⚠️ Do not use with untrusted user input. This script will execute shell commands in your environment. ⚠️

git-multi-exec is a tool to run a command in a local clone of a git repository.

By default it will run spectral scan --include-tags base,audit,iac against each repo.

The repositories are collected recursively from the top, based on available permissions.

pip install git+https://github.com/Cloud-Security-Architects/git-multi-exec

1. Configure credentials for your Git SaaS platforms as environment variables.

   BITBUCKET_USER=
   BITBUCKET_PAT=
   
   GITLAB_PAT=
   
   GITHUB_PAT=

2. Run git-multi-exec <platform> with platform being one of github, gitlab or bitbucket.

   By default it will run spectral scan --include-tags base,audit,iac

• repo
• read:org
• read:user

TODO

• read_api
• read_user
• read_repository

• Account
  • Read
• Workspace membership
  • Read
• Projects
  • Read
• Repositories
  • Read

How git-multi-exec handles each platform

Collects all organizations and descends into their repositories.

Collects all groups and descends into repositories. Subgroups are listed by the API as part of all groups.

Collects all workspaces and descends into projects and repositories.