There are a lot of Github triggers, but none of them seem to be picking the Security alerts that Dependabot creates. Can someone think of any way to pick these up as a trigger to initiate a zap?
Page 1 / 1
Hi
It looks like you can set up these Dependabot alerts to notify you via email.
You can then potentially set up a new email trigger for your selected inbox, or set up a Zapier email parser and forward it to the parser inbox. https://zapier.com/blog/email-parser-guide/
Hope this helps!
Thank you for your reply!
That would work, but
- It is not a clean solution, it’s just a workaround that uses more steps and more intermediaries, there should be a github trigger for this the same way there is for a new comment or a new pull request
- I don’t want to give Zapier access to reading my email...
I guess the answer then is that there is no way of doing this with the Github integration, period?
Hi
It doesn’t look like there is a specific Github trigger for this. You can make a feature request for this functionality at this address: https://zapier.com/app/get-help
Alternatively, you could make a custom trigger using the Github API:
https://docs.github.com/en/rest/dependabot/alerts?apiVersion=2022-11-28#about-dependabot-alerts
For my workaround, you would not have to give Zapier access to all of your emails. You would just need to set up an email parser inbox here: https://zapier.com/features/parser
Then you would set up a rule in your email that would automatically forward a message to this Zapier parser inbox given certain conditions.
For instance, you could have a condition that the subject line needs to have “Dependabot” in it or that it comes from a specific email address. This way, Zapier is only getting those specific emails about the Dependabot.
How can I use that as a Zapier trigger? I can’t see a way to get the fields into the config as the “ping” event just has metadata about the webhook.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.