CLI for efficiently coordinating vulnerability reports and remediations with GitHub Security Advisories (GHSA)
Project description
ghsa-cli
CLI for efficiently coordinating vulnerability reports and remediations with GitHub Security Advisories (GHSA).
Install from PyPI (python -m pip install ghsa-cli) and
authenticate using a GH_TOKEN environment variable within the shell
session (export GH_TOKEN="$(gh auth token)"). Repository automatically
resolves to the upstream/origin remote of the current working directory
git repository or can be set manually via GH_REPO or --repo.
Below are some common workflows this tool is designed for:
Assigning yourself as 'Coordinator' for a ticket
Assign yourself as a coordinator. The alias me works for
options specified via the command line to mean the
currently authenticated user.
ghsa-cli credit GHSA-xxxx-xxxx-xxxx --coordinator me
Adding collaborators by name
Adds collaborators by name, either teams or individual users.
ghsa-cli collaborators GHSA-xxxx-xxxx-xxxx --login sethmlarson
ghsa-cli collaborators GHSA-xxxx-xxxx-xxxx --team python/fuzzers
Moving a GHSA to a public GitHub issue
Prompts the user with a new GitHub issue templated with the same title and description as the current ticket. By default, closes the GHSA if the GHSA isn't already closed.
ghsa-cli move-to-issue GHSA-xxxx-xxxx-xxxx
You can skip closing the GHSA after the issue templating page is
opened by passing --no-close.
Listing open GHSAs where you are assigned 'Coordinator'
Useful for prioritizing which ticket you should work on next depending on their state, age, and whether a fix has been developed and reviewed.
ghsa-cli list --coordinator me
┏━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━┳━━━━━━━━┳━━━━━━┳━━━━━━┓
┃ id ┃ title ┃ state ┃ age ┃ cvss ┃
┡━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━╇━━━━━━━━╇━━━━━━╇━━━━━━┩
│ GHSA-xxxx-xxxx-xxxx │ ... │ triage │ 10d │ 6.5 │
│ GHSA-xxxx-xxxx-xxxx │ ... │ draft │ 16d │ 7.0 │
│ GHSA-xxxx-xxxx-xxxx │ ... │ draft │ 21d │ 2.0 │
└─────────────────────┴───────┴────────┴──────┴──────┘
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ghsa_cli-2026.4.6.tar.gz.
File metadata
- Download URL: ghsa_cli-2026.4.6.tar.gz
- Upload date:
- Size: 6.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
63391d38577cbc60fc4de22ffd5bb73cf0376bb7b781a277638d9ea45a831cb5
|
|
| MD5 |
0d73cd167981631e11ea7670458accae
|
|
| BLAKE2b-256 |
f7dc31e5498eb37a5752e01f917aeee0f86cc680bce1a3d2038f97ce396dd104
|
File details
Details for the file ghsa_cli-2026.4.6-py3-none-any.whl.
File metadata
- Download URL: ghsa_cli-2026.4.6-py3-none-any.whl
- Upload date:
- Size: 7.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a65c22899dbd601088fd2ced794c7c9b9f45e0e1fca84ca7e1dcb9234a5aedfb
|
|
| MD5 |
87d24e0d9ff73e268fdd53e86aa9d53d
|
|
| BLAKE2b-256 |
3fc44262d7510ca26641d5f534eb01260b1d4f5a111a1dfb743424521c2be8a8
|
