Add optional repository metadata columns (teams, topics, custom properties)

[Copilot]

This PR implements support for including extended repository metadata in CSV exports, addressing the feature request for adding repository teams, topics, and custom properties as additional columns.

Changes Made

New Environment Variable

• Added INCLUDE_REPO_METADATA environment variable (default: false)
• When set to true, enables fetching and including extended repository metadata
• Gated behind a flag to prevent performance impact for default users

API Enhancements

• Added get_repo_metadata() function to fetch repository teams, topics, and custom properties
• Added make_single_api_call() helper for non-paginated API requests
• Comprehensive error handling with warnings for failed metadata calls

CSV Column Extensions

Extended all CSV writing functions across all modules to include new columns when enabled:

New columns added:

• repo_teams: Comma-separated list of team names with repository access
• repo_topics: Comma-separated list of repository topics
• repo_custom_properties: JSON string of custom repository properties

Modules updated:

• code_scanning.py: All write functions (repo, org, enterprise server, enterprise cloud)
• secret_scanning.py: All write functions (repo, org, enterprise)
• dependabot.py: All write functions (repo, org/enterprise)

Documentation

• Updated README.md with new environment variable documentation
• Added usage examples showing how to enable the feature
• Included performance warnings about increased API usage

Usage Example

- name: CSV export with extended metadata
  uses: advanced-security/ghas-to-csv@v3
  env:
    GITHUB_PAT: ${{ secrets.PAT }}
    GITHUB_REPORT_SCOPE: "organization"
    SCOPE_NAME: "org-name-goes-here"
    INCLUDE_REPO_METADATA: "true"

Performance Considerations

⚠️ Warning: Enabling this feature will make additional API calls for each unique repository in the results:

• /repos/{owner}/{repo}/teams - for repository teams
• /repos/{owner}/{repo} - for topics (included in repository details)
• /repos/{owner}/{repo}/properties - for custom properties

This can significantly increase execution time and API usage when used at organization or enterprise scope, which is why it's gated behind an opt-in flag.

Backward Compatibility

• All existing functionality remains unchanged when the flag is disabled (default behavior)
• No breaking changes to existing CSV formats or function signatures
• Feature gracefully degrades if metadata cannot be fetched (empty values provided)

Fixes #61.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.