Issue Templates
The security audit recipe uses GitHub issue templates to automatically create structured reports when vulnerabilities are found or when clean audits are completed.
Template Overview
The recipe includes two issue templates:
- Security Vulnerability Report - Created when vulnerabilities are detected
- Clean Security Audit Report - Created for weekly clean audit summaries
Security Vulnerability Template
This template is used when the workflow detects vulnerabilities in your dependencies.
.github/ISSUE_TEMPLATE/security-vulnerability-report.md
File: .github/ISSUE_TEMPLATE/security-vulnerability-report.md
---
name: Security Vulnerability Report
about: Automated security vulnerability report from pip-audit
title: "🚨 Security Audit: Vulnerabilities found in dependencies"
labels: ["security", "pip-audit", "vulnerability", "dependencies"]
assignees: []
---
## 🔍 Security Audit Summary
**Scan Date:** <!-- Date will be filled by workflow -->
**Repository:** <!-- Repository will be filled by workflow -->
**Branch:** <!-- Branch will be filled by workflow -->
**Commit:** <!-- Commit will be filled by workflow -->
**Vulnerabilities Found:** <!-- Count will be filled by workflow -->
**Affected Packages:** <!-- Count will be filled by workflow -->
## 🚨 Vulnerability Details
<!-- Vulnerability details will be filled by workflow -->
## 📋 Recommendations
1. Review each vulnerability listed above
2. Update affected packages to the recommended fix versions
3. Test the application after updates
4. Consider using `pip-audit --fix` for automatic updates (with caution)
## 🔧 Manual Fix Commands
```bash
# Review the vulnerabilities
pip-audit -r requirements.txt
# Attempt automatic fixes (use with caution)
pip-audit -r requirements.txt --fix
Clean Audit Template
This template is used for weekly reports when no vulnerabilities are found.
.github/ISSUE_TEMPLATE/clean-security-audit-report.md
File: .github/ISSUE_TEMPLATE/clean-security-audit-report.md
---
name: Clean Security Audit Report
about: Report for when no vulnerabilities are found
title: "✅ Security Audit: No vulnerabilities found"
labels: ["security", "pip-audit", "clean"]
assignees: []
---
## ✅ Clean Security Audit
No vulnerabilities were found in the dependency scan.
**Scan Date:** <!-- Date will be filled by workflow -->
**Repository:** <!-- Repository will be filled by workflow -->
**Dependencies Scanned:** <!-- Count will be filled by workflow -->
All dependencies appear to be secure based on the current vulnerability databases.
Installing Templates
Template Installation Options
Choose your preferred method to install the GitHub issue templates for automated security reporting in your repository.
The templates are automatically installed when you use the one-command setup:
Download the templates manually:
# Create directory
mkdir -p .github/ISSUE_TEMPLATE
# Download vulnerability report template
curl -o .github/ISSUE_TEMPLATE/security-vulnerability-report.md \
https://raw.githubusercontent.com/trivedi-vatsal/pysec-recipes/main/.github/ISSUE_TEMPLATE/security-vulnerability-report.md
# Download clean audit template
curl -o .github/ISSUE_TEMPLATE/clean-security-audit-report.md \
https://raw.githubusercontent.com/trivedi-vatsal/pysec-recipes/main/.github/ISSUE_TEMPLATE/clean-security-audit-report.md
Template Customization
Modifying Labels
You can customize the labels assigned to issues by editing the template frontmatter to better organize and categorize your security audit issues.
# Default labels
labels: ["security", "pip-audit", "vulnerability", "dependencies"]
# Custom labels example
labels: ["security", "critical", "audit", "dependencies", "team-security"]Adding Assignees
Automatically assign issues to team members to ensure proper ownership and accountability for security vulnerabilities.
# Assign to specific users
assignees: ["security-team-lead", "devops-engineer"]
# Assign to yourself
assignees: ["@me"]Custom Title Formats
Modify the issue title format to match your project's naming conventions and include relevant context information.
# Default vulnerability title
title: "🚨 Security Audit: Vulnerabilities found in dependencies"
# Custom title with date
title: "🚨 Security Alert [{{ date }}]: {{ vulnerability_count }} vulnerabilities found"
# Project-specific title
title: "[{{ project_name }}] Security Audit: Action Required"Template Variables
The workflow automatically fills these variables in the issue body:
| Variable | Description | Example |
|---|---|---|
{{ date }} | Scan timestamp | 2024-01-15 08:00:00 UTC |
{{ repository }} | Repository name | my-org/my-project |
{{ branch }} | Git branch | main |
{{ commit }} | Commit SHA | abc123def456 |
{{ vulnerability_count }} | Number of vulnerabilities | 3 |
{{ affected_packages }} | Number of affected packages | 2 |
Template Workflow Integration
When Templates Are Used
- Vulnerability Detection: Creates issue using vulnerability template
- Weekly Clean Reports: Creates issue using clean template (auto-closed)
- Issue Updates: Updates existing vulnerability issues with new scan results
- Issue Closure: Closes resolved vulnerability issues automatically
Template Processing Flow
graph TD
A[Security Audit Runs] --> B{Vulnerabilities Found?}
B -->|Yes| C[Use Vulnerability Template]
B -->|No| D[Use Clean Template]
C --> E[Create/Update Issue]
D --> F[Create Weekly Report]
F --> G[Auto-close Report]
E --> H[Issue Management]📚 Documentation Progress Checklist
Track your progress through the Python Security Audit Recipe documentation:
- 🏠 Home - Understanding the security challenge
- 📖 Getting Started - Quick overview and concepts
- ⚙️ Installation - Set up your environment
- 🔄 Workflow Details - Understand GitHub Actions mechanics
- 📋 Issue Templates - Master security notification management
- 🔧 Configuration - Customize for your project needs
- 📚 Examples - Real-world implementations
Next Up: Configuration
Ready to customize your security setup? Continue to Configuration to learn workflow customization, schedules, and advanced pip-audit options!