About Zapier Community
New to our Community? Get to know more about our space and how to make the most of your time here.

Code of Conduct Community FAQ's Zapier Common Questions What to Expect

Get Started With Zapier
New to Zapier? We have got you covered with our Zapier 101 Resources.

Zapier Essentials

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Zapier Products
Learn more about Zapier's new products.

Zapier Tables Zapier Interfaces

Zapier Reading
All of our best learning resources can be found here.

Featured Articles Show & Tell AI Hub Zapier Tools Hub

Learning Groups
Excited to meet other builders? Check out our interest areas full of doers, dreamers, and in-betweeners.

User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Best answer

How can I trigger a zap with Github's dependabot security alerts?

  • 25 August 2023
  • 3 replies
  • 131 views
Ibon

There are a lot of Github triggers, but none of them seem to be picking the Security alerts that Dependabot creates. Can someone think of any way to pick these up as a trigger to initiate a zap?

 

 

icon

Best answer by GetUWired 25 August 2023, 19:30

View original

3 replies

GetUWired
Userlevel 7
Badge +12

Hi @Ibon,

It looks like you can set up these Dependabot alerts to notify you via email.  

https://docs.github.com/en/code-security/dependabot/dependabot-alerts/configuring-notifications-for-dependabot-alerts

 

You can then potentially set up a new email trigger for your selected inbox, or set up a Zapier email parser and forward it to the parser inbox.  https://zapier.com/blog/email-parser-guide/

 

Hope this helps!

Ibon

Thank you for your reply!

 

That would work, but

  1. It is not a clean solution, it’s just a workaround that uses more steps and more intermediaries, there should be a github trigger for this the same way there is for a new comment or a new pull request
  2. I don’t want to give Zapier access to reading my email...

 

I guess the answer then is that there is no way of doing this with the Github integration, period?

GetUWired
Userlevel 7
Badge +12

Hi @Ibon,

It doesn’t look like there is a specific Github trigger for this.  You can make a feature request for this functionality at this address:  https://zapier.com/app/get-help

Alternatively, you could make a custom trigger using the Github API:

https://docs.github.com/en/rest/dependabot/alerts?apiVersion=2022-11-28#about-dependabot-alerts

 

For my workaround, you would not have to give Zapier access to all of your emails.  You would just need to set up an email parser inbox here:  https://zapier.com/features/parser

Then you would set up a rule in your email that would automatically forward a message to this Zapier parser inbox given certain conditions.

For instance, you could have a condition that the subject line needs to have “Dependabot” in it or that it comes from a specific email address.  This way, Zapier is only getting those specific emails about the Dependabot.

Reply


Terms & Conditions