From 2fd920d5d28f6b7ccfb2759ba05d0cbec1216bb3 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 7 Aug 2024 15:30:06 +0300
Subject: [PATCH 01/10] Use Github Token

---
 .github/workflows/dependabot-alerts-to-slack.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index bbe35da..8aaf1c4 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -8,10 +8,12 @@ on:
 jobs:
   main:
     runs-on: ubuntu-latest
+    permissions:
+      security-events: read
     steps:
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases
       - uses: kunalnagarco/action-cve@v1.13.2
         with:
-          token: ${{ secrets.DEPENDABOT_TOKEN }}
+          token: ${{ secrets.GITHUB_TOKEN }}
           slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
           count: 10

From d365766f8e870bbbbab9ab3584788b9af2a202b1 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Fri, 9 Aug 2024 16:29:49 +0300
Subject: [PATCH 02/10] Use the app to get token

---
 .github/workflows/dependabot-alerts-to-slack.yml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 8aaf1c4..c39fd79 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -5,15 +5,21 @@ on:
     - cron: '0 8 * * *' # every day at 8 am
   workflow_dispatch: # to have the option to run this ad-hoc
 
+
 jobs:
   main:
     runs-on: ubuntu-latest
-    permissions:
-      security-events: read
     steps:
+      - name: Get Token
+        id: get_workflow_token
+        uses: peter-murray/workflow-application-token-action@v1
+        with:
+          application_id: ${{ secrets.DEPENDABOT_ACCESS_APP_ID   }}
+          application_private_key: ${{ secrets.DEPENDABOT_ACCESS_PRIVATE_KEY }}
+
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases
       - uses: kunalnagarco/action-cve@v1.13.2
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ steps.get_workflow_token.outputs.token }}
           slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
           count: 10

From a30d6bdc5d2b4fb4e5d9698c2e7b50c57e7f57d8 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:28:09 +0300
Subject: [PATCH 03/10] Update secrets to variables

---
 .github/workflows/dependabot-alerts-to-slack.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index c39fd79..11d7339 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -14,7 +14,7 @@ jobs:
         id: get_workflow_token
         uses: peter-murray/workflow-application-token-action@v1
         with:
-          application_id: ${{ secrets.DEPENDABOT_ACCESS_APP_ID   }}
+          application_id: ${{ variables.DEPENDABOT_ACCESS_APP_ID   }}
           application_private_key: ${{ secrets.DEPENDABOT_ACCESS_PRIVATE_KEY }}
 
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases

From 70abe87995461c6bee1c770d43b590e993b6ee33 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:30:27 +0300
Subject: [PATCH 04/10] Update code

---
 .github/workflows/dependabot-alerts-to-slack.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 11d7339..0a544e5 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -14,7 +14,7 @@ jobs:
         id: get_workflow_token
         uses: peter-murray/workflow-application-token-action@v1
         with:
-          application_id: ${{ variables.DEPENDABOT_ACCESS_APP_ID   }}
+          application_id: $DEPENDABOT_ACCESS_APP_ID
           application_private_key: ${{ secrets.DEPENDABOT_ACCESS_PRIVATE_KEY }}
 
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases

From 91151de52e501ea3c445c9ae333709d1b4526a56 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:35:58 +0300
Subject: [PATCH 05/10] Use official action

---
 .github/workflows/dependabot-alerts-to-slack.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 0a544e5..f86ba08 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -11,15 +11,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Token
-        id: get_workflow_token
-        uses: peter-murray/workflow-application-token-action@v1
+
+      - uses: actions/create-github-app-token@v1
+        id: app-token
         with:
-          application_id: $DEPENDABOT_ACCESS_APP_ID
-          application_private_key: ${{ secrets.DEPENDABOT_ACCESS_PRIVATE_KEY }}
+          app-id: ${{ vars.DEPENDABOT_ACCESS_APP_ID }}
+          private-key: ${{ secrets.DEPENDABOT_ACCESS_PRIVATE_KEY }}
 
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases
       - uses: kunalnagarco/action-cve@v1.13.2
         with:
           token: ${{ steps.get_workflow_token.outputs.token }}
+          token: ${{ steps.app-token.outputs.token }}
           slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
           count: 10

From 847b06ac76bddf85b05e2b9f43f117f7cd7dc109 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:36:38 +0300
Subject: [PATCH 06/10] Typo

---
 .github/workflows/dependabot-alerts-to-slack.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index f86ba08..1ac7928 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -21,7 +21,6 @@ jobs:
       # X.X.X - Latest version available at: https://github.com/kunalnagarco/action-cve/releases
       - uses: kunalnagarco/action-cve@v1.13.2
         with:
-          token: ${{ steps.get_workflow_token.outputs.token }}
           token: ${{ steps.app-token.outputs.token }}
           slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
           count: 10

From 924877f60a7c7c358affae063646561c43020034 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:36:58 +0300
Subject: [PATCH 07/10] Remove linebreak

---
 .github/workflows/dependabot-alerts-to-slack.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 1ac7928..53a7c6d 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -5,7 +5,6 @@ on:
     - cron: '0 8 * * *' # every day at 8 am
   workflow_dispatch: # to have the option to run this ad-hoc
 
-
 jobs:
   main:
     runs-on: ubuntu-latest

From f836e92b437ffae5eabbc0b19d306e781525e65a Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:38:42 +0300
Subject: [PATCH 08/10] Remove name

---
 .github/workflows/dependabot-alerts-to-slack.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 53a7c6d..2c5b49b 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -9,8 +9,6 @@ jobs:
   main:
     runs-on: ubuntu-latest
     steps:
-      - name: Get Token
-
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:

From 282679129c1a1aaa4a9fb0ca97b514ae64ab9dda Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Wed, 14 Aug 2024 18:51:26 +0300
Subject: [PATCH 09/10] Update time

---
 .github/workflows/dependabot-alerts-to-slack.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 2c5b49b..785674f 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -1,8 +1,8 @@
-name: 'Check for Dependabot alerts & send them to slack'
+name: 'Check for Dependabot alerts & send them to Slack'
 
 on:
   schedule:
-    - cron: '0 8 * * *' # every day at 8 am
+    - cron: '30 16 * * *' # every day at 9:30 am PST
   workflow_dispatch: # to have the option to run this ad-hoc
 
 jobs:

From c5b8169ef9d90b3406658e7a434bf5d2b6851fc1 Mon Sep 17 00:00:00 2001
From: Enes Kutay SEZEN <eneskutaysezen@gmail.com>
Date: Mon, 26 Aug 2024 17:05:27 +0300
Subject: [PATCH 10/10] Update Slack webhook

---
 .github/workflows/dependabot-alerts-to-slack.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/dependabot-alerts-to-slack.yml b/.github/workflows/dependabot-alerts-to-slack.yml
index 785674f..0bea296 100644
--- a/.github/workflows/dependabot-alerts-to-slack.yml
+++ b/.github/workflows/dependabot-alerts-to-slack.yml
@@ -19,5 +19,5 @@ jobs:
       - uses: kunalnagarco/action-cve@v1.13.2
         with:
           token: ${{ steps.app-token.outputs.token }}
-          slack_webhook: ${{ secrets.SLACK_WEBHOOK }}
+          slack_webhook: ${{ secrets.CUSTOMER_INTEGRATIONS_SLACK_WEBHOOK }}
           count: 10