Lib.rs

Development tools
#security #github #scanning #sbom #alert #advisories #tool #ghas #code-ql

ghastoolkit

GitHub Advanced Security Toolkit in Rust

by GeekMasher

17 unstable releases (7 breaking)

Uses new Rust 2024

new 0.7.2 Apr 11, 2025
0.7.0 Mar 31, 2025
0.5.1 Aug 2, 2024
0.4.3 Jun 27, 2024
0.2.1 Mar 8, 2024

#330 in Development tools

Download history 1/week @ 2025-02-09 118/week @ 2025-03-23 141/week @ 2025-03-30 284/week @ 2025-04-06

543 downloads per month
Used in ghastoolkit-cli

MIT license

140KB
3K SLoC

GHASToolkit

This is the GitHub Advanced Security (GHAS) Toolkit in Rust. This toolkit is designed to help developers and security researchers to interact with the GitHub Advanced Security API.

✨ Features

  • [Core GHAS Library][code-core]
    • [Documentation][docs]
    • GitHub Cloud and Enterprise Server support
    • API Support
      • [Code Scanning][github-code-scanning]
      • 👷 [Secret Scanning][github-secret-scanning]
      • 👷 [Supply Chain][github-supplychain]
        • 👷 [Dependabot][github-dependabot] (Security Alerts)
        • 👷 [Dependency Graph][github-depgraph] (SCA / SBOMs)
        • 👷 [Security Advisories][github-advisories]
  • [CLI Tool][code-cli]

🚀 Usage

GitHub APIs

You can use the GitHub and Repository structs to interact with the GitHub API.

use ghastoolkit::{GitHub, Repository};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let github = GitHub::default();
    println!("GitHub :: {}", github);

    let repository = Repository::parse("geekmasher/ghastoolkit-rs@main")
        .expect("Failed to parse repository");
    println!("Repository :: {}", repository);

    Ok(())
}

CodeQL

You can use the CodeQL struct to interact with the CodeQL CLI.

use ghastoolkit::{CodeQL, CodeQLDatabase, CodeQLDatabases};
use ghastoolkit::{GitHub, Repository};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let codeql = CodeQL::new().await;
    println!("CodeQL :: {}", codeql);

    let languages = codeql.get_languages().await?;
    println!("Languages :: {:#?}", languages);

    // Get all CodeQL databases from the default path
    let databases = CodeQLDatabases::default();
    for database in databases {
        println!("Database :: {}", database);
    }

    // Create a new CodeQL database
    let database = CodeQLDatabase::init()
        .name("my-project")
        .language("javascript")
        .path("/path/to/code".to_string())
        .build()
        .expect("Failed to create CodeQL database");

    // Create the database using the CodeQL CLI
    codeql.database(&database)
        .create()
        .await?;

    // Run a CodeQL query
    codeql.database(&database)
        .analyze()
        .await?;


    // You can also download a CodeQL Database from GitHub
    let github = GitHub::default();
    let repo = Repository::parse("geekmasher/ghastoolkit-rs@main")
        .expect("Failed to parse repository");

    let databases = CodeQLDatabase::download("./".into(), &repo, &github).await?;
    println!("Databases :: {:#?}", databases);

    Ok(())
}

Dependencies

~29–43MB
~744K SLoC