integration with security dashboards
Vulnerability management
Compliance reporting
FAQ from ghas-mcp-server
What scopes are required for the Personal Access Token?
What scopes are required for the Personal Access Token?
The Personal Access Token needs read-only access to the repository and organization for Dependabot alerts, secret scanning alerts, and code scanning alerts.
How do I use the GitHub CLI for authentication?
How do I use the GitHub CLI for authentication?
Set the environment variable GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI to true and ensure you are logged in to the GitHub CLI using gh auth login.
Where can I find the MCP configuration file?
Where can I find the MCP configuration file?
The MCP configuration file is typically located in your VS Code settings or in a dedicated configuration file depending on your MCP setup.
How do I install the server in VS Code?
How do I install the server in VS Code?
Use the provided 'Install in VS Code' button, which will redirect you to vscode.dev with instructions to install the server.
Can I contribute to this project?
Can I contribute to this project?
Yes, contributions are welcome! You can open issues or submit pull requests with new tools or improvements.